In the current scheme of things, the call to ThreadStart() in the child
thread is not synchronized with the parent thread. So, if a pointer is passed to
pthread_create, there may be a window of time during which this pointer will not
be discoverable by LSan. I.e. the pthread_create interceptor has already
returneed and thus the pointer is no longer on the parent stack, but we don't
yet know the location of the child stack. This has caused bogus leak reports
(see http://llvm.org/bugs/show_bug.cgi?id=21621/).
This patch makes the pthread_create interceptor wait until the child thread is
properly registered before returning.
llvm-svn: 223419
At least check-asan works with this change.
If the change breaks anything, we'll need to add:
a) a comment describing why we have to use INTERCEPT_FUNCTION rather than
ASAN_INTERCEPT_FUNC
and
b) a test case.
llvm-svn: 216177
Reset coverage data on fork().
For memory-mapped mode (coverage_direct=1) this helps avoid loss of data
(before this change two processes would write to the same file simultaneously).
For normal mode, this reduces coverage dump size, because PCs from the parent
process are no longer inherited by the child.
llvm-svn: 210180
This way does not require a __sanitizer_cov_dump() call. That's
important on Android, where apps can be killed at arbitrary time.
We write raw PCs to disk instead of module offsets; we also write
memory layout to a separate file. This increases dump size by the
factor of 2 on 64-bit systems.
llvm-svn: 209653
This change is a part of refactoring intended to have common signal handling behavior in all tools.
This particular CL moves InstallSignalHandlers() into sanitizer_common (making it InstallDeadlySignalHandlers()), but doesn't enable default signal handlers for any tool other than ASan.
llvm-svn: 200542
This change adds ASAN_OPTIONS=start_deactivated=1 flag. When present, ASan will
start in "deactivated" mode, with no heap poisoning, no quarantine, no stack
trace gathering, and minimal redzones. All this features come back when
__asan_init is called for the constructor of an instrumented library.
The primary use case for this feature is Android. Code itself is not
Android-specific, and this patch includes a Linux test for it.
llvm-svn: 199377
Fixes http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58994, which hadn't
manifested in LLVM because libclang_rt.asan_osx_dynamic.dylib used to depend on
the Foundation framework.
Without that dependency some interceptors may be called from the system
libraries before libSystem_initializer() is called, which lead to assertion
failures in sanitizer_mac.cc (_NSGetEnviron() returns NULL).
To fix the problem we fall back to the original functions in the common
libsanitizer interceptors and the __cxa_atexit() interceptor on Darwin.
This patch also prints a better error message in the case _NSGetEnviron()
returns NULL.
llvm-svn: 194573
Due to bugs in the interposition of resolver functions on 10.7 and 10.8 both memcpy() and memmove()
were previously intercepted by INTERCEPTOR(memcpy), which led to false positives and crashes (see http://llvm.org/bugs/show_bug.cgi?id=16362)
We choose to use a memmove-like function in both cases. This effectively disables the overlap checks in memcpy(), but the overlaps
aren't possible in practice, because memcpy() and memmove() are the same function on Darwin.
Once the interposition is fixed in 10.9, we'll need to revisit this issue, see https://code.google.com/p/address-sanitizer/issues/detail?id=226
llvm-svn: 191081