Revert of Move ForkWithFlags from sandbox/ to base/ and plug it into LaunchProcess.

sandbox/linux/services/syscall_wrappers.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/services/syscall_wrappers.h"
 
 #include <pthread.h>
 #include <sched.h>
 #include <setjmp.h>
 #include <sys/resource.h>
@@ skipping 11 matching lines @@
 namespace sandbox {
 
 pid_t sys_getpid(void) {
   return syscall(__NR_getpid);
 }
 
 pid_t sys_gettid(void) {
   return syscall(__NR_gettid);
 }
 
-long sys_clone(unsigned long flags,
-               decltype(nullptr) child_stack,
-               pid_t* ptid,
-               pid_t* ctid,
-               decltype(nullptr) tls) {
+namespace {
+
+bool CloneArgumentsValid(unsigned long flags, pid_t* ptid, pid_t* ctid) {
   const bool clone_tls_used = flags & CLONE_SETTLS;
   const bool invalid_ctid =
       (flags & (CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID)) && !ctid;
   const bool invalid_ptid = (flags & CLONE_PARENT_SETTID) && !ptid;
 
   // We do not support CLONE_VM.
   const bool clone_vm_used = flags & CLONE_VM;
-  if (clone_tls_used || invalid_ctid || invalid_ptid || clone_vm_used) {
+
+  return !(clone_tls_used || invalid_ctid || invalid_ptid || clone_vm_used);
+}
+
+bool IsRunningOnValgrind() {
+  return RUNNING_ON_VALGRIND;
+}
+
+// This function runs on the stack specified on the clone call. It uses longjmp
+// to switch back to the original stack so the child can return from sys_clone.
+int CloneHelper(void* arg) {
+  jmp_buf* env_ptr = reinterpret_cast<jmp_buf*>(arg);
+  longjmp(*env_ptr, 1);
+
+  // Should not be reached.
+  RAW_CHECK(false);
+  return 1;
+}
+
+// This function is noinline to ensure that stack_buf is below the stack pointer
+// that is saved when setjmp is called below. This is needed because when
+// compiled with FORTIFY_SOURCE, glibc's longjmp checks that the stack is moved
+// upwards. See crbug.com/442912 for more details.
+#if defined(ADDRESS_SANITIZER)
+// Disable AddressSanitizer instrumentation for this function to make sure
+// |stack_buf| is allocated on thread stack instead of ASan's fake stack.
+// Under ASan longjmp() will attempt to clean up the area between the old and
+// new stack pointers and print a warning that may confuse the user.
+__attribute__((no_sanitize_address))
+#endif
+NOINLINE pid_t CloneAndLongjmpInChild(unsigned long flags,
+                                     pid_t* ptid,
+                                     pid_t* ctid,
+                                     jmp_buf* env) {
+  // We use the libc clone wrapper instead of making the syscall
+  // directly because making the syscall may fail to update the libc's
+  // internal pid cache. The libc interface unfortunately requires
+  // specifying a new stack, so we use setjmp/longjmp to emulate
+  // fork-like behavior.
+  char stack_buf[PTHREAD_STACK_MIN];
+#if defined(ARCH_CPU_X86_FAMILY) || defined(ARCH_CPU_ARM_FAMILY) || \
+    defined(ARCH_CPU_MIPS64_FAMILY) || defined(ARCH_CPU_MIPS_FAMILY)
+  // The stack grows downward.
+  void* stack = stack_buf + sizeof(stack_buf);
+#else
+#error "Unsupported architecture"
+#endif
+  return clone(&CloneHelper, stack, flags, env, ptid, nullptr, ctid);
+}
+
+}  // namespace
+
+long sys_clone(unsigned long flags,
+               decltype(nullptr) child_stack,
+               pid_t* ptid,
+               pid_t* ctid,
+               decltype(nullptr) tls) {
+
+  if (!CloneArgumentsValid(flags, ptid, ctid)) {
     RAW_LOG(FATAL, "Invalid usage of sys_clone");
   }
 
   // See kernel/fork.c in Linux. There is different ordering of sys_clone
   // parameters depending on CONFIG_CLONE_BACKWARDS* configuration options.
 #if defined(ARCH_CPU_X86_64)
   return syscall(__NR_clone, flags, child_stack, ptid, ctid, tls);
 #elif defined(ARCH_CPU_X86) || defined(ARCH_CPU_ARM_FAMILY) || \
     defined(ARCH_CPU_MIPS_FAMILY) || defined(ARCH_CPU_MIPS64_FAMILY)
   // CONFIG_CLONE_BACKWARDS defined.
   return syscall(__NR_clone, flags, child_stack, ptid, tls, ctid);
 #endif
 }
 
 long sys_clone(unsigned long flags) {
   return sys_clone(flags, nullptr, nullptr, nullptr, nullptr);
 }
 
+pid_t ForkWithFlags(unsigned long flags, pid_t* ptid, pid_t* ctid) {
+  if (!CloneArgumentsValid(flags, ptid, ctid)) {
+    RAW_LOG(FATAL, "Invalid usage of ForkWithFlags");
+  }
+
+  // Valgrind's clone implementation does not support specifiying a child_stack
+  // without CLONE_VM, so we cannot use libc's clone wrapper when running under
+  // Valgrind. As a result, the libc pid cache may be incorrect under Valgrind.
+  // See crbug.com/442817 for more details.
+  if (IsRunningOnValgrind()) {
+    return sys_clone(flags, nullptr, ptid, ctid, nullptr);
+  }
+
+  jmp_buf env;
+  if (setjmp(env) == 0) {
+    return CloneAndLongjmpInChild(flags, ptid, ctid, &env);
+  }
+
+  return 0;
+}
+
 void sys_exit_group(int status) {
   syscall(__NR_exit_group, status);
 }
 
 int sys_seccomp(unsigned int operation,
                 unsigned int flags,
                 const struct sock_fprog* args) {
   return syscall(__NR_seccomp, operation, flags, args);
 }
 
 int sys_prlimit64(pid_t pid,
                   int resource,
                   const struct rlimit64* new_limit,
                   struct rlimit64* old_limit) {
   return syscall(__NR_prlimit64, pid, resource, new_limit, old_limit);
 }
 
 }  // namespace sandbox