Commit Graph

13410 Commits

Author SHA1 Message Date
Kamil Rytarowski 00460ae520 [compiler-rt] [netbsd] Regenerate syscall hooks
Sync with NetBSD 9.99.72.
2020-09-10 20:16:39 +02:00
Kamil Rytarowski bba736e503 [compiler-rt] [netbsd] Update generate_netbsd_syscalls.awk
Sync with NetBSD 9.99.72.
2020-09-10 20:16:17 +02:00
Kamil Rytarowski b85c085c84 [compiler-rt] [netbsd] Improve code formatting
No functional change.
2020-09-10 19:38:57 +02:00
Kamil Rytarowski cb8cb28ed9 [compiler-rt] [netbsd] Add fallback definitions for MKISCSI=no
Add dev/iscsi/iscsi_ioctl.h fallback ioctl(2) operations.
2020-09-10 19:38:57 +02:00
Fangrui Song ab1de1fcfb [gcov] Delete flush_fn_list (unused since D83149) 2020-09-10 10:15:27 -07:00
Azharuddin Mohammed 626209cac0 Revert "[gcov] Delete flush_fn_list (unused since D83149)"
This reverts commit 01cdab0b33.

It was causing the instrprof-darwin-exports.c test to fail.
```
Undefined symbols for architecture x86_64:
  "_flush_fn_list", referenced from:
     -exported_symbol[s_list] command line option
```
2020-09-10 09:53:34 -07:00
Craig Topper f5ad9c2e0e [builtins] Write __divmoddi4/__divmodsi4 in terms __udivmod instead of __div and multiply.
Previously we calculating the remainder by multiplying the
quotient and divisor and subtracting from the dividend.

__udivmod can calculate the remainder while calculating the
quotient. We just need to correct the sign afterward.

Reviewed By: MaskRay

Differential Revision: https://reviews.llvm.org/D87433
2020-09-10 08:08:55 -07:00
Kamil Rytarowski f51e55e09e [compiler-rt] [netbsd] Reintroduce __sanitizer_protoent
Partial revert of https://reviews.llvm.org/D82424
2020-09-10 11:46:41 +02:00
Fangrui Song 01cdab0b33 [gcov] Delete flush_fn_list (unused since D83149) 2020-09-09 17:27:30 -07:00
Fangrui Song f559bf31ad [gcov] Delete unused llvm_gcda_increment_indirect_counter
It has been unused since r157564 (2012).
2020-09-09 16:58:03 -07:00
Vitaly Buka 91c28bbe74 [Asan] Return nullptr for invalid chunks
CHUNK_ALLOCATED. CHUNK_QUARANTINE are only states
which make AsanChunk useful for GetAsanChunk callers.
In either case member of AsanChunk are not useful.

Fix few cases which didn't expect nullptr. Most of the callers are already
expects nullptr.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D87135
2020-09-09 16:32:47 -07:00
Vitaly Buka b5bc56da8a [NFC][Asan] Fit ChunkHeader into redzone
In code as-is min redzone and ChunkHeader are 16 byte.
This patch just makes sure that redzone is calculated correctly if we
extend ChunkHeader.
2020-09-09 03:29:51 -07:00
Dokyung Song 1bb1eac6b1 [libFuzzer] Add a command-line option for tracing mutation of corpus inputs in the dot graph format.
This patch adds a new command-line option -mutation_graph_file=FILE for
debugging purposes, which traces how corpus inputs evolve during a fuzzing
run. For each new input that is added to the corpus, a new vertex corresponding
to the added input, as well as a new edge that connects its base input to itself
are written to the given file. Each vertex is labeled with the filename of the
input, and each edge is labeled with the mutation sequence that led to the input
w.r.t. its base input.

The format of the mutation graph file is the dot file format. Once prepended and
appended with "graph {" and "}", respectively, the graph becomes a valid dot
file and can be visualized.

Differential Revision: https://reviews.llvm.org/D86560
2020-09-09 03:28:53 +00:00
Fangrui Song b9d086693b [llvm-cov gcov] Compute unmeasured arc counts by Kirchhoff's circuit law
For a CFG G=(V,E), Knuth describes that by Kirchoff's circuit law, the minimum
number of counters necessary is |E|-(|V|-1). The emitted edges form a spanning
tree. libgcov emitted .gcda files leverages this optimization while clang
--coverage's doesn't.

Propagate counts by Kirchhoff's circuit law so that llvm-cov gcov can
correctly print line counts of gcc --coverage emitted files and enable
the future improvement of clang --coverage.
2020-09-08 18:45:11 -07:00
Vitaly Buka 27650a5fed [NFC][Asan] Remove Debug code
Used for https://github.com/google/sanitizers/issues/1193

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86933
2020-09-08 13:59:59 -07:00
Vitaly Buka c05095cd68 [Asan] Don't crash if metadata is not initialized
Fixes https://github.com/google/sanitizers/issues/1193.

AsanChunk can be uninitialized yet just after return from the secondary
allocator. If lsan starts scan just before metadata assignment it can
fail to find corresponding AsanChunk.

It should be safe to ignore this and let lsan to assume that
AsanChunk is in the beginning of the block. This block is from the
secondary allocator and created with mmap, so it should not contain
any pointers and will make lsan to miss some leaks.

Similar already happens for primary allocator. If it can't find real
AsanChunk it falls back and assume that block starts with AsanChunk.
Then if the block is already returned to allocator we have  garbage in
AsanChunk and may scan dead memory hiding some leaks.
I'll fix this in D87135.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86931
2020-09-08 13:58:34 -07:00
Fangrui Song 2d7fd38cf7 [sanitizers] Remove unneeded MaybeCall*DefaultOptions() and nullptr checks
D28596 added SANITIZER_INTERFACE_WEAK_DEF which can guarantee `*_default_options` are always defined.
The weak attributes on the `__{asan,lsan,msan,ubsan}_default_options` declarations can thus be removed.

`MaybeCall*DefaultOptions` no longer need nullptr checks, so their call sites can just be replaced by `__*_default_options`.

Reviewed By: #sanitizers, vitalybuka

Differential Revision: https://reviews.llvm.org/D87175
2020-09-08 10:12:05 -07:00
Raul Tambre 86bd8f82cc [CMake] Remove dead FindPythonInterp code
LLVM has bumped the minimum required CMake version to 3.13.4, so this has become dead code.

Reviewed By: #libc, ldionne

Differential Revision: https://reviews.llvm.org/D87189
2020-09-08 15:23:23 +03:00
Craig Topper 35f708a3c9 [builtins] Inline __paritysi2 into __paritydi2 and inline __paritydi2 into __parityti2.
No point in making __parityti2 go through 2 calls to get to
__paritysi2.

Reviewed By: MaskRay, efriedma

Differential Revision: https://reviews.llvm.org/D87218
2020-09-07 17:57:39 -07:00
Fangrui Song 5f5a0bb087 [asan][test] Use --image-base for Linux/asan_prelink_test.cpp if ld is LLD
LLD supports -Ttext but with the option there is still a PT_LOAD at address zero
and thus the Linux kernel will map it to a different address and the test will fail.

Use --image-base instead.
2020-09-07 14:45:21 -07:00
Fangrui Song ab68517e6b [asan_symbolize] Pass --demangle/--no-demangle instead of --demangle={True,False}
`--demangle={True,False}` were accepted but disallowed after llvm-symbolizer's switch to OptTable.
(`--demangle={true,false}` were temporarily supported but they are case sensitive.)
2020-09-06 14:44:37 -07:00
Brad Smith 8542dab909 [compiler-rt] Implement __clear_cache() on OpenBSD/arm 2020-09-06 15:54:24 -04:00
Vitaly Buka b11db3606c [Asan] Cleanup atomic usage in allocator
There are no know bugs related to this, still it may fix some latent ones.
Main concerns with preexisting code:
1. Inconsistent atomic/non-atomic access to the same field.
2. Assumption that bitfield chunk_state is always the first byte without
    even taking into account endianness.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86917
2020-09-06 00:14:33 -07:00
Vitaly Buka b2e27a86c1 Revert "[Asan] Cleanup atomic usage in allocator"
Crashes on PPC

This reverts commit eb87e1dbcf.
2020-09-05 23:41:25 -07:00
Vitaly Buka eb87e1dbcf [Asan] Cleanup atomic usage in allocator
There are no know bugs related to this, still it may fix some latent ones.
Main concerns with preexisting code:
1. Inconsistent atomic/non-atomic access to the same field.
2. Assumption that bitfield chunk_state is always the first byte without
    even taking into account endianness.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86917
2020-09-05 19:55:38 -07:00
Vitaly Buka 289c08e4bc [NFC][Asan] Fix clang-tidy warning 2020-09-05 19:09:59 -07:00
Vitaly Buka 9128f5c8a7 [NFC][Asan] Move free_tid from ChunkHeader
The goal to make chunk_state atomic, but we can't pack it with
free_tid on Windows.
2020-09-05 18:42:32 -07:00
Vitaly Buka d5d09d93ee [NFC][Asan] Reformat some allocator code 2020-09-05 15:56:02 -07:00
Vitaly Buka 398c44ba84 [NFC][Asan] Inline enum doc strings 2020-09-05 15:54:18 -07:00
Vitaly Buka 51597cc37a [NFC][Asan] Rename internal enum value.
New name better represents the state of chunk.
2020-09-05 15:53:52 -07:00
Vitaly Buka 298c9fae93 [NFC][compiler-rt] Refine .clang-tidy checks
Reviewed By: MaskRay

Differential Revision: https://reviews.llvm.org/D87182
2020-09-05 15:42:15 -07:00
Fangrui Song a5d6af421d [compiler-rt] Add .clang-tidy with customization to disable readability-identifier-naming
Copied from lldb/.clang-tidy (D75810).

Most compiler-rt code actually uses variableName or variable_name but not VariableName.
Lots of functions use `__function_name` and FunctionName instead of functionName.
Just exclude readability-identifier-naming.
2020-09-04 16:05:20 -07:00
Daniel Sanders 5e04b539c8 [compiler-rt] Try again to correct test after 3f1a9b7eca added segment names to objdump output
One check was missed on the previous attempt
2020-09-04 15:49:11 -07:00
Daniel Sanders 1eae19a87f [compiler-rt] Try to correct test after 3f1a9b7eca added segment names to objdump output 2020-09-04 12:24:46 -07:00
Hubert Tong dde16ef031 [tests][libFuzzer] Fix `-Wmissing-field-initializers` after D86092
Speculatively fix `-Werror,-Wmissing-field-initializers` failures
relating to the `ScalePerExecTime` field added by D86092.
2020-09-04 13:07:44 -04:00
Nico Weber fab60665eb sanitizer_common: Implement COMPILER_CHECK using static_assert
Since this is an internal header, we can just assume static_assert
exists.

If this doesn't upset any bots, I'll replace all uses of
COMPILER_CHECK in a follow-up.
2020-09-04 11:05:54 -04:00
Nico Weber dbf04aaade Revert "[Asan] Cleanup atomic usage in allocator"
This reverts commit 8b8be6f38a
and follow-ups 99a93c3a22,
a9c0bf0404,
48ac5b4833.

It breaks building on Windows, see https://reviews.llvm.org/D86917#2255872
2020-09-04 10:51:08 -04:00
Vitaly Buka 4770f80a7c [NFC][Asan] Fix typo in comment 2020-09-04 02:04:25 -07:00
Vitaly Buka 48ac5b4833 [NFC][Asan] Reformat some allocator code 2020-09-04 01:22:21 -07:00
Vitaly Buka a9c0bf0404 [NFC][Asan] Inline enum doc strings 2020-09-04 00:18:59 -07:00
Vitaly Buka 99a93c3a22 [NFC][Asan] Rename internal enum value.
New name better represents the state of chunk.
2020-09-03 18:54:52 -07:00
Vitaly Buka a803ddc522 [NFC][Asan] Add FIXME into GetAsanChunk 2020-09-03 18:50:09 -07:00
Vitaly Buka 2b71b7f791 [NFC][Asan] Set AP32::kMetadataSize to 0
Asan does not use metadata with primary allocators.
It should match AP64::kMetadataSize whic is 0.

Depends on D86917.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86919
2020-09-03 14:23:51 -07:00
Vitaly Buka 8b8be6f38a [Asan] Cleanup atomic usage in allocator
There are no know bugs related to this, still it may fix some latent ones.
Main concerns with preexisting code:
1. Inconsistent atomic/non-atomic access to the same field.
2. Assumption that bitfield chunk_state is always the first byte without
    even taking into account endianness.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86917
2020-09-03 14:22:10 -07:00
Dokyung Song 5cda4dc7b4 [libFuzzer] Scale energy assigned to each input based on input execution time.
This patch scales the energy computed by the Entropic schedule based on the
execution time of each input. The input execution time is compared with the
average execution time of inputs in the corpus, and, based on the amount by
which they differ, the energy is scaled from 0.1x (for inputs executing slow) to
3x (for inputs executing fast). Note that the exact scaling criteria and formula
is borrowed from AFL.

On FuzzBench, this gives a sizeable throughput increase, which in turn leads to
more coverage on several benchmarks. For details, see the following report.

https://storage.googleapis.com/fuzzer-test-suite-public/exectime-report/index.html

Differential Revision: https://reviews.llvm.org/D86092
2020-09-03 20:38:20 +00:00
Dokyung Song b53243e194 [libFuzzer] Evenly select inputs to cross over with from the corpus regardless of the input's coverage.
This patch adds an option "cross_over_uniform_dist", which, if 1, considers all
inputs in the corpus for the crossover input selection. More specifically, this
patch uses a uniform distribution of all inputs in the corpus for the CrossOver
input selection. Note that input selection for mutation is still fully
determined by the scheduling policy (i.e., vanilla or Entropic); the uniform
distribution only applies to the secondary input selection, only for the
crossover mutation of the base input chosen by the scheduling policy. This way
the corpus inputs that have useful fragments in them, even though they are
deprioritized by the scheduling policy, have chances of getting mixed with other
inputs that are prioritized and selected as base input for mutation.

Differential Revision: https://reviews.llvm.org/D86954
2020-09-03 19:47:00 +00:00
Dokyung Song 62673c430d [libFuzzer] Add an option to keep initial seed inputs around.
This patch adds an option "keep_seed" to keep all initial seed inputs in the
corpus. Previously, only the initial seed inputs that find new coverage were
added to the corpus, and all the other initial inputs were discarded. We
observed in some circumstances that useful initial seed inputs are discarded as
they find no new coverage, even though they contain useful fragments in them
(e.g., SQLITE3 FuzzBench benchmark). This newly added option provides a way to
keeping seed inputs in the corpus for those circumstances. With this patch, and
with -keep_seed=1, all initial seed inputs are kept in the corpus regardless of
whether they find new coverage or not. Further, these seed inputs are not
replaced with smaller inputs even if -reduce_inputs=1.

Differential Revision: https://reviews.llvm.org/D86577
2020-09-03 15:54:39 +00:00
Matt Morehouse 711b980654 [fuzzer] Create user provided fuzzer writeable directories when requested if they dont exist
Currently, libFuzzer will exit with an error message if a non-existent
directory is provided for any of the appropriate arguments. For cases
where libFuzzer is used in a specialized embedded environment, it would
be much easier to have libFuzzer create the directories for the user.

This patch accommodates for this scenario by allowing the user to provide
the argument `-create_missing_dirs=1` which makes libFuzzer attempt to
create the `artifact_prefix`, `exact_artifact_path`,
`features_dir` and/or corpus directory if they don't already exist rather
than throw an error and exit.

Split off from D84808 as requested [here](https://reviews.llvm.org/D84808#2208546).

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86733
2020-09-03 08:31:59 -07:00
Jinsong Ji 0cefaec2e8 [compiler-rt] Don't build llvm-lit in RUNTIMES-BUILD
With runtimes-build, we lost map config for llvm-lit, so we can NOT run
lit from source dir anymore.
All the subdir target like: ninja check-llvm-codegen-powerpc will fail
too.

We will get some cfg error like:
  File "../lvm-project/llvm/test/lit.cfg.py", line 21, in <module>
    config.test_format = lit.formats.ShTest(not llvm_config.use_lit_shell)
AttributeError: 'NoneType' object has no attribute 'use_lit_shell'

This is reset of map config in llvm-lit rebuild.
We already have llvm-lit in runtimes-build, so don't build it.

Reviewed By: phosek

Differential Revision: https://reviews.llvm.org/D87002
2020-09-03 01:08:16 +00:00
Fangrui Song 2324482383 [asan_symbolize] Remove --use-symbol-table=true which is the default 2020-09-02 17:34:35 -07:00
Kostya Kortchinsky 00d9907a7a [scudo][standalone] Enable secondary cache release on Fuchsia
I had left this as a TODO, but it turns out it wasn't complicated.
By specifying `MAP_RESIZABLE`, it allows us to keep the VMO which we
can then use for release purposes.
`releasePagesToOS` also had to be called the "proper" way, as Fuchsia
requires the `Offset` field to be correct. This has no impact on
non-Fuchsia platforms.

Differential Revision: https://reviews.llvm.org/D86800
2020-09-02 14:28:17 -07:00
Ahsan Saghir a27398a815 [PowerPC] Update MemorySanitizer test to cater for number of CPUs > 1024
MemorySanitizer test fails on systems with more than 1024 CPUs.
This patch updates the test to make it work for machines that
have more than 1024 CPUs. This helps to fix errors on the PowerPC
sanitizer bot.

Reviewed By: #powerpc, nemanjai

Differential Revision: https://reviews.llvm.org/D87053
2020-09-02 15:29:13 -05:00
Fangrui Song 1cfde143e8 [GCDAProfiling] Suppress -Wprio-ctor-dtor for GCC>=9 and remove unused write_string/length_of_string
The `__attribute__((destructor(100)))` diagnostic does not have a
warning option in GCC 8 (before r264853) and thus cannot be suppressed.
2020-09-02 12:22:23 -07:00
Julian Lettner 4cefa8614f [TSan][libdispatch] Fix compilation error on Linux
The interceptor for the block variants of the API references the
function versions (via `REAL(name##_f)`).  On Linux, this accesses the
underlying "real pointer", defined by the interceptor macro.  So we need
to declare interceptors in the right order to avoid undefined symbol
compiler error:
```
error: no member named 'real_dispatch_async_and_wait_f' in namespace '__tsan::__interception'
```

rdar://68181542
2020-09-02 11:20:47 -07:00
Matt Morehouse 49dda4e58a [libFuzzer] Break dependency on common_interface_defs.h
Some libFuzzer users build using the build.sh script, without access to
the <sanitizer/common_interface_defs.h> include.

Update https://github.com/rust-fuzz/libfuzzer/issues/65.

Reviewed By: dokyungs

Differential Revision: https://reviews.llvm.org/D86981
2020-09-01 15:35:14 -07:00
Anatoly Trosinenko 553833958f [builtins] Fix divtf3_test.c
Fixes 93eed63d2f [builtins] Make __div[sdt]f3 handle denormal results.
2020-09-02 00:19:00 +03:00
Matt Morehouse 7139736261 Revert "[libfuzzer] Reduce default verbosity when printing large mutation sequences"
This reverts commit 2665425908 due to
buildbot failure.
2020-09-01 12:49:41 -07:00
Matt Morehouse 10670bdf54 Revert "[fuzzer] Create user provided fuzzer writeable directories when requested if they dont exist"
This reverts commit cb8912799d, since the
test fails on Windows.
2020-09-01 12:05:46 -07:00
Anatoly Trosinenko 93eed63d2f [builtins] Make __div[sdt]f3 handle denormal results
This patch introduces denormal result support to soft-float division
implementation unified by D85031.

Reviewed By: sepavloff

Differential Revision: https://reviews.llvm.org/D85032
2020-09-01 21:52:34 +03:00
Matt Morehouse cb8912799d [fuzzer] Create user provided fuzzer writeable directories when requested if they dont exist
Currently, libFuzzer will exit with an error message if a non-existent
directory is provided for any of the appropriate arguments. For cases
where libFuzzer is used in a specialized embedded environment, it would
be much easier to have libFuzzer create the directories for the user.

This patch accommodates for this scenario by allowing the user to provide
the argument `-create_missing_dirs=1` which makes libFuzzer attempt to
create the `artifact_prefix`, `exact_artifact_path`,
`features_dir` and/or corpus directory if they don't already exist rather
than throw an error and exit.

Split off from D84808 as requested [here](https://reviews.llvm.org/D84808#2208546).

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86733
2020-09-01 11:50:47 -07:00
mhl 2665425908 [libfuzzer] Reduce default verbosity when printing large mutation sequences
When using a custom mutator (e.g. thrift mutator, similar to LPM)
that calls back into libfuzzer's mutations via `LLVMFuzzerMutate`, the mutation
sequences needed to achieve new coverage can get prohibitively large.

Printing these large sequences has two downsides:

1) It makes the logs hard to understand for a human.
2) The performance cost slows down fuzzing.

In this patch I change the `PrintMutationSequence` function to take a max
number of entries, to achieve this goal. I also update `PrintStatusForNewUnit`
to default to printing only 10 entries, in the default verbosity level (1),
requiring the user to set verbosity to 2 if they want the full mutation
sequence.

For our use case, turning off verbosity is not an option, as that would also
disable `PrintStats()` which is very useful for infrastructure that analyzes
the logs in realtime. I imagine most users of libfuzzer always want those logs
in the default.

I built a fuzzer locally with this patch applied to libfuzzer.

When running with the default verbosity, I see logs like this:

    #65 NEW    cov: 4799 ft: 10443 corp: 41/1447Kb lim: 64000 exec/s: 1 rss: 575Mb L: 28658/62542 MS: 196 Custom-CrossOver-ChangeBit-EraseBytes-ChangeBit-ChangeBit-ChangeBit-CrossOver-ChangeBit-CrossOver- DE: "\xff\xff\xff\x0e"-"\xfe\xff\xff\x7f"-"\xfe\xff\xff\x7f"-"\x17\x00\x00\x00\x00\x00\x00\x00"-"\x00\x00\x00\xf9"-"\xff\xff\xff\xff"-"\xfa\xff\xff\xff"-"\xf7\xff\xff\xff"-"@\xff\xff\xff\xff\xff\xff\xff"-"E\x00"-
    #67 NEW    cov: 4810 ft: 10462 corp: 42/1486Kb lim: 64000 exec/s: 1 rss: 577Mb L: 39823/62542 MS: 135 Custom-CopyPart-ShuffleBytes-ShuffleBytes-ChangeBit-ChangeBinInt-EraseBytes-ChangeBit-ChangeBinInt-ChangeBit- DE: "\x01\x00\x00\x00\x00\x00\x01\xf1"-"\x00\x00\x00\x07"-"\x00\x0d"-"\xfd\xff\xff\xff"-"\xfe\xff\xff\xf4"-"\xe3\xff\xff\xff"-"\xff\xff\xff\xf1"-"\xea\xff\xff\xff"-"\x00\x00\x00\xfd"-"\x01\x00\x00\x05"-

Staring hard at the logs it's clear that the cap of 10 is applied.

When running with verbosity level 2, the logs look like the below:

    #66    NEW    cov: 4700 ft: 10188 corp: 37/1186Kb lim: 64000 exec/s: 2 rss: 509Mb L: 47616/61231 MS: 520 Custom-CopyPart-ChangeBinInt-ChangeBit-ChangeByte-EraseBytes-PersAutoDict-CopyPart-ShuffleBytes-ChangeBit-ShuffleBytes-CopyPart-EraseBytes-CopyPart-ChangeBinInt-CopyPart-ChangeByte-ShuffleBytes-ChangeBinInt-ShuffleBytes-ChangeBit-CMP-ShuffleBytes-ChangeBit-CrossOver-ChangeBinInt-ChangeByte-ShuffleBytes-CrossOver-EraseBytes-ChangeBinInt-InsertRepeatedBytes-PersAutoDict-InsertRepeatedBytes-InsertRepeatedBytes-CrossOver-ChangeByte-ShuffleBytes-CopyPart-ShuffleBytes-CopyPart-CrossOver-ChangeBit-ShuffleBytes-CrossOver-PersAutoDict-ChangeByte-ChangeBit-ShuffleBytes-CrossOver-ChangeByte-EraseBytes-CopyPart-ChangeBinInt-PersAutoDict-CrossOver-ShuffleBytes-CrossOver-CrossOver-EraseBytes-CrossOver-EraseBytes-CrossOver-ChangeBit-ChangeBinInt-ChangeByte-EraseBytes-ShuffleBytes-ShuffleBytes-ChangeBit-EraseBytes-ChangeBinInt-ChangeBit-ChangeBinInt-CopyPart-EraseBytes-PersAutoDict-EraseBytes-CopyPart-ChangeBinInt-ChangeByte-CrossOver-ChangeBinInt-ShuffleBytes-PersAutoDict-PersAutoDict-ChangeBinInt-CopyPart-ChangeBinInt-CrossOver-ChangeBit-ChangeBinInt-CopyPart-ChangeByte-ChangeBit-CopyPart-CrossOver-ChangeByte-ChangeBit-ChangeByte-ShuffleBytes-CMP-ChangeBit-CopyPart-ChangeBit-ChangeByte-ChangeBinInt-PersAutoDict-ChangeBinInt-CrossOver-ChangeBinInt-ChangeBit-ChangeBinInt-ChangeBinInt-PersAutoDict-ChangeBinInt-ChangeBinInt-ChangeByte-CopyPart-ShuffleBytes-ChangeByte-ChangeBit-ChangeByte-ChangeByte-EraseBytes-CrossOver-ChangeByte-ChangeByte-EraseBytes-EraseBytes-InsertRepeatedBytes-ShuffleBytes-CopyPart-CopyPart-ChangeBit-ShuffleBytes-PersAutoDict-ShuffleBytes-ChangeBit-ChangeByte-ChangeBit-ShuffleBytes-ChangeByte-ChangeBinInt-CrossOver-ChangeBinInt-ChangeBit-EraseBytes-CopyPart-ChangeByte-CrossOver-EraseBytes-CrossOver-ChangeByte-ShuffleBytes-ChangeByte-ChangeBinInt-CrossOver-ChangeByte-InsertRepeatedBytes-InsertByte-ShuffleBytes-PersAutoDict-ChangeBit-ChangeByte-ChangeBit-ShuffleBytes-ShuffleBytes-CopyPart-ShuffleBytes-EraseBytes-ShuffleBytes-ShuffleBytes-CrossOver-ChangeBinInt-CopyPart-CopyPart-CopyPart-EraseBytes-EraseBytes-ChangeByte-ChangeBinInt-ShuffleBytes-CMP-InsertByte-EraseBytes-ShuffleBytes-CopyPart-ChangeBit-CrossOver-CopyPart-CopyPart-ShuffleBytes-ChangeByte-ChangeByte-ChangeBinInt-EraseBytes-ChangeByte-ChangeBinInt-ChangeBit-ChangeBit-ChangeByte-ShuffleBytes-PersAutoDict-PersAutoDict-CMP-ChangeBit-ShuffleBytes-PersAutoDict-ChangeBinInt-EraseBytes-EraseBytes-ShuffleBytes-ChangeByte-ShuffleBytes-ChangeBit-EraseBytes-CMP-ShuffleBytes-ChangeByte-ChangeBinInt-EraseBytes-ChangeBinInt-ChangeByte-EraseBytes-ChangeByte-CrossOver-ShuffleBytes-EraseBytes-EraseBytes-ShuffleBytes-ChangeBit-EraseBytes-CopyPart-ShuffleBytes-ShuffleBytes-CrossOver-CopyPart-ChangeBinInt-ShuffleBytes-CrossOver-InsertByte-InsertByte-ChangeBinInt-ChangeBinInt-CopyPart-EraseBytes-ShuffleBytes-ChangeBit-ChangeBit-EraseBytes-ChangeByte-ChangeByte-ChangeBinInt-CrossOver-ChangeBinInt-ChangeBinInt-ShuffleBytes-ShuffleBytes-ChangeByte-ChangeByte-ChangeBinInt-ShuffleBytes-CrossOver-EraseBytes-CopyPart-CopyPart-CopyPart-ChangeBit-ShuffleBytes-ChangeByte-EraseBytes-ChangeByte-InsertRepeatedBytes-InsertByte-InsertRepeatedBytes-PersAutoDict-EraseBytes-ShuffleBytes-ChangeByte-ShuffleBytes-ChangeBinInt-ShuffleBytes-ChangeBinInt-ChangeBit-CrossOver-CrossOver-ShuffleBytes-CrossOver-CopyPart-CrossOver-CrossOver-CopyPart-ChangeByte-ChangeByte-CrossOver-ChangeBit-ChangeBinInt-EraseBytes-ShuffleBytes-EraseBytes-CMP-PersAutoDict-PersAutoDict-InsertByte-ChangeBit-ChangeByte-CopyPart-CrossOver-ChangeByte-ChangeBit-ChangeByte-CopyPart-ChangeBinInt-EraseBytes-CrossOver-ChangeBit-CrossOver-PersAutoDict-CrossOver-ChangeByte-CrossOver-ChangeByte-ChangeByte-CrossOver-ShuffleBytes-CopyPart-CopyPart-ShuffleBytes-ChangeByte-ChangeByte-ChangeBinInt-ChangeBinInt-ChangeBinInt-ChangeBinInt-ShuffleBytes-CrossOver-ChangeBinInt-ShuffleBytes-ChangeBit-PersAutoDict-ChangeBinInt-ShuffleBytes-ChangeBinInt-ChangeByte-CrossOver-ChangeBit-CopyPart-ChangeBit-ChangeBit-CopyPart-ChangeByte-PersAutoDict-ChangeBit-ShuffleBytes-ChangeByte-ChangeBit-CrossOver-ChangeByte-CrossOver-ChangeByte-CrossOver-ChangeBit-ChangeByte-ChangeBinInt-PersAutoDict-CopyPart-ChangeBinInt-ChangeBit-CrossOver-ChangeBit-PersAutoDict-ShuffleBytes-EraseBytes-CrossOver-ChangeByte-ChangeBinInt-ShuffleBytes-ChangeBinInt-InsertRepeatedBytes-PersAutoDict-CrossOver-ChangeByte-Custom-PersAutoDict-CopyPart-CopyPart-ChangeBinInt-ShuffleBytes-ChangeBinInt-ChangeBit-ShuffleBytes-CrossOver-CMP-ChangeByte-CopyPart-ShuffleBytes-CopyPart-CopyPart-CrossOver-CrossOver-CrossOver-ShuffleBytes-ChangeByte-ChangeBinInt-ChangeBit-ChangeBit-ChangeBit-ChangeByte-EraseBytes-ChangeByte-ChangeBit-ChangeByte-ChangeByte-CopyPart-PersAutoDict-ChangeBinInt-PersAutoDict-PersAutoDict-PersAutoDict-CopyPart-CopyPart-CrossOver-ChangeByte-ChangeBinInt-ShuffleBytes-ChangeBit-CopyPart-EraseBytes-CopyPart-CopyPart-CrossOver-ChangeByte-EraseBytes-ShuffleBytes-ChangeByte-CopyPart-EraseBytes-CopyPart-CrossOver-ChangeBinInt-ChangeBinInt-InsertByte-ChangeBinInt-ChangeBit-ChangeByte-CopyPart-ChangeByte-EraseBytes-ChangeByte-ChangeBit-ChangeByte-ShuffleBytes-CopyPart-ChangeBinInt-EraseBytes-CrossOver-ChangeBit-ChangeBit-CrossOver-EraseBytes-ChangeBinInt-CopyPart-CopyPart-ChangeBinInt-ChangeBit-EraseBytes-InsertRepeatedBytes-EraseBytes-ChangeBit-CrossOver-CrossOver-EraseBytes-EraseBytes-ChangeByte-CopyPart-CopyPart-ShuffleBytes-ChangeByte-ChangeBit-ChangeByte-EraseBytes-ChangeBit-ChangeByte-ChangeByte-CrossOver-CopyPart-EraseBytes-ChangeByte-EraseBytes-ChangeByte-ShuffleBytes-ShuffleBytes-ChangeByte-CopyPart-ChangeByte-ChangeByte-ChangeBit-CopyPart-ChangeBit-ChangeBinInt-CopyPart-ShuffleBytes-ChangeBit-ChangeBinInt-ChangeBit-EraseBytes-CMP-CrossOver-CopyPart-ChangeBinInt-CrossOver-CrossOver-CopyPart-CrossOver-CrossOver-InsertByte-InsertByte-CopyPart-Custom- DE: "warn"-"\x00\x00\x00\x80"-"\xfe\xff\xff\xfb"-"\xff\xff"-"\x10\x00\x00\x00"-"\xfe\xff\xff\xff"-"\xff\xff\xff\xf6"-"U\x01\x00\x00\x00\x00\x00\x00"-"\xd9\xff\xff\xff"-"\xfe\xff\xff\xea"-"\xf0\xff\xff\xff"-"\xfc\xff\xff\xff"-"warn"-"\xff\xff\xff\xff"-"\xfe\xff\xff\xfb"-"\x00\x00\x00\x80"-"\xfe\xff\xff\xf1"-"\xfe\xff\xff\xea"-"\x00\x00\x00\x00\x00\x00\x012"-"\xe2\x00"-"\xfb\xff\xff\xff"-"\x00\x00\x00\x00"-"\xe9\xff\xff\xff"-"\xff\xff"-"\x00\x00\x00\x80"-"\x01\x00\x04\xc9"-"\xf0\xff\xff\xff"-"\xf9\xff\xff\xff"-"\xff\xff\xff\xff\xff\xff\xff\x12"-"\xe2\x00"-"\xfe\xff\xff\xff"-"\xfe\xff\xff\xea"-"\xff\xff\xff\xff"-"\xf4\xff\xff\xff"-"\xe9\xff\xff\xff"-"\xf1\xff\xff\xff"-
    #48    NEW    cov: 4502 ft: 9151 corp: 27/750Kb lim: 64000 exec/s: 2 rss: 458Mb L: 50772/50772 MS: 259 ChangeByte-ShuffleBytes-ChangeBinInt-ChangeByte-ChangeByte-ChangeByte-ChangeByte-ChangeBit-CopyPart-CrossOver-CopyPart-ChangeByte-CrossOver-CopyPart-ChangeBit-ChangeByte-EraseBytes-ChangeByte-CopyPart-CopyPart-CopyPart-ChangeBit-EraseBytes-ChangeBinInt-CrossOver-CopyPart-CrossOver-CopyPart-ChangeBit-ChangeByte-ChangeBit-InsertByte-CrossOver-InsertRepeatedBytes-InsertRepeatedBytes-InsertRepeatedBytes-ChangeBinInt-EraseBytes-InsertRepeatedBytes-InsertByte-ChangeBit-ShuffleBytes-ChangeBit-ChangeBit-CopyPart-ChangeBit-ChangeByte-CrossOver-ChangeBinInt-ChangeByte-CrossOver-CMP-ChangeByte-CrossOver-ChangeByte-ShuffleBytes-ShuffleBytes-ChangeByte-ChangeBinInt-CopyPart-EraseBytes-CrossOver-ChangeBit-ChangeBinInt-InsertByte-ChangeBit-CopyPart-ChangeBinInt-ChangeByte-CrossOver-ChangeBit-EraseBytes-CopyPart-ChangeBinInt-ChangeBit-ChangeBit-ChangeByte-CopyPart-ChangeBinInt-CrossOver-PersAutoDict-ChangeByte-ChangeBit-ChangeByte-ChangeBinInt-ChangeBinInt-EraseBytes-CopyPart-CopyPart-ChangeByte-ChangeByte-EraseBytes-PersAutoDict-CopyPart-ChangeByte-ChangeByte-EraseBytes-CrossOver-CopyPart-CopyPart-CopyPart-ChangeByte-ChangeBit-CMP-CopyPart-ChangeBinInt-ChangeBinInt-CrossOver-ChangeBit-ChangeBit-EraseBytes-ChangeByte-ShuffleBytes-ChangeBit-ChangeBinInt-CMP-InsertRepeatedBytes-CopyPart-Custom-ChangeByte-CrossOver-EraseBytes-ChangeBit-CopyPart-CrossOver-CMP-ShuffleBytes-EraseBytes-CrossOver-PersAutoDict-ChangeByte-CrossOver-CopyPart-CrossOver-CrossOver-ShuffleBytes-ChangeBinInt-CrossOver-ChangeBinInt-ShuffleBytes-PersAutoDict-ChangeByte-EraseBytes-ChangeBit-CrossOver-EraseBytes-CrossOver-ChangeBit-ChangeBinInt-EraseBytes-InsertByte-InsertRepeatedBytes-InsertByte-InsertByte-ChangeByte-ChangeBinInt-ChangeBit-CrossOver-ChangeByte-CrossOver-EraseBytes-ChangeByte-ShuffleBytes-ChangeBit-ChangeBit-ShuffleBytes-CopyPart-ChangeByte-PersAutoDict-ChangeBit-ChangeByte-InsertRepeatedBytes-CMP-CrossOver-ChangeByte-EraseBytes-ShuffleBytes-CrossOver-ShuffleBytes-ChangeBinInt-ChangeBinInt-CopyPart-PersAutoDict-ShuffleBytes-ChangeBit-CopyPart-ShuffleBytes-CopyPart-EraseBytes-ChangeByte-ChangeBit-ChangeBit-ChangeBinInt-ChangeByte-CopyPart-EraseBytes-ChangeBinInt-EraseBytes-EraseBytes-PersAutoDict-CMP-PersAutoDict-CrossOver-CrossOver-ChangeBit-CrossOver-PersAutoDict-CrossOver-CopyPart-ChangeByte-EraseBytes-ChangeByte-ShuffleBytes-ChangeByte-ChangeByte-CrossOver-ChangeBit-EraseBytes-ChangeByte-EraseBytes-ChangeBinInt-CrossOver-CrossOver-EraseBytes-ChangeBinInt-CrossOver-ChangeBit-ShuffleBytes-ChangeBit-ChangeByte-EraseBytes-ChangeBit-CrossOver-CrossOver-CrossOver-ChangeByte-ChangeBit-ShuffleBytes-ChangeBit-ChangeBit-EraseBytes-CrossOver-CrossOver-CopyPart-ShuffleBytes-ChangeByte-ChangeByte-CopyPart-CrossOver-CopyPart-CrossOver-CrossOver-EraseBytes-EraseBytes-ShuffleBytes-InsertRepeatedBytes-ChangeBit-CopyPart-Custom- DE: "\xfe\xff\xff\xfc"-"\x00\x00\x00\x00"-"F\x00"-"\xf3\xff\xff\xff"-"St9exception"-"_\x00\x00\x00"-"\xf6\xff\xff\xff"-"\xfe\xff\xff\xff"-"\x00\x00\x00\x00"-"p\x02\x00\x00\x00\x00\x00\x00"-"\xfe\xff\xff\xfb"-"\xff\xff"-"\xff\xff\xff\xff"-"\x01\x00\x00\x07"-"\xfe\xff\xff\xfe"-

These are prohibitively large and of limited value in the default case (when
someone is running the fuzzer, not debugging it), in my opinion.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86658
2020-09-01 11:14:36 -07:00
Alex Richardson 7be8682921 [tsan] Fix "failed to intercept sysctlnametomib" on FreeBSD
The sysctlnametomib function is called from __tsan::Initialize via
__sanitizer::internal_sysctlbyname (see stack trace below). This results
in a fatal error since sysctlnametomib has not been intercepted yet.
This patch allows internal_sysctlbyname to be called before
__tsan::Initialize() has completed. On FreeBSD >= 1300045 sysctlbyname()
is a real syscall, but for older versions it calls sysctlnametomib()
followed by sysctl(). To avoid calling the intercepted version, look up
the real sysctlnametomib() followed by internal_sysctl() if the
syscall is not available.

This reduces check-sanitizer failures from 62 to 11 for me.

==34433==FATAL: ThreadSanitizer: failed to intercept sysctlnametomib
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_termination.cpp:51
    name=0x7fffffffce10, namelenp=0x7fffffffce08)
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:7908
    oldp=0x7fffffffcf2c, oldlenp=0x7fffffffcf20, newp=0x0, newlen=0)
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp:803
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp:2152
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/rtl/tsan_rtl.cpp:367
    fname=0x21c731 "readlink", pc=34366042556)
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_posix.cpp:255
    bufsiz=1024)
    at /exports/users/alr48/sources/upstream-llvm-project/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:7151

Reviewed By: #sanitizers, vitalybuka

Differential Revision: https://reviews.llvm.org/D85292
2020-09-01 18:25:22 +01:00
Anatoly Trosinenko 0e90d8d4fe [builtins] Unify the softfloat division implementation
This patch replaces three different pre-existing implementations of
__div[sdt]f3 LibCalls with a generic one - like it is already done for
many other LibCalls.

Reviewed By: sepavloff

Differential Revision: https://reviews.llvm.org/D85031
2020-09-01 19:05:50 +03:00
Vitaly Buka bd6ee51150 [NFC][Asan] Format includes 2020-09-01 05:30:07 -07:00
Petr Hosek 3c7bfbd683 [CMake] Use find_library for ncurses
Currently it is hard to avoid having LLVM link to the system install of
ncurses, since it uses check_library_exists to find e.g. libtinfo and
not find_library or find_package.

With this change the ncurses lib is found with find_library, which also
considers CMAKE_PREFIX_PATH. This solves an issue for the spack package
manager, where we want to use the zlib installed by spack, and spack
provides the CMAKE_PREFIX_PATH for it.

This is a similar change as https://reviews.llvm.org/D79219, which just
landed in master.

Patch By: haampie

Differential Revision: https://reviews.llvm.org/D85820
2020-08-31 20:06:21 -07:00
Anatoly Trosinenko 11cf6346fd [NFC][compiler-rt] Factor out __div[sdt]i3 and __mod[dt]i3 implementations
Reviewed By: MaskRay

Differential Revision: https://reviews.llvm.org/D86400
2020-08-30 16:14:08 +03:00
Marco Vanotti 6760f7ee6f [compiler-rt][tsan] Remove unnecesary typedefs
These typedefs are not used anywhere else in this compilation unit.

Differential Revision: https://reviews.llvm.org/D86826
2020-08-28 18:43:54 -07:00
Vitaly Buka 6cf72ad3b3 [NFC][asan] Don't unwind stack before pool check 2020-08-28 02:00:35 -07:00
JF Bastien 82d29b397b Add an unsigned shift base sanitizer
It's not undefined behavior for an unsigned left shift to overflow (i.e. to
shift bits out), but it has been the source of bugs and exploits in certain
codebases in the past. As we do in other parts of UBSan, this patch adds a
dynamic checker which acts beyond UBSan and checks other sources of errors. The
option is enabled as part of -fsanitize=integer.

The flag is named: -fsanitize=unsigned-shift-base
This matches shift-base and shift-exponent flags.

<rdar://problem/46129047>

Differential Revision: https://reviews.llvm.org/D86000
2020-08-27 19:50:10 -07:00
Justin Cady 1d3ef5f122 [MSAN] Add fiber switching APIs
Add functions exposed via the MSAN interface to enable MSAN within
binaries that perform manual stack switching (e.g. through using fibers
or coroutines).

This functionality is analogous to the fiber APIs available for ASAN and TSAN.

Fixes google/sanitizers#1232

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D86471
2020-08-27 19:30:40 -07:00
Harmen Stoppels cdcb9ab10e Revert "Use find_library for ncurses"
The introduction of find_library for ncurses caused more issues than it solved problems. The current open issue is it makes the static build of LLVM fail. It is better to revert for now, and get back to it later.

Revert "[CMake] Fix an issue where get_system_libname creates an empty regex capture on windows"
This reverts commit 1ed1e16ab8.

Revert "Fix msan build"
This reverts commit 34fe9613dd.

Revert "[CMake] Always mark terminfo as unavailable on Windows"
This reverts commit 76bf26236f.

Revert "[CMake] Fix OCaml build failure because of absolute path in system libs"
This reverts commit 8e4acb82f7.

Revert "[CMake] Don't look for terminfo libs when LLVM_ENABLE_TERMINFO=OFF"
This reverts commit 495f91fd33.

Revert "Use find_library for ncurses"
This reverts commit a52173a3e5.

Differential revision: https://reviews.llvm.org/D86521
2020-08-27 17:57:26 -07:00
Dokyung Song c10e63677f Recommit "[libFuzzer] Fix arguments of InsertPartOf/CopyPartOf calls in CrossOver mutator."
The CrossOver mutator is meant to cross over two given buffers (referred to as
the first/second buffer henceforth). Previously InsertPartOf/CopyPartOf calls
used in the CrossOver mutator incorrectly inserted/copied part of the second
buffer into a "scratch buffer" (MutateInPlaceHere of the size
CurrentMaxMutationLen), rather than the first buffer. This is not intended
behavior, because the scratch buffer does not always (i) contain the content of
the first buffer, and (ii) have the same size as the first buffer;
CurrentMaxMutationLen is typically a lot larger than the size of the first
buffer. This patch fixes the issue by using the first buffer instead of the
scratch buffer in InsertPartOf/CopyPartOf calls.

A FuzzBench experiment was run to make sure that this change does not
inadvertently degrade the performance. The performance is largely the same; more
details can be found at:
https://storage.googleapis.com/fuzzer-test-suite-public/fixcrossover-report/index.html

This patch also adds two new tests, namely "cross_over_insert" and
"cross_over_copy", which specifically target InsertPartOf and CopyPartOf,
respectively.

- cross_over_insert.test checks if the fuzzer can use InsertPartOf to trigger
  the crash.

- cross_over_copy.test checks if the fuzzer can use CopyPartOf to trigger the
  crash.

These newly added tests were designed to pass with the current patch, but not
without the it (with 790878f291 these tests do not
pass). To achieve this, -max_len was intentionally given a high value. Without
this patch, InsertPartOf/CopyPartOf will generate larger inputs, possibly with
unpredictable data in it, thereby failing to trigger the crash.

The test pass condition for these new tests is narrowed down by (i) limiting
mutation depth to 1 (i.e., a single CrossOver mutation should be able to trigger
the crash) and (ii) checking whether the mutation sequence of "CrossOver-" leads
to the crash.

Also note that these newly added tests and an existing test (cross_over.test)
all use "-reduce_inputs=0" flags to prevent reducing inputs; it's easier to
force the fuzzer to keep original input string this way than tweaking
cov-instrumented basic blocks in the source code of the fuzzer executable.

Differential Revision: https://reviews.llvm.org/D85554
2020-08-27 21:48:45 +00:00
Dokyung Song 52f1df0923 Recommit "[libFuzzer] Fix value-profile-load test."
value-profile-load.test needs adjustment with a mutator change in
bb54bcf849, which reverted as of now, but will be
recommitted after landing this patch.

This patch makes value-profile-load.test more friendly to (and aware of) the
current value profiling strategy, which is based on the hamming as well as the
absolute distance. To this end, this patch adjusts the set of input values that
trigger an expected crash. More specifically, this patch now uses a single value
0x01effffe as a crashing input, because this value is close to values like
{0x1ffffff, 0xffffff, ...}, which are very likely to be added to the corpus per
the current hamming- and absolute-distance-based value profiling strategy. Note
that previously the crashing input values were {1234567 * {1, 2, ...}, s.t. <
INT_MAX}.

Every byte in the chosen value 0x01effeef is intentionally different; this was
to make it harder to find the value without the intermediate inputs added to the
corpus by the value profiling strategy.

Also note that LoadTest.cpp now uses a narrower condition (Size != 8) for
initial pruning of inputs, effectively preventing libFuzzer from generating
inputs longer than necessary and spending time on mutating such long inputs in
the corpus - a functionality not meant to be tested by this specific test.

Differential Revision: https://reviews.llvm.org/D86247
2020-08-27 19:12:30 +00:00
Raul Tambre 45344cf7ac [CMake][compiler-rt][libunwind] Compile assembly files as ASM not C, unify workarounds
It isn't very wise to pass an assembly file to the compiler and tell it to compile as a C file and hope that the compiler recognizes it as assembly instead.
Simply don't mark the file as C and CMake will recognize the rest.

This was attempted earlier in https://reviews.llvm.org/D85706, but reverted due to architecture issues on Apple.
Subsequent digging revealed a similar change was done earlier for libunwind in https://reviews.llvm.org/rGb780df052dd2b246a760d00e00f7de9ebdab9d09.
Afterwards workarounds were added for MinGW and Apple:
* https://reviews.llvm.org/rGb780df052dd2b246a760d00e00f7de9ebdab9d09
* https://reviews.llvm.org/rGd4ded05ba851304b26a437896bc3962ef56f62cb

The workarounds in libunwind and compiler-rt are unified and comments added pointing to each other.
The workaround is updated to only be used for MinGW for CMake versions before 3.17, which fixed the issue (https://gitlab.kitware.com/cmake/cmake/-/merge_requests/4287).

Additionally fixed Clang not being passed as the assembly compiler for compiler-rt runtime build.

Example error:
[525/634] Building C object lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o
FAILED: lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o
/opt/tooling/drive/host/bin/clang --target=aarch64-linux-gnu -I/opt/tooling/drive/llvm/compiler-rt/lib/tsan/.. -isystem /opt/tooling/drive/toolchain/opt/drive/toolchain/include -x c -Wall -Wno-unused-parameter -fno-lto -fPIC -fno-builtin -fno-exceptions -fomit-frame-pointer -funwind-tables -fno-stack-protector -fno-sanitize=safe-stack -fvisibility=hidden -fno-lto -O3 -gline-tables-only -Wno-gnu -Wno-variadic-macros -Wno-c99-extensions -Wno-non-virtual-dtor -fPIE -fno-rtti -Wframe-larger-than=530 -Wglobal-constructors --sysroot=. -MD -MT lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o -MF lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o.d -o lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o -c /opt/tooling/drive/llvm/compiler-rt/lib/tsan/rtl/tsan_rtl_aarch64.S
/opt/tooling/drive/llvm/compiler-rt/lib/tsan/rtl/tsan_rtl_aarch64.S:29:1: error: expected identifier or '('
.section .text
^
1 error generated.

Differential Revision: https://reviews.llvm.org/D86308
2020-08-27 15:40:15 +03:00
Anatoly Trosinenko fce035eae9 [NFC][compiler-rt] Factor out __mulo[sdt]i4 implementations to .inc file
The existing implementations are almost identical except for width of the
integer type.

Factor them out to int_mulo_impl.inc for better maintainability.

This patch is almost identical to D86277.

Reviewed By: MaskRay

Differential Revision: https://reviews.llvm.org/D86289
2020-08-27 14:33:48 +03:00
Anatoly Trosinenko 182d14db07 [NFC][compiler-rt] Factor out __mulv[sdt]i3 implementations to .inc file
The existing implementations are almost identical except for width of the
integer type.

Factor them out to int_mulv_impl.inc for better maintainability.

Reviewed By: MaskRay

Differential Revision: https://reviews.llvm.org/D86277
2020-08-27 14:33:48 +03:00
Vedant Kumar 1f47f89a90 [profile] Add InstrProfilingVersionVar.c.o to Darwin kext builtins
Fixes a build failure in the Darwin kernel. Tested with:

% nm -mU lib/libclang_rt.cc_kext_x86_64h_osx.a | grep __llvm_profile_raw_version

rdar://67809173
2020-08-26 10:02:13 -07:00
Matt Morehouse 2392ff093a [libFuzzer] Error and exit if user supplied fuzzer writeable directories don't exist
Currently, libFuzzer will exit with an error message if a non-existent
corpus directory is provided. However, if a user provides a non-existent
directory for the `artifact_prefix`, `exact_artifact_path`, or
`features_dir`, libFuzzer will continue execution but silently fail to
write artifacts/features.

To improve the user experience, this PR adds validation for the existence of
all user supplied directories before executing the main fuzzing loop. If they
don't exist, libFuzzer will exit with an error message.

Patch By: dgg5503

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D84808
2020-08-26 09:27:07 -07:00
Hans Wennborg 8421503300 Bump -len_control value in fuzzer-custommutator.test (PR47286)
to make the test more stable, as suggested by mmoroz.
2020-08-26 16:45:51 +02:00
Kuba Mracek e713b0ecbc [tsan] On arm64e, strip out ptrauth bits from incoming PCs
Differential Revision: https://reviews.llvm.org/D86378
2020-08-25 11:59:36 -07:00
David Tenty f8454d60b8 [AIX][compiler-rt][builtins] Don't add ppc builtin implementations that require __int128 on AIX
since __int128 currently isn't supported on AIX.

Reviewed By: hubert.reinterpretcast

Differential Revision: https://reviews.llvm.org/D85972
2020-08-25 11:35:38 -04:00
Kostya Kortchinsky bd5ca4f0ed [scudo][standalone] Skip irrelevant regions during release
With the 'new' way of releasing on 32-bit, we iterate through all the
regions in between `First` and `Last`, which covers regions that do not
belong to the class size we are working with. This is effectively wasted
cycles.

With this change, we add a `SkipRegion` lambda to `releaseFreeMemoryToOS`
that will allow the release function to know when to skip a region.
For the 64-bit primary, since we are only working with 1 region, we never
skip.

Reviewed By: hctim

Differential Revision: https://reviews.llvm.org/D86399
2020-08-25 07:41:02 -07:00
Anatoly Trosinenko b9f49d13fd [compiler-rt][builtins] Add more test cases for __div[sdt]f3 LibCalls
* Make the three tests look more uniformly
* Explicitly specify types of integer and floating point literals
* Add more test cases (mostly inspired by divtf3_test.c)
  - tests are added for obviously special cases such as +/-Inf, +/-0.0 and some
    more implementation-specific cases such as divisor being almost 1.0
* Make NaN in the second test case of `divtf3` to be `sNaN` instead of
  testing for `qNaN` again

Reviewed By: sepavloff

Differential Revision: https://reviews.llvm.org/D84932
2020-08-25 16:19:23 +03:00
Ilya Leoshkevich 151f603199 [libFuzzer] Un-XFAIL msan.test on SystemZ
After https://reviews.llvm.org/D86382 it works.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86184
2020-08-25 15:01:55 +02:00
Alex Richardson 39d2506461 Fix crypt.cpp sanitizer test on FreeBSD
FreeBSD doesn't provide a crypt.h header but instead defines the functions
in unistd.h. Use __has_include() to handle that case.

Reviewed By: #sanitizers, vitalybuka

Differential Revision: https://reviews.llvm.org/D85406
2020-08-25 12:20:33 +01:00
Alex Richardson 5695fa9190 [asan] Also allow for SIGBUS in high-address-dereference.c
FreeBSD delivers a SIGBUS signal for bad addresses rather than SIGSEGV.

Reviewed By: #sanitizers, vitalybuka, yln

Differential Revision: https://reviews.llvm.org/D85409
2020-08-25 12:20:33 +01:00
Rainer Orth e3585ff7af [compiler-rt][asan][test] Set LD_LIBRARY_PATH_{32,64} on Solaris
The dynamically linked ASan tests rely on `LD_LIBRARY_PATH` to find
`libclang_rt.asan-*.so` at runtime.

However, the Solaris runtime linker `ld.so.1` also supports more specific
variables: `LD_LIBRARY_PATH_32` and `LD_LIBRARY_PATH_64` respectively.  If
those happen to be set, `LD_LIBRARY_PATH` is ignored.  In such a case, all
dynamically linked ASan tests `FAIL`.  For i386 alone, this affects about
200 tests.

The following patch fixes that by also setting `LD_LIBRARY_PATH_{32,64}` on
Solaris.

Tested on `amd64-pc-solaris2.11` both with only `LD_LIBRARY_PATH` set and
with `LD_LIBRARY_PATH_{32,64}` set too.

Differential Revision: https://reviews.llvm.org/D86333
2020-08-25 09:36:51 +02:00
Mateusz Mikuła 879c1db5d2 [Compiler-RT] Fix profiler building with MinGW GCC
Differential Revision: https://reviews.llvm.org/D86405
2020-08-25 10:22:53 +03:00
Freddy Ye e02d081f2b [X86] Support -march=sapphirerapids
Support -march=sapphirerapids for x86.
Compare with Icelake Server, it includes 14 more new features. They are
amxtile, amxint8, amxbf16, avx512bf16, avx512vp2intersect, cldemote,
enqcmd, movdir64b, movdiri, ptwrite, serialize, shstk, tsxldtrk, waitpkg.

Reviewed By: craig.topper

Differential Revision: https://reviews.llvm.org/D86503
2020-08-25 14:21:21 +08:00
Julian Lettner c1d25e9a82 [TSan][libdispatch] Add interceptors for dispatch_barrier_async_and_wait(), pt. 2
Also intercept these target functions on Linux.
2020-08-24 14:37:34 -07:00
Julian Lettner fa0a855c73 [TSan][libdispatch] Add interceptors for dispatch_barrier_async_and_wait()
Add interceptors for the barrier variants of the "async and wait"
dispatch API family.
2020-08-24 14:01:04 -07:00
Shoaib Meenai 2c80e2fe51 [runtimes] Use llvm-libtool-darwin for runtimes build
It's full featured now and we can use it for the runtimes build instead
of relying on an external libtool, which means the CMAKE_HOST_APPLE
restriction serves no purpose either now. Restrict llvm-lipo to Darwin
targets while I'm here, since it's only needed there.

Reviewed By: phosek

Differential Revision: https://reviews.llvm.org/D86367
2020-08-24 13:48:30 -07:00
Shoaib Meenai 26c1d689ae [compiler-rt] Disable ranlib when using libtool
libtool already produces a table of contents, and ranlib just gives
spurious errors because it doesn't understand universal binaries.

Reviewed By: phosek

Differential Revision: https://reviews.llvm.org/D86365
2020-08-24 13:48:28 -07:00
Julian Lettner 2b7a2cbb15 [TSan][Darwin] Handle NULL argument in interceptor
Handle NULL address argument in the `mach_vm_[de]allocate()`
interceptors and fix test: `Assignment 2` is not valid if we weren't
able to re-allocate memory.

rdar://67680613
2020-08-24 11:36:02 -07:00
Dokyung Song 9659b81b2a [libFuzzer] Make msan.test:SimpleCmpTest succeed with less trials.
Currently SimpleCmpTest passes after 9,831,994 trials on x86_64/Linux
when the number of given trials is 10,000,000, just a little bigger than
that. This patch modifies SimpleCmpTest.cpp so that the test passes with less
trials, reducing its chances of future failures as libFuzzer evolves. More
specifically, this patch changes a 32-bit equality check to a 8-bit equality
check, making this test pass at 4,635,303 trials.

Differential Revision: https://reviews.llvm.org/D86382
2020-08-24 14:45:39 +00:00
Julian Lettner cc62373915 [ASan][Darwin] Enable test on additional platforms 2020-08-21 11:13:09 -07:00
Azharuddin Mohammed 8831e34771 Revert "[libFuzzer] Fix arguments of InsertPartOf/CopyPartOf calls in CrossOver mutator."
This reverts commit bb54bcf849.

It is causing the value-profile-load.test test to fail on macOS.
2020-08-21 09:58:50 -07:00
Azharuddin Mohammed 7ed3286a51 [LibFuzzer] [tests] [Darwin] Use the pthread library from the SDK 2020-08-21 09:22:13 -07:00
Luís Marques 57903cf093 [compiler-rt][RISCV] Use muldi3 builtin assembly implementation
D80465 added an assembly implementation of muldi3 for RISC-V but it didn't
add it to the cmake `*_SOURCES` list, so the C implementation was being used
instead. This patch fixes that.

Differential Revision: https://reviews.llvm.org/D86036
2020-08-21 13:06:35 +01:00
Craig Topper df9a9bb7be [X86] Correct the implementation of the testFeature macro in getIntelProcessorTypeAndSubtype to do a proper bit test.
Instead of ANDing with a one hot mask representing the bit to
be tested, we were ANDing with just the bit number. This tests
multiple bits none of them the correct one.

This caused skylake-avx512, cascadelake and cooperlake to all
be misdetected. Based on experiments with the Intel SDE, it seems
that all of these CPUs are being detected as being cooperlake.
This is bad since its the newest CPU of the 3.
2020-08-20 23:50:45 -07:00
Vitaly Buka 66c882e529 Revert "[libFuzzer] Fix value-profile-load test."
D86247 fails on Windows.

This reverts commit 428bebaf10.
2020-08-20 17:49:12 -07:00
Vitaly Buka ea9bf460a8 [NFC][libFuzzer] Try to fix test on Windows
Broken after D86247
2020-08-20 17:33:51 -07:00
Julian Lettner 53aff8d864 [Darwin][iOS] Enable test on non-macOS platforms
We are now using a properly-substituted minimal deployment target
compiler flag (`%min_macos_deployment_target=10.11`).  Enable test on
iOS and watchOS plus simulators.  We are also not testing on very old
platforms anymore, so we can remove some obsolete lit infrastructure.
2020-08-20 16:40:32 -07:00
Julian Lettner 1f3c92f968 [compiler-rt][Darwin] Refactor minimum deployment target substitutions
* Support macOS 11+ version scheme
* Standardize substitution name `%min_deployment_target=x.y`
* Remove unneeded error cases (the input version is hard-coded)
* Specify version as tuple instead of string; no need to parse it

These changes should also facilitate a future addition of a substitution
that expands to "set deployment target to current target version"
(https://reviews.llvm.org/D70151).

Reviewed By: delcypher

Differential Revision: https://reviews.llvm.org/D85925
2020-08-20 16:22:56 -07:00
Julian Lettner d9b062ad87 [TSan][Darwin] Remove unnecessary lit substitution
We don't test on very old versions of Apple platforms anymore.  The
following lit substitution concerning the minimum deployment target for
ARC support can be removed.

```
%darwin_min_target_with_full_runtime_arc_support -> 10.11
```

Differential Revision: https://reviews.llvm.org/D85803
2020-08-20 13:00:32 -07:00
Julian Lettner 6222a28db5 [TSan][Darwin] Enable test on non-macOS platforms
After removing the unnecessary `-mmacosx-version-min=10.12` compiler
flag this test can run on all platforms.  I confirmed that this test is
green for iOS, iOS simulator, and watchOS simulator.

Differential Revision: https://reviews.llvm.org/D85952
2020-08-20 12:28:05 -07:00
Raphael Isemann adf0b8cc70 Revert "[compiler-rt] Compile assembly files as ASM not C"
This reverts commit d58fd4e521. This broke
compiler-rt compilation on macOS:

codesign --sign - /Users/buildslave/jenkins/workspace/lldb-cmake/lldb-build/lib/clang/12.0.99/lib/darwin/libclang_rt.tsan_ios_dynamic.dylib
ld: warning: ignoring file projects/compiler-rt/lib/tsan/CMakeFiles/clang_rt.tsan_ios_dynamic.dir/rtl/tsan_rtl_amd64.S.o, building for iOS-arm64 but attempting to link with file built for iOS Simulator-x86_64
ld: warning: ignoring file projects/compiler-rt/lib/tsan/CMakeFiles/clang_rt.tsan_ios_dynamic.dir/rtl/tsan_rtl_aarch64.S.o, building for iOS-arm64 but attempting to link with file built for iOS Simulator-x86_64
Undefined symbols for architecture arm64:
  "_wrap__setjmp", referenced from:
      substitution__setjmp in tsan_interceptors_posix.cpp.o
  "_wrap_setjmp", referenced from:
      substitution_setjmp in tsan_interceptors_posix.cpp.o
  "_wrap_sigsetjmp", referenced from:
      substitution_sigsetjmp in tsan_interceptors_posix.cpp.o
ld: symbol(s) not found for architecture arm64
2020-08-20 15:25:22 +02:00
Petr Hosek d58fd4e521 [compiler-rt] Compile assembly files as ASM not C
It isn't very wise to pass an assembly file to the compiler and tell it to compile as a C file and hope that the compiler recognizes it as assembly instead.
Instead enable the ASM language and mark the files as being ASM.

[525/634] Building C object lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o
FAILED: lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o
/opt/tooling/drive/host/bin/clang --target=aarch64-linux-gnu -I/opt/tooling/drive/llvm/compiler-rt/lib/tsan/.. -isystem /opt/tooling/drive/toolchain/opt/drive/toolchain/include -x c -Wall -Wno-unused-parameter -fno-lto -fPIC -fno-builtin -fno-exceptions -fomit-frame-pointer -funwind-tables -fno-stack-protector -fno-sanitize=safe-stack -fvisibility=hidden -fno-lto -O3 -gline-tables-only -Wno-gnu -Wno-variadic-macros -Wno-c99-extensions -Wno-non-virtual-dtor -fPIE -fno-rtti -Wframe-larger-than=530 -Wglobal-constructors --sysroot=. -MD -MT lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o -MF lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o.d -o lib/tsan/CMakeFiles/clang_rt.tsan-aarch64.dir/rtl/tsan_rtl_aarch64.S.o -c /opt/tooling/drive/llvm/compiler-rt/lib/tsan/rtl/tsan_rtl_aarch64.S
/opt/tooling/drive/llvm/compiler-rt/lib/tsan/rtl/tsan_rtl_aarch64.S:29:1: error: expected identifier or '('
.section .text
^
1 error generated.

Fixed Clang not being passed as the assembly compiler for compiler-rt runtime build.

Patch By: tambre

Differential Revision: https://reviews.llvm.org/D85706
2020-08-20 00:34:59 -07:00
Dokyung Song 428bebaf10 [libFuzzer] Fix value-profile-load test.
The behavior of the CrossOver mutator has changed with
bb54bcf849. This seems to affect the
value-profile-load test on Darwin. This patch provides a wider margin for
determining success of the value-profile-load test, by testing the targeted
functionality (i.e., GEP index value profile) more directly and faster. To this
end, LoadTest.cpp now uses a narrower condition (Size != 8) for initial pruning
of inputs, effectively preventing libFuzzer from generating inputs longer than
necessary and spending time on mutating such long inputs in the corpus - a
functionality not meant to be tested by this specific test.

Previously, on x86/Linux, it required 6,597,751 execs with -use_value_profile=1
and 19,605,575 execs with -use_value_profile=0 to hit the crash. With this
patch, the test passes with 174,493 execs, providing a wider margin from the
given trials of 10,000,000. Note that, without the value profile (i.e.,
-use_value_profile=0), the test wouldn't pass as it still requires 19,605,575
execs to hit the crash.

Differential Revision: https://reviews.llvm.org/D86247
2020-08-19 22:14:43 +00:00
Matt Morehouse 4deda57106 [DFSan] Handle mmap() calls before interceptors are installed.
InitializeInterceptors() calls dlsym(), which calls calloc().  Depending
on the allocator implementation, calloc() may invoke mmap(), which
results in a segfault since REAL(mmap) is still being resolved.

We fix this by doing a direct syscall if interceptors haven't been fully
resolved yet.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D86168
2020-08-19 15:07:41 -07:00
Peter Collingbourne a208ad5ddb sanitizer_common: Use void* for madvise first argument on Solaris.
Differential Revision: https://reviews.llvm.org/D86166
2020-08-19 10:55:55 -07:00
Petr Hosek 495f91fd33 [CMake] Don't look for terminfo libs when LLVM_ENABLE_TERMINFO=OFF
D85820 introduced a bug where LLVM_ENABLE_TERMINFO was set to true when
the library was found, even when the user had set
-DLLVM_ENABLE_TERMINFO=OFF.

Patch By: haampie

Differential Revision: https://reviews.llvm.org/D86173
2020-08-19 10:31:42 -07:00
Julian Lettner 40ae296bc3 [TSan][libdispatch] Guard test execution on old platforms
`dispatch_async_and_wait()` was introduced in macOS 10.14.  Let's
forward declare it to ensure we can compile the test with older SDKs and
guard execution by checking if the symbol is available.  (We can't use
`__builtin_available()`, because that itself requires a higher minimum
deployment target.)  We also need to specify the `-undefined
dynamic_lookup` compiler flag.

Differential Revision: https://reviews.llvm.org/D85995
2020-08-18 18:34:14 -07:00
Julian Lettner 686fe293e6 [TSan][libdispatch] Ensure TSan dylib works on old systems
`dispatch_async_and_wait()` was introduced in macOS 10.14, which is
greater than our minimal deployment target.  We need to forward declare
it as a "weak import" to ensure we generate a weak reference so the TSan
dylib continues to work on older systems.  We cannot simply `#include
<dispatch.h>` or use the Darwin availability macros since this file is
multi-platform.

In addition, we want to prevent building these interceptors at all when
building with older SDKs because linking always fails.

Before:
```
➤ dyldinfo -bind ./lib/clang/12.0.0/lib/darwin/libclang_rt.tsan_osx_dynamic.dylib | grep dispatch_async_and_wait
__DATA  __interpose      0x000F5E68    pointer      0 libSystem        _dispatch_async_and_wait_f
```

After:
```
➤ dyldinfo -bind ./lib/clang/12.0.0/lib/darwin/libclang_rt.tsan_osx_dynamic.dylib | grep dispatch_async_and_wait
__DATA  __got            0x000EC0A8    pointer      0 libSystem        _dispatch_async_and_wait (weak import)
__DATA  __interpose      0x000F5E78    pointer      0 libSystem        _dispatch_async_and_wait (weak import)
```

This is a follow-up to D85854 and should fix:
https://reviews.llvm.org/D85854#2221529

Reviewed By: kubamracek

Differential Revision: https://reviews.llvm.org/D86103
2020-08-18 18:34:14 -07:00
Julian Lettner 0c4863a253 Reland "[TSan][libdispatch] Add interceptors for dispatch_async_and_wait()"
The linker errors caused by this revision have been addressed.

Add interceptors for `dispatch_async_and_wait[_f]()` which was added in
macOS 10.14.  This pair of functions is similar to `dispatch_sync()`,
but does not force a context switch of the queue onto the caller thread
when the queue is active (and hence is more efficient).  For TSan, we
can apply the same semantics as for `dispatch_sync()`.

From the header docs:
> Differences with dispatch_sync()
>
> When the runtime has brought up a thread to invoke the asynchronous
> workitems already submitted to the specified queue, that servicing
> thread will also be used to execute synchronous work submitted to the
> queue with dispatch_async_and_wait().
>
> However, if the runtime has not brought up a thread to service the
> specified queue (because it has no workitems enqueued, or only
> synchronous workitems), then dispatch_async_and_wait() will invoke the
> workitem on the calling thread, similar to the behaviour of functions
> in the dispatch_sync family.

Additional context:
> The guidance is to use `dispatch_async_and_wait()` instead of
> `dispatch_sync()` when it is necessary to mix async and sync calls on
> the same queue. `dispatch_async_and_wait()` does not guarantee
> execution on the caller thread which allows to reduce context switches
> when the target queue is active.
> https://gist.github.com/tclementdev/6af616354912b0347cdf6db159c37057

rdar://35757961

Reviewed By: kubamracek

Differential Revision: https://reviews.llvm.org/D85854
2020-08-18 18:34:14 -07:00
Arthur Eubanks 501a078cbb Revert "[TSan][libdispatch] Add interceptors for dispatch_async_and_wait()"
This reverts commit d137db8029.

Breaks builds on older SDKs.
2020-08-18 09:49:05 -07:00
Dokyung Song bb54bcf849 [libFuzzer] Fix arguments of InsertPartOf/CopyPartOf calls in CrossOver mutator.
The CrossOver mutator is meant to cross over two given buffers (referred to as
the first/second buffer henceforth). Previously InsertPartOf/CopyPartOf calls
used in the CrossOver mutator incorrectly inserted/copied part of the second
buffer into a "scratch buffer" (MutateInPlaceHere of the size
CurrentMaxMutationLen), rather than the first buffer. This is not intended
behavior, because the scratch buffer does not always (i) contain the content of
the first buffer, and (ii) have the same size as the first buffer;
CurrentMaxMutationLen is typically a lot larger than the size of the first
buffer. This patch fixes the issue by using the first buffer instead of the
scratch buffer in InsertPartOf/CopyPartOf calls.

A FuzzBench experiment was run to make sure that this change does not
inadvertently degrade the performance. The performance is largely the same; more
details can be found at:
https://storage.googleapis.com/fuzzer-test-suite-public/fixcrossover-report/index.html

This patch also adds two new tests, namely "cross_over_insert" and
"cross_over_copy", which specifically target InsertPartOf and CopyPartOf,
respectively.

- cross_over_insert.test checks if the fuzzer can use InsertPartOf to trigger
  the crash.

- cross_over_copy.test checks if the fuzzer can use CopyPartOf to trigger the
  crash.

These newly added tests were designed to pass with the current patch, but not
without the it (with 790878f291 these tests do not
pass). To achieve this, -max_len was intentionally given a high value. Without
this patch, InsertPartOf/CopyPartOf will generate larger inputs, possibly with
unpredictable data in it, thereby failing to trigger the crash.

The test pass condition for these new tests is narrowed down by (i) limiting
mutation depth to 1 (i.e., a single CrossOver mutation should be able to trigger
the crash) and (ii) checking whether the mutation sequence of "CrossOver-" leads
to the crash.

Also note that these newly added tests and an existing test (cross_over.test)
all use "-reduce_inputs=0" flags to prevent reducing inputs; it's easier to
force the fuzzer to keep original input string this way than tweaking
cov-instrumented basic blocks in the source code of the fuzzer executable.

Differential Revision: https://reviews.llvm.org/D85554
2020-08-18 16:09:18 +00:00
Rainer Orth 13080ca1f0 [compiler-rt][test] XFAIL two tests on 32-bit sparc
Two tests `FAIL` on 32-bit sparc:

  Profile-sparc :: Posix/instrprof-gcov-parallel.test
  UBSan-Standalone-sparc :: TestCases/Float/cast-overflow.cpp

The failure mode is similar:

  Undefined                       first referenced
   symbol                             in file
  __atomic_store_4                    /var/tmp/instrprof-gcov-parallel-6afe8d.o
  __atomic_load_4                     /var/tmp/instrprof-gcov-parallel-6afe8d.o

  Undefined                       first referenced
   symbol                             in file
  __atomic_load_1                     /var/tmp/cast-overflow-72a808.o

This is a known bug: `clang` doesn't inline atomics on 32-bit sparc, unlike
`gcc`.

The patch therefore `XFAIL`s the tests.

Tested on `sparcv9-sun-solaris2.11` and `amd64-pc-solaris2.11`.

Differential Revision: https://reviews.llvm.org/D85346
2020-08-18 11:32:51 +02:00
Harmen Stoppels a52173a3e5 Use find_library for ncurses
Currently it is hard to avoid having LLVM link to the system install of
ncurses, since it uses check_library_exists to find e.g. libtinfo and
not find_library or find_package.

With this change the ncurses lib is found with find_library, which also
considers CMAKE_PREFIX_PATH. This solves an issue for the spack package
manager, where we want to use the zlib installed by spack, and spack
provides the CMAKE_PREFIX_PATH for it.

This is a similar change as https://reviews.llvm.org/D79219, which just
landed in master.

Differential revision: https://reviews.llvm.org/D85820
2020-08-17 19:52:52 -07:00
Dávid Bolvanský 0f14b2e6cb Revert "[BPI] Improve static heuristics for integer comparisons"
This reverts commit 50c743fa71. Patch will be split to smaller ones.
2020-08-17 20:44:33 +02:00
Matt Morehouse 69721fc9d1 [DFSan] Support fast16labels mode in dfsan_union.
While the instrumentation never calls dfsan_union in fast16labels mode,
the custom wrappers do.  We detect fast16labels mode by checking whether
any labels have been created.  If not, we must be using fast16labels
mode.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D86012
2020-08-17 11:27:28 -07:00
Amy Huang 51c152ca2a Revert "Make compiler-rt/asan tests run with llvm-lit."
This reverts commit 7f84f62ef0.

Seems to be causing a bunch of compiler-rt test failures on
ppc64-linux bots.
2020-08-17 10:00:45 -07:00
Amy Huang 7f84f62ef0 Make compiler-rt/asan tests run with llvm-lit.
This sets some config parameters so we can run the asan tests with
llvm-lit,
e.g. `./bin/llvm-lit [...]/compiler-rt/test/asan`

Differential Revision: https://reviews.llvm.org/D83821
2020-08-17 09:24:19 -07:00
Dimitry Andric 3aecf4bdf3 On FreeBSD, add -pthread to ASan dynamic compile flags for tests
Otherwise, lots of these tests fail with a CHECK error similar to:

==12345==AddressSanitizer CHECK failed: compiler-rt/lib/asan/asan_posix.cpp:120 "((0)) == ((pthread_key_create(&tsd_key, destructor)))" (0x0, 0x4e)

This is because the default pthread stubs in FreeBSD's libc always
return failures (such as ENOSYS for pthread_key_create) in case the
pthread library is not linked in.

Reviewed By: arichardson

Differential Revision: https://reviews.llvm.org/D85082
2020-08-15 13:05:31 +02:00
Gui Andrade 97de0188dd [MSAN] Reintroduce libatomic load/store instrumentation
Have the front-end use the `nounwind` attribute on atomic libcalls.
This prevents us from seeing `invoke __atomic_load` in MSAN, which
is problematic as it has no successor for instrumentation to be added.
2020-08-14 20:31:10 +00:00
Matt Morehouse bb3a3da38d [DFSan] Don't unmap during dfsan_flush().
Unmapping and remapping is dangerous since another thread could touch
the shadow memory while it is unmapped.  But there is really no need to
unmap anyway, since mmap(MAP_FIXED) will happily clobber the existing
mapping with zeroes.  This is thread-safe since the mmap() is done under
the same kernel lock as page faults are done.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D85947
2020-08-14 11:43:49 -07:00
Julian Lettner d137db8029 [TSan][libdispatch] Add interceptors for dispatch_async_and_wait()
Add interceptors for `dispatch_async_and_wait[_f]()` which was added in
macOS 10.14.  This pair of functions is similar to `dispatch_sync()`,
but does not force a context switch of the queue onto the caller thread
when the queue is active (and hence is more efficient).  For TSan, we
can apply the same semantics as for `dispatch_sync()`.

From the header docs:
> Differences with dispatch_sync()
>
> When the runtime has brought up a thread to invoke the asynchronous
> workitems already submitted to the specified queue, that servicing
> thread will also be used to execute synchronous work submitted to the
> queue with dispatch_async_and_wait().
>
> However, if the runtime has not brought up a thread to service the
> specified queue (because it has no workitems enqueued, or only
> synchronous workitems), then dispatch_async_and_wait() will invoke the
> workitem on the calling thread, similar to the behaviour of functions
> in the dispatch_sync family.

Additional context:
> The guidance is to use `dispatch_async_and_wait()` instead of
> `dispatch_sync()` when it is necessary to mix async and sync calls on
> the same queue. `dispatch_async_and_wait()` does not guarantee
> execution on the caller thread which allows to reduce context switches
> when the target queue is active.
> https://gist.github.com/tclementdev/6af616354912b0347cdf6db159c37057

rdar://35757961

Reviewed By: kubamracek

Differential Revision: https://reviews.llvm.org/D85854
2020-08-14 09:39:57 -07:00
Matt Morehouse c1f9c1c13c [DFSan] Fix parameters to strtoull wrapper.
base and nptr_label were swapped, which meant we were passing nptr's
shadow as the base to the operation.  Usually, the shadow is 0, which
causes strtoull to guess the correct base from the string prefix (e.g.,
0x means base-16 and 0 means base-8), hiding this bug.  Adjust the test
case to expose the bug.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D85935
2020-08-14 08:02:30 -07:00
Chris Kennelly 800f0eda5b [NFC] Remove unused function.
Differential Revision: https://reviews.llvm.org/D85944
2020-08-13 21:20:15 -04:00
Chris Kennelly 097c8fb2cb [NFC] Remove unused variables.
These were no longer needed following
96855125e7.

Reviewed By: rupprecht

Differential Revision: https://reviews.llvm.org/D85939
2020-08-13 17:56:51 -04:00
Peter Collingbourne 9f8c4039f2 sanitizer_common: Introduce internal_madvise and start using it.
A recent change to sanitizer_common caused us to issue the syscall
madvise(MADV_HUGEPAGE) during HWASAN initialization. This may lead to a
problem if madvise is instrumented (e.g. because libc is instrumented
or the user intercepted it). For example, on Android the syscall may
fail if the kernel does not support transparent hugepages, which leads
to an attempt to set errno in a HWASAN instrumented function. Avoid
this problem by introducing a syscall wrapper and using it to issue
this syscall.

Tested only on Linux; includes untested updates for the other
platforms.

Differential Revision: https://reviews.llvm.org/D85870
2020-08-13 13:09:02 -07:00
Chris Kennelly 96855125e7 [tsan] Respect no_huge_pages_for_shadow.
Disable huge pages in the TSan shadow regions when no_huge_pages_for_shadow == true (default).

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D85841
2020-08-13 15:55:23 -04:00
Dávid Bolvanský 3944d3df4f [Tests] Removed debug copy command 2020-08-13 20:21:19 +02:00
Dávid Bolvanský 50c743fa71 [BPI] Improve static heuristics for integer comparisons
Similarly as for pointers, even for integers a == b is usually false.

GCC also uses this heuristic.

Reviewed By: ebrevnov

Differential Revision: https://reviews.llvm.org/D85781
2020-08-13 19:54:27 +02:00
Rainer Orth 55e472e9da [compiler-rt][asan][test] Skipt sanitizer_common tests on Sparc
When building on `sparc64-unknown-linux-gnu`, I found that a large number
of `SanitizerCommon-asan-sparc*-Linux` tests were `FAIL`ing, like

   SanitizerCommon-asan-sparc-Linux :: Linux/aligned_alloc-alignment.cpp
  [...]
   SanitizerCommon-asan-sparcv9-Linux :: Linux/aligned_alloc-alignment.cpp
  [...]

many of them due to

  fatal error: error in backend: Function "_Z14User_OnSIGSEGViP9siginfo_tPv": over-aligned dynamic alloca not supported.

which breaks ASan on Sparc.  Currently ASan is only built for the benefit
of `gcc` where it does work.  However, when enabling the compilation in
`compiler-rt` to make certain it continues to build, I missed
`compiler-rt/test/sanitizer_common` when disabling ASan testing on Sparc
(it's not yet enabled on Solaris).

This patch fixes the issue.

Tested on `sparcv9-sun-solaris2.11` with the `sanitizer_comon` testsuite enabled.

Differential Revision: https://reviews.llvm.org/D85732
2020-08-13 10:20:52 +02:00
Ilya Leoshkevich eca4b4007d [Sanitizer] Fix segfaults during unwinding on SystemZ
Every now and then SystemZ programs built with ASan crash with

    ERROR: AddressSanitizer: stack-overflow on address 0x040000000000

for no apparent reason. The problem is that
BufferedStackTrace::UnwindFast() is specialized for SystemZ: it takes
register 14 from the frame, however, IsValidFrame() is not
specialized, and does not guarantee that frame[14] is going to be a
valid memory access.

Fix by introducing per-arch kFrameSize and using it in IsValidFrame().

Reviewed By: uweigand

Differential Revision: https://reviews.llvm.org/D85822
2020-08-12 22:24:32 +02:00
Matt Morehouse fd893bda55 Fix sigaction interceptor to always correctly populate oldact
This fixes https://bugs.llvm.org/show_bug.cgi?id=47118. Before this change, when the sigaction interceptor prevented a signal from being changed, it also prevented the oldact output parameter from being written to. This resulted in a use-of-uninitialized-variable by any program that used sigaction for the purpose of reading signals.

This change fixes this: the regular sigaction implementation is still called, but with the act parameter nullified, preventing any changes.

Patch By: IanPudney

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D85797
2020-08-12 10:11:56 -07:00
Ilya Leoshkevich f5a252ed68 [SanitizerCoverage] Use zeroext for cmp parameters on all targets
Commit 9385aaa848 ("[sancov] Fix PR33732") added zeroext to
__sanitizer_cov_trace(_const)?_cmp[1248] parameters for x86_64 only,
however, it is useful on other targets, in particular, on SystemZ: it
fixes swap-cmp.test.

Therefore, use it on all targets. This is safe: if target ABI does not
require zero extension for a particular parameter, zeroext is simply
ignored. A similar change has been implemeted as part of commit
3bc439bdff ("[MSan] Add instrumentation for SystemZ"), and there were
no problems with it.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D85689
2020-08-12 18:38:12 +02:00
Petr Hosek 31e5f7120b [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-08-11 20:22:11 -07:00
Ilya Leoshkevich 9df7ee34e1 [libFuzzer] Fix minimizing timeouts
When one tries to minimize timeouts using -minimize_crash=1,
minimization immediately fails. The following sequence of events is
responsible for this:

[parent] SIGALRM occurs
[parent] read() returns -EINTR (or -ERESTARTSYS according to strace)
[parent] fgets() returns NULL
[parent] ExecuteCommand() closes child's stdout and returns
[child ] SIGALRM occurs
[child ] AlarmCallback() attempts to write "ALARM: ..." to stdout
[child ] Dies with SIGPIPE without calling DumpCurrentUnit()
[parent] Does not see -exact_artifact_path and exits

When minimizing, the timer in parent is not necessary, so fix by not
setting it in this case.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D85359
2020-08-11 22:16:12 +02:00
Julian Lettner bfb0b853b2 [compiler-rt] XFAIL test on iOS
On iOS, when we `longjmp()` out of the signal handler, a subsequent call
to `sigaltstack()` still reports that we are executing on the signal
handler stack.
Tracking rdar://66789814

Differential Revision: https://reviews.llvm.org/D85677
2020-08-11 11:58:40 -07:00
Rainer Orth dc7630dd44 [compiler-rt][builtins] Un-xfail two tests on sparcv9
Two tests currently `XPASS` on sparcv9:

  Unexpectedly Passed Tests (2):
    Builtins-sparcv9-sunos :: compiler_rt_logbl_test.c
    Builtins-sparcv9-sunos :: divtc3_test.c

The following patch fixes this.

Tested on `sparcv9-sun-solaris2.11`.

Differential Revision: https://reviews.llvm.org/D85119
2020-08-11 15:47:17 +02:00
Rainer Orth 8144a7d8fc [compiler-rt][ubsan][test] Fix TypeCheck/misaligned.cpp on Sparc
Two ubsan tests FAIL on Sparc:

  UBSan-Standalone-sparc :: TestCases/TypeCheck/misaligned.cpp
  UBSan-Standalone-sparcv9 :: TestCases/TypeCheck/misaligned.cpp

I've reported the details in Bug 47015, but it boils down to the fact that
the `s1` subtest actually incurs a fault on strict-alignment targets like
Sparc which UBSan doesn't expect.

This can be fixed like the `w1` subtest by compiling with
`-fno-sanitize-recover=alignment`.

Tested on `sparcv9-sun-solaris2.11`, `amd64-pc-solaris2.11`, and
`x86_64-pc-linux-gnu`.

Differential Revision: https://reviews.llvm.org/D85433
2020-08-11 12:46:34 +02:00
Gui Andrade c0b5000bd8 [MSAN RT] Use __sanitizer::mem_is_zero in __msan_test_shadow
The former function is particularly optimized for exactly the
use case we're interested in: an all-zero buffer.

This reduces the overhead of calling this function some 80% or
more. This is particularly for instrumenting code heavy with
string processing functions, like grep. An invocation of grep
with the pattern '[aeiou]k[aeiou]' has its runtime reduced by
~75% with this patch

Differential Revision: https://reviews.llvm.org/D84961
2020-08-10 19:22:27 +00:00
Petr Hosek a4d78d23c5 Revert "[CMake] Simplify CMake handling for zlib"
This reverts commit ccbc1485b5 which
is still failing on the Windows MLIR bots.
2020-08-08 17:08:23 -07:00
Petr Hosek ccbc1485b5 [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-08-08 16:44:08 -07:00
Teresa Johnson bb1456decf [sanitizer] Fix comment (NFC)
As pointed out in D85387, part of the comment for MapDynamicShadow
refactored to sanitizer_common in D83247 was incorrect for non-Linux
versions. Update the comment to reflect that.
2020-08-07 16:18:18 -07:00
Gui Andrade 17ff170e3a Revert "[MSAN] Instrument libatomic load/store calls"
Problems with instrumenting atomic_load when the call has no successor,
blocking compiler roll

This reverts commit 33d239513c.
2020-08-07 19:45:51 +00:00
Oliver Stannard be8b3f0c22 [AArch64] Disable waitid.cpp test for AArch64
This test is failing intermittently on the AArch64 build bots, disable
it for now to keep the bots green while we investigate it.
2020-08-07 10:42:15 +01:00
Christian Kühnel f3cc4df51d Revert "[CMake] Simplify CMake handling for zlib"
This reverts commit 1adc494bce.
This patch broke the Windows compilation on buildbot and pre-merge testing:
http://lab.llvm.org:8011/builders/mlir-windows/builds/5945
https://buildkite.com/llvm-project/llvm-master-build/builds/780
2020-08-07 09:36:49 +02:00
Sameer Sahasrabuddhe c530539bad [AArch64][NFC] require aarch64 support for hwasan test
This was breaking builds where the target is not enabled.

Reviewed By: danielkiss, eugenis

Differential Revision: https://reviews.llvm.org/D85412
2020-08-07 09:24:52 +05:30
Evgenii Stepanov aa57cabae2 [msan] Support %ms in scanf.
Differential Revision: https://reviews.llvm.org/D85350
2020-08-06 13:54:43 -07:00
Alex Richardson 6148cca708 [compiler-rt] Fix build of Sanitizer-Test_Nolibc after D80648
Running ninja check-sanitizer fails for after that patch (commit
058f5f6fd8) with the following error:

libRTSanitizerCommon.test.nolibc.x86_64.a(sanitizer_posix.cpp.o): In
function `__sanitizer::GetNamedMappingFd(char const*, unsigned long,
int*)':
..../llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_posix.cpp:358:
undefined reference to `fcntl'
clang-12: error: linker command failed with exit code 1 (use -v to see
invocation)

This patch works around the problem by only calling fcntl if O_CLOEXEC
is not defined.

Reviewed By: plopresti

Differential Revision: https://reviews.llvm.org/D85114
2020-08-06 09:16:52 +01:00
Alex Richardson 8803ebcf3b Fix qsort() interceptor for FreeBSD
When the FreeBSD qsort() implementation recurses, it does so using an
interposable function call, so we end up calling the interceptor again
and set the saved comparator to wrapped_qsort_compar. This results in an
infinite loop and a eventually a stack overflow since wrapped_qsort_compar
ends up calling itself. This means that ASAN is completely broken on
FreeBSD for programs that call qsort(). I found this while running
check-all on a FreeBSD system a ASAN-instrumented LLVM.

Fix this by checking whether we are recursing inside qsort before writing
to qsort_compar. The same bug exists in the qsort_r interceptor, so use the
same approach there. I did not test the latter since the qsort_r function
signature does not match and therefore it's not intercepted on FreeBSD/macOS.

Fixes https://llvm.org/PR46832

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D84509
2020-08-06 09:15:56 +01:00
Petr Hosek 1adc494bce [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-08-05 16:07:11 -07:00
Matt Morehouse b0c50ef759 Revert "Add libFuzzer shared object build output"
This reverts commit 98d91aecb2 since it
breaks on platforms without libstdc++.
2020-08-05 12:11:24 -07:00
Matt Morehouse 2918727588 [libFuzzer] Do not link pthreads on Android.
Android has pthreads included in bionic and doesn't recognize -lpthread.
2020-08-05 11:17:10 -07:00
Julian Lettner 1e90bd7f84 [ASan][Darwin] Adapt test for macOS 11+ version scheme
This test depends on the versioning scheme of OSX.
2020-08-05 10:14:57 -07:00
Matt Morehouse 98d91aecb2 Add libFuzzer shared object build output
This change adds a CMake rule to produce shared object versions of
libFuzzer (no-main). Like the static library versions, these shared
libraries have a copy of libc++ statically linked in. For i386 we don't
link with libc++ since i386 does not support mixing position-
independent and non-position-independent code in the same library.

Patch By: IanPudney

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D84947
2020-08-05 09:03:22 -07:00
Hans Wennborg 3ab01550b6 Revert "[CMake] Simplify CMake handling for zlib"
This quietly disabled use of zlib on Windows even when building with
-DLLVM_ENABLE_ZLIB=FORCE_ON.

> Rather than handling zlib handling manually, use find_package from CMake
> to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
> HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
> set to YES, which requires the distributor to explicitly select whether
> zlib is enabled or not. This simplifies the CMake handling and usage in
> the rest of the tooling.
>
> This is a reland of abb0075 with all followup changes and fixes that
> should address issues that were reported in PR44780.
>
> Differential Revision: https://reviews.llvm.org/D79219

This reverts commit 10b1b4a231 and follow-ups
64d99cc6ab and
f9fec0447e.
2020-08-05 12:31:44 +02:00
Pierre Gousseau 14948a08f3 [compiler-rt] Normalize some in/out doxygen parameter in interface
headers. NFC.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D84945
2020-08-05 10:17:25 +01:00
Ilya Leoshkevich ea9b82da41 [libFuzzer] Enable for SystemZ
* Add SystemZ to the list of supported architectures.

* XFAIL a few tests.

Coverage reporting is broken, and is not easy to fix (see comment in
coverage.test). Interaction with sanitizers needs to be investigated
more thoroughly, since they appear to reduce coverage in certain cases.
2020-08-04 21:53:27 +02:00
Ilya Leoshkevich a4e537d9c4 [libFuzzer] Fix endianness issue in ForEachNonZeroByte()
The usage pattern of Bundle variable assumes the machine is little
endian, which is not the case on SystemZ. Fix by converting Bundle to
little-endian when necessary.
2020-08-04 21:53:27 +02:00
Fangrui Song e4441fc653 sanitizer_symbolizer_libcdep.cpp: Change --inlining=true to --inlines and --inlining=false to --no-inlines 2020-08-04 10:24:59 -07:00
Julian Lettner 1d7790604c [UBSan] Increase robustness of tests
These UBSan tests assert the absence of runtime errors via `count 0`,
which means "expect no output".  This fails the test unnecessarily in
some environments (e.g., iOS simulator in our case).  Alter the test to
be a bit more specific and "expect no error" instead of "expect no
output".

rdar://65503408

Differential Revision: https://reviews.llvm.org/D85155
2020-08-03 15:26:58 -07:00
Mitch Phillips 9a05fa10bd [HWASan] [GlobalISel] Add +tagged-globals backend feature for GlobalISel
GlobalISel is the default ISel for aarch64 at -O0. Prior to D78465, GlobalISel
didn't have support for dealing with address-of-global lowerings, so it fell
back to SelectionDAGISel.

HWASan Globals require special handling, as they contain the pointer tag in the
top 16-bits, and are thus outside the code model. We need to generate a `movk`
in the instruction sequence with a G3 relocation to ensure the bits are
relocated properly. This is implemented in SelectionDAGISel, this patch does
the same for GlobalISel.

GlobalISel and SelectionDAGISel differ in their lowering sequence, so there are
differences in the final instruction sequence, explained in
`tagged-globals.ll`. Both of these implementations are correct, but GlobalISel
is slightly larger code size / slightly slower (by a couple of arithmetic
instructions). I don't see this as a problem for now as GlobalISel is only on
by default at `-O0`.

Reviewed By: aemerson, arsenm

Differential Revision: https://reviews.llvm.org/D82615
2020-08-03 14:28:44 -07:00
Hiroshi Yamauchi f78f509c75 [PGO] Extend the value profile buckets for mem op sizes.
Extend the memop value profile buckets to be more flexible (could accommodate a
mix of individual values and ranges) and to cover more value ranges (from 11 to
22 buckets).

Disabled behind a flag (to be enabled separately) and the existing code to be
removed later.

Differential Revision: https://reviews.llvm.org/D81682
2020-08-03 11:04:32 -07:00
Rainer Orth 39494d9c21 [compiler-rt][profile] Fix various InstrProf tests on Solaris
Currently, several InstrProf tests `FAIL` on Solaris (both sparc and x86):

  Profile-i386 :: Posix/instrprof-visibility.cpp
  Profile-i386 :: instrprof-merging.cpp
  Profile-i386 :: instrprof-set-file-object-merging.c
  Profile-i386 :: instrprof-set-file-object.c

On sparc there's also

  Profile-sparc :: coverage_comments.cpp

The failure mode is always the same:

  error: /var/llvm/local-amd64/projects/compiler-rt/test/profile/Profile-i386/Posix/Output/instrprof-visibility.cpp.tmp: Failed to load coverage: Malformed coverage data

The error is from `llvm/lib/ProfileData/Coverage/CoverageMappingReader.cpp`
(`loadBinaryFormat`), l.926:

  InstrProfSymtab ProfileNames;
  std::vector<SectionRef> NamesSectionRefs = *NamesSection;
  if (NamesSectionRefs.size() != 1)
    return make_error<CoverageMapError>(coveragemap_error::malformed);

where .size() is 2 instead.

Looking at the executable, I find (with `elfdump -c -N __llvm_prf_names`):

  Section Header[15]:  sh_name: __llvm_prf_names
      sh_addr:      0x8053ca5       sh_flags:   [ SHF_ALLOC ]
      sh_size:      0x86            sh_type:    [ SHT_PROGBITS ]
      sh_offset:    0x3ca5          sh_entsize: 0
      sh_link:      0               sh_info:    0
      sh_addralign: 0x1

  Section Header[31]:  sh_name: __llvm_prf_names
      sh_addr:      0x8069998       sh_flags:   [ SHF_WRITE SHF_ALLOC ]
      sh_size:      0               sh_type:    [ SHT_PROGBITS ]
      sh_offset:    0x9998          sh_entsize: 0
      sh_link:      0               sh_info:    0
      sh_addralign: 0x1

Unlike GNU `ld` (which primarily operates on section names) the Solaris
linker, following the ELF spirit, only merges input sections into an output
section if both section name and section flags match, so two separate
sections are maintained.

The read-write one comes from `lib/clang/12.0.0/lib/sunos/libclang_rt.profile-i386.a(InstrProfilingPlatformLinux.c.o)`
while the read-only one is generated by
`llvm/lib/Transforms/Instrumentation/InstrProfiling.cpp` (`InstrProfiling::emitNameData`)
at l.1004 where `isConstant = true`.

The easiest way to avoid the mismatch is to change the definition in
`compiler-rt/lib/profile/InstrProfilingPlatformLinux.c` to `const`.

This fixes all failures observed.

Tested on `amd64-pc-solaris2.11`, `sparcv9-sun-solaris2.11`, and
`x86_64-pc-linux-gnu`.

Differential Revision: https://reviews.llvm.org/D85116
2020-08-03 19:56:05 +02:00
Fangrui Song 317e00dc54 [PGO] Change a `NumVSites == 0` workaround to assert
The root cause was fixed by 3d6f53018f.
The workaround added in 99ad956fda can be changed
to an assert now. (In case the fix regresses, there will be a heap-use-after-free.)
2020-08-03 10:14:03 -07:00
Alex Richardson 03affa8099 [msan] Compile the libatomic.c test with a C compiler
Otherwise we end up compiling in C++ mode and on FreeBSD
/usr/include/stdatomic.h is not compatible with C++ since it uses _Bool.

Reviewed By: guiand, eugenis, vitalybuka, emaste

Differential Revision: https://reviews.llvm.org/D84510
2020-08-03 10:51:35 +01:00
Alex Richardson 895878f456 [asan][tsan] Mark tests failing with debug checks as XFAIL
See https://llvm.org/PR46862. This does not fix the underlying issue but at
least it allows me to run check-all again without having to disable
building compiler-rt.

Reviewed By: #sanitizers, vitalybuka

Differential Revision: https://reviews.llvm.org/D84650
2020-08-03 10:51:35 +01:00
Evgenii Stepanov dc3388b020 [msan] Respect no_huge_pages_for_shadow.
Disable huge pages in the MSan shadow region when
no_huge_pages_for_shadow == true (default).

Differential Revision: https://reviews.llvm.org/D85061
2020-08-01 16:59:51 -07:00
Julian Lettner ff756f5231 [compiler-rt][Darwin] Fix linker errors for check-asan
A recent change broke `ninja check-asan` on Darwin by causing an error
during linking of ASan unit tests [1].

Move the addition of `-ObjC` compiler flag outside of the new
`if(COMPILER_RT_STANDALONE_BUILD)` block.  It doesn't add any global
flags (e.g, `${CMAKE_CXX_FLAGS}`) and the decision to add is based
solely on source paths (`${source_rpath}`).

[1] 8b2fcc42b8, https://reviews.llvm.org/D84466

Differential Revision: https://reviews.llvm.org/D85057
2020-07-31 16:43:21 -07:00
Julian Lettner 43bf902c2e [compiler-rt][Darwin] Fix GetOSMajorKernelOffset() on watchOS
`TARGET_OS_IOS` and `TARGET_OS_WATCH` are not mutually exclusive.
`SANITIZER_IOS` is defined for all embedded platforms.  So the branch
for watchOS is never taken.  We could fix this by switching the order
of the branches (but the reason for doing so is non-obvious).  Instead,
lets use the Darwin-specific `TARGET_OS_*` macros which are mutually
exclusive.
2020-07-31 11:47:09 -07:00
Keith Randall 6c75db8b4b Disable getauxval for Go
We want the Go build to not use getauxval, as we must support glibc < 2.16 platforms.

Reviewed By: dvyukov

Differential Revision: https://reviews.llvm.org/D84859
2020-07-31 10:13:03 -07:00
Nemanja Ivanovic acb3b8dce1 [Sanitizers] Fix lint failure with Python 3.6
There are some files in compiler-rt that use UTF-8 characters in some of the
comments. This causes lint failures with some versions of Python. This patch
just makes the encoding explicit in the call to open.
2020-07-31 06:20:49 -05:00
Vedant Kumar 896f797b8b [profile] Remove dependence on getpagesize from InstrProfilingBuffer.c.o
InstrProfilingBuffer.c.o is generic code that must support compilation
into freestanding projects. This gets rid of its dependence on the
_getpagesize symbol from libc, shifting it to InstrProfilingFile.c.o.

This fixes a build failure seen in a firmware project.

rdar://66249701
2020-07-30 16:22:40 -07:00
Peiyuan Song 14c1b40174 [compiler-rt] [profile] fix profile generate for mingw x86_64
Differential Revision: https://reviews.llvm.org/D84757
2020-07-30 23:37:33 +03:00
Kuba Mracek 1e8a9c3e02 [tsan] Fixup for 1260a155: Move variadic-open.cpp test into Darwin/ directory 2020-07-30 09:32:51 -07:00
Hiroshi Yamauchi 3d6f53018f [PGO] Include the mem ops into the function hash.
To avoid hash collisions when the only difference is in mem ops.
2020-07-30 09:26:20 -07:00
Kuba Mracek 1260a155c3 [tsan] Fix the open and open64 interceptors to have correct declarations (variadic functions)
Not matching the (real) variadic declaration makes the interceptor take garbage inputs on Darwin/AArch64.

Differential Revision: https://reviews.llvm.org/D84570
2020-07-30 09:00:47 -07:00
Rainer Orth bbe5099207 [compiler-rt][cmake] Simplify COMPILER_RT_HAS_VERSION_SCRIPT tests
As requested in the review, this patch removes the additional conditions in
the `COMPILER_RT_HAS_VERSION_SCRIPT` tests.

Tested on `amd64-pc-solaris2.11` and `x86_64-pc-linux-gnu`.

Differential Revision: https://reviews.llvm.org/D84559
2020-07-30 10:27:36 +02:00
Vedant Kumar 618a0c0d3b [profile] Add InstrProfilingInternal.c.o to Darwin kext builtins
Fixes a build failure in the Darwin kernel. Tested with:

% nm -m ./lib/libclang_rt.cc_kext_x86_64_osx.a | grep lprofSetProfileDumped

rdar://66249602
2020-07-29 17:23:28 -07:00
Julian Lettner 44e7d44997 [Darwin][compiler-rt] kern.osproductversion unavailable pre macOS 10.13
Add a fallback for `sysctl kern.osproductversion` for XNU 17 (macOS
10.13) and below, which do not provide this property.

Unfortunately, this means we have to take the detour via Darwin kernel
version again (at least for the fallback).

Reviewed By: delcypher

Differential Revision: https://reviews.llvm.org/D84892
2020-07-29 17:18:10 -07:00
Matt Morehouse 005991a3fe [DFSan] Remove dfsan_use_fast16labels from abilist.
Its implementation was scrapped in the final fast16labels
instrumentation patch.
2020-07-29 23:18:07 +00:00
Francis Visoiu Mistrih 926c14798d Revert "build: always add support for assembly targets on Darwin"
This reverts commit d8e8e32d85.

This breaks the build on GreenDragon:
http://green.lab.llvm.org/green/job/clang-stage1-RA/13171/console
2020-07-29 15:41:04 -07:00
Alex Lorenz dc22182d1f [darwin] build and link with a separate compiler-rt builtins library
for device simulators

This change separates out the iOS/tvOS/watchOS simulator slices from the "libclang_rt.<os>.a"
fat archive, by moving them out to their own "libclang_rt.<os>sim.a" static archive.
This allows us to build and to link with an arm64 device simulator slice for the simulators running
on Apple Silicons, and to distribute it in one archive alongside the Intel simulator slices.

Differential Revision: https://reviews.llvm.org/D84564
2020-07-29 15:32:30 -07:00
Hiroshi Yamauchi ae7589e1f1 Revert "[PGO] Include the mem ops into the function hash."
This reverts commit 120e66b341.

Due to a buildbot failure.
2020-07-29 15:04:57 -07:00
Saleem Abdulrasool d8e8e32d85 build: always add support for assembly targets on Darwin
When attempting to build compiler-rt on a developer transition kit, the
build would fail due to `.S` files not being handled properly by the
Ninja generator.  Rather than conditionalising on Xcode, conditionalise
to Darwin.  Because we know that the system compiler is clang based, it
will always properly handle the pre-processing based on the extension.

Differential Revision: https://reviews.llvm.org/D84333
2020-07-29 14:01:02 -07:00
Hiroshi Yamauchi 120e66b341 [PGO] Include the mem ops into the function hash.
To avoid hash collisions when the only difference is in mem ops.

Differential Revision: https://reviews.llvm.org/D84782
2020-07-29 13:59:40 -07:00
Matt Morehouse e2d0b44a7c [DFSan] Add efficient fast16labels instrumentation mode.
Adds the -fast-16-labels flag, which enables efficient instrumentation
for DFSan when the user needs <=16 labels.  The instrumentation
eliminates most branches and most calls to __dfsan_union or
__dfsan_union_load.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D84371
2020-07-29 18:58:47 +00:00
Julian Lettner 7e946d0c82 [compiler-rt][Darwin] Disable EXC_GUARD exceptions
ASan/TSan use mmap in a way that creates “deallocation gaps” which
triggers EXC_GUARD exceptions on macOS 10.15+ (XNU 19.0+).  Let's
suppress those.
2020-07-29 11:21:25 -07:00
Kostya Serebryany 58743040ff Add more debug code for https://github.com/google/sanitizers/issues/1193 (getting desperate, not being able to reproduce it for a few months, but the users are seeing it)
mode debug code

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D84819
2020-07-29 11:13:11 -07:00
Arthur Eubanks e7196bdf81 [Scudo][CMake] Add -fno-lto to Scudo libraries
-fno-lto is in SANITIZER_COMMON_CFLAGS but not here.
Don't use SANITIZER_COMMON_CFLAGS because of performance issues.
See https://bugs.llvm.org/show_bug.cgi?id=46838.

Fixes
$ ninja TScudoCUnitTest-i386-Test
on an LLVM build with -DLLVM_ENABLE_LTO=Thin.
check-scudo now passes.

Reviewed By: cryptoad

Differential Revision: https://reviews.llvm.org/D84805
2020-07-29 10:24:06 -07:00
Stephan Bergmann 2ead4fca79 Test including rpc/xdr.h requires sunrpc
...which is set based on HAVE_RPC_XDR_H.  At least Fedora 32 does not have a
/usr/include/rpc/xdr.h, so failed this test introduced with
<https://reviews.llvm.org/D83358> "[Sanitizers] Add interceptor for
xdrrec_create".

Differential Revision: https://reviews.llvm.org/D84740
2020-07-29 08:20:20 +02:00
Christopher Ferris f14472a2e3 [scudo][standalone] Add new mallopt options.
This adds the code to support calling mallopt and converting the
options to the internal Option enum.

Reviewed By: cryptoad

Differential Revision: https://reviews.llvm.org/D84806
2020-07-28 16:28:16 -07:00
Zequan Wu b46176bbb0 Reland [Coverage] Add comment to skipped regions
Bug filled here: https://bugs.llvm.org/show_bug.cgi?id=45757.
Add comment to skipped regions so we don't track execution count for lines containing only comments.

Differential Revision: https://reviews.llvm.org/D83592
2020-07-28 13:20:57 -07:00
Ahsan Saghir 811828a01d [PowerPC] Mark allocator_oom_test.cpp unsupported on PowerPC
This patch marks compiler-rt/test/asan/TestCases/Linux/allocator_oom_test.cpp
unsupported on PowerPC 64bit-LE architecture since this test fails when run
on a machine with larger system memory.

Reviewed By: #powerpc, nemanjai

Differential Revision: https://reviews.llvm.org/D84786
2020-07-28 14:22:33 -05:00
Kostya Kortchinsky 6f00f3b56e [scudo][standalone] mallopt runtime configuration options
Summary:
Partners have requested the ability to configure more parts of Scudo
at runtime, notably the Secondary cache options (maximum number of
blocks cached, maximum size) as well as the TSD registry options
(the maximum number of TSDs in use).

This CL adds a few more Scudo specific `mallopt` parameters that are
passed down to the various subcomponents of the Combined allocator.

- `M_CACHE_COUNT_MAX`: sets the maximum number of Secondary cached items
- `M_CACHE_SIZE_MAX`: sets the maximum size of a cacheable item in the Secondary
- `M_TSDS_COUNT_MAX`: sets the maximum number of TSDs that can be used (Shared Registry only)

Regarding the TSDs maximum count, this is a one way option, only
allowing to increase the count.

In order to allow for this, I rearranged the code to have some `setOption`
member function to the relevant classes, using the `scudo::Option` class
enum to determine what is to be set.

This also fixes an issue where a static variable (`Ready`) was used in
templated functions without being set back to `false` every time.

Reviewers: pcc, eugenis, hctim, cferris

Subscribers: jfb, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84667
2020-07-28 11:57:54 -07:00
Julian Lettner 12f27fc4b5 [Darwin] Cleanup code via improved GetMacosAlignedVersion()
Checking the OS version via `GetMacosAlignedVersion()` now works in
simulators [1].  Let's use it to simplify `DyldNeedsEnvVariable()`.

[1] 3fb0de8207

Reviewed By: delcypher

Differential Revision: https://reviews.llvm.org/D81197
2020-07-28 09:48:34 -07:00
Julian Lettner 3fb0de8207 [Darwin] Fix OS version checks inside simulators
compiler-rt checks OS versions by querying the Darwin kernel version.
This is not necessarily correct inside the simulators if the simulator
runtime is not aligned with the host macOS.  Let's instead check the
`SIMULATOR_RUNTIME_VERSION` env var.

rdar://63031937

Reviewed By: delcypher

Differential Revision: https://reviews.llvm.org/D83977
2020-07-28 09:27:48 -07:00
Arthur Eubanks 8b2fcc42b8 [CompilerRT] Don't pass global compile test flags in non-standalone build
In a build with -DLLVM_ENABLE_LTO=Thin:

$ ninja TSanitizer-x86_64-Test-Nolibc
[1/1] Generating Sanitizer-x86_64-Test-Nolibc
FAILED: projects/compiler-rt/lib/sanitizer_common/tests/Sanitizer-x86_64-Test-Nolibc
sanitizer_nolibc_test_main.x86_64.o: file not recognized: file format not recognized

because -flto=thin is getting passed to the clang_compile step.

For non-standalone builds, global compilation flags shouldn't be passed to compiler-rt tests, only the flags the test specifies.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D84466
2020-07-28 09:26:14 -07:00
Rainer Orth 443e734fb9 [compiler-rt][cmake] Don't pass --version-script to Illumos ld
Neither the Illumos `ld` nor the Solaris 11.3 one support the `--version-script` and
`z gnu-linker-script-compat` options, which breaks the `compiler-rt` build.

This patch checks for both options instead of hardcoding their use.

Tested on `amd-pc-solaris2.11` (all of Solaris 11.4, 11.3, and Illumos).

Differential Revision: https://reviews.llvm.org/D84559
2020-07-28 13:21:36 +02:00
Hans Wennborg 7e8d5a90f2 Avoid use of std::make_unique in compiler-rt/lib/scudo/standalone/tests/combined_test.cpp
make_unique is a C++14 feature, and this prevents us from building on
Ubuntu Trusty. While we do use a C++14 compatible toolchain for building
in general, we fall back to the system toolchain for building the
compiler-rt tests.

The reason is that those tests get cross-compiled for e.g. 32-bit and
64-bit x86, and while the toolchain provides libstdc++ in those
flavours, the resulting compiler-rt test binaries don't get RPATH set
and so won't start if they're linked with that toolchain.

We've tried linking the test binaries against libstdc++ statically, by
passing COMPILER_RT_TEST_COMPILER_CFLAGS=-static-libstdc++. That mostly
works, but some test targets append -lstdc++ to the compiler invocation.

So, after spending way too much time on this, let's just avoid C++14
here for now.
2020-07-28 12:33:51 +02:00
Sergej Jaskiewicz a566e61620 Reland "[compiler-rt] [test] Allow expanding lit substitutions recursively"
The commit 8372d50508 has been reverted
(eafeb8af34) because it broke asan
tests on green dragon buildbots.

The underlying issue has been fixed in 4dd5c2bee3.
2020-07-27 23:43:50 +03:00
Matt Morehouse 34ddf0b2b0 Replace fuzzer::FuzzerDriver's INTERFACE marking with new LLVMRunFuzzerDriver.
This adds a new extern "C" function that serves the same purpose. This removes the need for external users to depend on internal headers in order to use this feature. It also standardizes the interface in a way that other fuzzing engines will be able to match.

Patch By: IanPudney

Reviewed By: kcc

Differential Revision: https://reviews.llvm.org/D84561
2020-07-27 18:38:04 +00:00
Dokyung Song b52b2e1c18 Recommit "[libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given."
Summary: This patch disables implicit builtin knowledge about memcmp-like functions when compiling the program for fuzzing, i.e., when -fsanitize=fuzzer(-no-link) is given. This allows libFuzzer to always intercept memcmp-like functions as it effectively disables optimizing calls to such functions into different forms. This is done by adding a set of flags (-fno-builtin-memcmp and others) in the clang driver. Individual -fno-builtin-* flags previously used in several libFuzzer tests are now removed, as it is now done automatically in the clang driver.

The patch was once reverted in 8ef9e2bf35, as this patch was dependent on a reverted commit f78d9fceea. This reverted commit was recommitted in 831ae45e3d, so relanding this dependent patch too.

Reviewers: morehouse, hctim

Subscribers: cfe-commits, #sanitizers

Tags: #clang, #sanitizers

Differential Revision: https://reviews.llvm.org/D83987
2020-07-27 18:27:49 +00:00
Mitch Phillips d19af2f247 [GWP-ASan] Crash handler API returns sizeof(collected trace)
Summary:
Fix up a slight bug with the crash handler API, where we say that we
return the size of the collected trace (instead of the size of the trace
that's returned) when the return buffer is too small, and the result is
truncated.

Also, as a result, patch up a small uninitialized memory bug.

Reviewers: morehouse, eugenis

Reviewed By: eugenis

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84652
2020-07-27 10:51:55 -07:00
Mitch Phillips 005eee8b3e [GWP-ASan] Fix uninitialized memory use in sigaction.
Fix up a small bug where we used a partially-uninitialized sigaction
struct in the optional signal handler. Shouldn't be a user-visible
change.
2020-07-27 05:53:27 -07:00
Hans Wennborg 102997cd0e Speculative build fix for scudo/standalone/tests/combined_test.cpp 2020-07-27 13:35:35 +02:00
Alex Richardson 98b61112c3 [asan] Mark the strstr test as UNSUPPORTED on FreeBSD
Like Android, FreeBSDs libc calls memchr which causes this test to fail.

Reviewed By: emaste

Differential Revision: https://reviews.llvm.org/D84541
2020-07-26 11:37:47 +01:00
Jinsong Ji 3554cf4f38 [compiler-rt][CMake] Remove unused -stdlib when passing -nostdinc++
We added -nostdinc++ to clang_rt.profile in https://reviews.llvm.org/D84205.
This will cause warnings when building with LLVM_ENABLE_LIBCXX,
and failure if with Werror on.

This patch is to fix it by removing unused -stdlib,
similar to what we have done in https://reviews.llvm.org/D42238.

Reviewed By: phosek

Differential Revision: https://reviews.llvm.org/D84543
2020-07-24 21:04:40 +00:00
Jon Roelofs 4dc3014c51 [compiler-rt][fuzzer] Disable bcmp.test on darwin
It broke one of the buildbots:

http://lab.llvm.org:8080/green/job/clang-stage1-RA/13026/console
2020-07-24 14:54:17 -06:00
Kostya Kortchinsky 998334da2b [scudo][standalone] Change the release loop for efficiency purposes
Summary:
On 32-b, the release algo loops multiple times over the freelist for a size
class, which lead to a decrease in performance when there were a lot of free
blocks.

This changes the release functions to loop only once over the freelist, at the
cost of using a little bit more memory for the release process: instead of
working on one region at a time, we pass the whole memory area covered by all
the regions for a given size class, and work on sub-areas of `RegionSize` in
this large area. For 64-b, we just have 1 sub-area encompassing the whole
region. Of course, not all the sub-areas within that large memory area will
belong to the class id we are working on, but those will just be left untouched
(which will not add to the RSS during the release process).

Reviewers: pcc, cferris, hctim, eugenis

Subscribers: llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83993
2020-07-24 10:35:49 -07:00
Dokyung Song 8a4878cc11 [libFuzzer] Disable noasan-memcmp64.test and bcmp.test on Windows.
Summary: This patch disables (i) noasan-memcmp64.test on Windows as libFuzzer's interceptors are only supported on Linux for now, and (ii) bcmp.test as on Windows bcmp is not available in strings.h.

Reviewers: morehouse, hctim, kcc

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84536
2020-07-24 16:40:11 +00:00
Fangrui Song f7ffb122d0 [libFuzzer] Instrument bcmp
If we define memcmp in an archive, bcmp should be defined as well (many libc
define bcmp/memcmp in one object file).  Otherwise if the application calls bcmp
or strcmp which gets optimized to bcmp (SimplifyLibCalls), the undefined
reference may pull in an optimized bcmp/strcmp implementation (libc replacement)
later on the linker command line.  If both libFuzzer's memcmp and the optimized
memcmp are strong => there will be a multiple definition error.
2020-07-24 00:24:46 -07:00
Petr Hosek 10b1b4a231 [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-07-23 23:05:36 -07:00
Mitch Phillips 540b92147d Revert "[libFuzzer] Expose fuzzer::FuzzerDriver()"
This reverts commit 22a376e73b.
2020-07-23 17:07:55 -07:00
Dokyung Song 45482367ea [libFuzzer] Add a missing include_directories.
Summary: FuzzerInterceptors.cpp includes <sanitizer/common_interface_defs.h>, and this patch adds a missing include_directories to make sure the included file is found.

Reviewers: morehouse, hctim, dmajor

Subscribers: mgorny, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84474
2020-07-23 23:52:00 +00:00
Petr Hosek 38c71b7c85 Revert "[CMake] Simplify CMake handling for zlib"
This reverts commit 1d09ecf361 since
it breaks sanitizer bots.
2020-07-23 15:12:42 -07:00
Peter Collingbourne b83417aa7e scudo: Interleave odd and even tags for adjacent blocks.
This guarantees that we will detect a buffer overflow or underflow
that overwrites an adjacent block. This spatial guarantee is similar
to the temporal guarantee that we provide for immediate use-after-free.

Enabling odd/even tags involves a tradeoff between use-after-free
detection and buffer overflow detection. Odd/even tags make it more
likely for buffer overflows to be detected by increasing the size of
the guaranteed "red zone" around the allocation, but on the other
hand use-after-free is less likely to be detected because the tag
space for any particular chunk is cut in half. Therefore we introduce
a tuning setting to control whether odd/even tags are enabled.

Differential Revision: https://reviews.llvm.org/D84361
2020-07-23 15:09:13 -07:00
Petr Hosek 1d09ecf361 [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-07-23 14:47:25 -07:00
Matt Morehouse c6f2142428 Reland "[DFSan] Handle fast16labels for all API functions."
Support fast16labels in `dfsan_has_label`, and print an error for all
other API functions.  For `dfsan_dump_labels` we return silently rather
than crashing since it is also called from the atexit handler where it
is undefined behavior to call exit() again.

Reviewed By: kcc

Differential Revision: https://reviews.llvm.org/D84215
2020-07-23 21:19:39 +00:00
Peter Collingbourne 9b2164063f scudo: Remove some boilerplate from the combined allocator tests. NFCI.
Differential Revision: https://reviews.llvm.org/D84454
2020-07-23 12:21:56 -07:00
Mitch Phillips 22a376e73b [libFuzzer] Expose fuzzer::FuzzerDriver()
Summary:
Allows other-language libFuzzer derivatives to invoke the driver.

Patch By: Ian Eldred Pudney <ipudney@google.com>

Reviewers: morehouse, kcc

Reviewed By: morehouse

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84425
2020-07-23 12:08:14 -07:00
Matt Morehouse df441c9015 Revert "[DFSan] Handle fast16labels for all API functions."
This reverts commit 19d9c0397e due to
buildbot failure.
2020-07-23 17:49:55 +00:00
Dokyung Song 769dab207e [libFuzzer] Disable interceptor tests on non-Linux platforms.
Summary: libFuzzer's interceptor support added in 831ae45e3d currently only works on Linux. This patch disables the test cases added as part of that commit on non-Linux platforms.

Reviewers: morehouse, hctim

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84434
2020-07-23 17:13:44 +00:00
Gui Andrade 0edc135099 [MSAN] Mark libatomic test unsupported on PowerPC 2020-07-23 16:32:00 +00:00
Dokyung Song 831ae45e3d Recommit "[libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked."
Summary: libFuzzer intercepts certain library functions such as memcmp/strcmp by defining weak hooks. Weak hooks, however, are called only when other runtimes such as ASan is linked. This patch defines libFuzzer's own interceptors, which is linked into the libFuzzer executable when other runtimes are not linked, i.e., when -fsanitize=fuzzer is given, but not others.

The patch once landed but was reverted in 8ef9e2bf35 due to an assertion failure caused by calling an intercepted function, strncmp, while initializing the interceptors in fuzzerInit(). This issue is now fixed by calling libFuzzer's own implementation of library functions (i.e., internal_*) when the fuzzer has not been initialized yet, instead of recursively calling fuzzerInit() again.

Reviewers: kcc, morehouse, hctim

Subscribers: #sanitizers, krytarowski, mgorny, cfe-commits

Tags: #clang, #sanitizers

Differential Revision: https://reviews.llvm.org/D83494
2020-07-23 15:59:07 +00:00
Matt Morehouse 84980b1395 [DFSan] Print more debugging info on test failure. 2020-07-23 15:47:56 +00:00
Rainer Orth 55c0f12a86 [compiler-rt][sanitizers] Fix Solaris madvise declaration
A last-minute silent change in  D84046 <https://reviews.llvm.org/D84046> broke the Solaris buildbots (Solaris/sparcv9 <http://lab.llvm.org:8014/builders/clang-solaris11-sparcv9/builds/6772>, Solaris/amd64 <http://lab.llvm.org:8014/builders/clang-solaris11-amd64/builds/5434>):

  [2/3679] Building CXX object projects/compiler-rt/lib/sanitizer_common/CMakeFiles/RTSanitizerCommonLibc.sparc.dir/sanitizer_posix_libcdep.cpp.o
  FAILED: projects/compiler-rt/lib/sanitizer_common/CMakeFiles/RTSanitizerCommonLibc.sparc.dir/sanitizer_posix_libcdep.cpp.o
  /opt/llvm-buildbot/bin/c++  -DHAVE_RPC_XDR_H=1 -D_DEBUG -D_FILE_OFFSET_BITS=64 -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -Iprojects/compiler-rt/lib/sanitizer_common -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/sanitizer_common -Iinclude -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/llvm/include -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/llvm/include/llvm/Support/Solaris -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/sanitizer_common/.. -fPIC -fvisibility-inlines-hidden -Werror=date-time -Wall -Wextra -Wno-unused-parameter -Wwrite-strings -Wcast-qual -Wno-missing-field-initializers -pedantic -Wno-long-long -Wimplicit-fallthrough -Wno-maybe-uninitialized -Wno-noexcept-type -Wdelete-non-virtual-dtor -Wno-comment -fdiagnostics-color -ffunction-sections -fdata-sections -Wall -std=c++14 -Wno-unused-parameter -O3     -m32 -fPIC -fno-builtin -fno-exceptions -fomit-frame-pointer -funwind-tables -fno-stack-protector -fvisibility=hidden -fno-lto -O3 -g -Wno-variadic-macros -Wno-non-virtual-dtor -fno-rtti -Wframe-larger-than=570 -UNDEBUG -std=c++14 -MD -MT projects/compiler-rt/lib/sanitizer_common/CMakeFiles/RTSanitizerCommonLibc.sparc.dir/sanitizer_posix_libcdep.cpp.o -MF projects/compiler-rt/lib/sanitizer_common/CMakeFiles/RTSanitizerCommonLibc.sparc.dir/sanitizer_posix_libcdep.cpp.o.d -o projects/compiler-rt/lib/sanitizer_common/CMakeFiles/RTSanitizerCommonLibc.sparc.dir/sanitizer_posix_libcdep.cpp.o -c /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp
  /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp:50:16: error: conflicting declaration of C function ‘int madvise(caddr_t, std::size_t, int)’
   extern "C" int madvise(caddr_t, size_t, int);
                  ^~~~~~~
  In file included from /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp:32:0:
  /usr/include/sys/mman.h:232:12: note: previous declaration ‘int madvise(void*, std::size_t, int)’
   extern int madvise(void *, size_t, int);
              ^~~~~~~

This patch undoes that change.

Tested on `amd64-pc-solaris2.11` (Solaris 11.4 and OpenIndiana).

Differential Revision: https://reviews.llvm.org/D84388
2020-07-23 09:37:14 +02:00
Fangrui Song 99ad956fda [PGO] Don't call calloc(0, sizeof(ValueProfNode *))
A malloc implementation may return a pointer to some allocated space.  It is
undefined for libclang_rt.profile- to access the object - which actually happens
in instrumentTargetValueImpl, where ValueCounters[CounterIndex] may access a
ValueProfNode (from another allocated object) and crashes when the code accesses
the object referenced by CurVNode->Next.
2020-07-22 18:49:25 -07:00
Logan Smith 77e0e9e17d Reapply "Try enabling -Wsuggest-override again, using add_compile_options instead of add_compile_definitions for disabling it in unittests/ directories."
add_compile_options is more sensitive to its location in the file than add_definitions--it only takes effect for sources that are added after it. This updated patch ensures that the add_compile_options is done before adding any source files that depend on it.

Using add_definitions caused the flag to be passed to rc.exe on Windows and thus broke Windows builds.
2020-07-22 17:50:19 -07:00
Matt Morehouse 19d9c0397e [DFSan] Handle fast16labels for all API functions.
Summary:
Support fast16labels in `dfsan_has_label`, and print an error for all
other API functions.

Reviewers: kcc, vitalybuka, pcc

Reviewed By: kcc

Subscribers: jfb, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84215
2020-07-22 23:54:26 +00:00
Fangrui Song 27650ec554 Revert D81682 "[PGO] Extend the value profile buckets for mem op sizes."
This reverts commit 4a539faf74.

There is a __llvm_profile_instrument_range related crash in PGO-instrumented clang:

```
(gdb) bt
llvm::ConstantRange const&, llvm::APInt const&, unsigned int, bool) ()
llvm::ScalarEvolution::getRangeForAffineAR(llvm::SCEV const*, llvm::SCEV
const*, llvm::SCEV const*, unsigned int) ()
```

(The body of __llvm_profile_instrument_range is inlined, so we can only find__llvm_profile_instrument_target in the trace)

```
 23│    0x000055555dba0961 <+65>:    nopw   %cs:0x0(%rax,%rax,1)
 24│    0x000055555dba096b <+75>:    nopl   0x0(%rax,%rax,1)
 25│    0x000055555dba0970 <+80>:    mov    %rsi,%rbx
 26│    0x000055555dba0973 <+83>:    mov    0x8(%rsi),%rsi  # %rsi=-1 -> SIGSEGV
 27│    0x000055555dba0977 <+87>:    cmp    %r15,(%rbx)
 28│    0x000055555dba097a <+90>:    je     0x55555dba0a76 <__llvm_profile_instrument_target+342>
```
2020-07-22 16:08:25 -07:00
Logan Smith 97a0f80c46 Revert "Try enabling -Wsuggest-override again, using add_compile_options instead of add_compile_definitions for disabling it in unittests/ directories."
This reverts commit 388c9fb1af.
2020-07-22 15:07:01 -07:00
Logan Smith 388c9fb1af Try enabling -Wsuggest-override again, using add_compile_options instead of add_compile_definitions for disabling it in unittests/ directories.
Using add_compile_definitions caused the flag to be passed to rc.exe on Windows and thus broke Windows builds.
2020-07-22 14:19:34 -07:00
Andrew Grieve a305d25029 asan_device_setup's wrapper scripts not handling args with spaces correctly
Summary: Came up in Chromium: https://bugs.chromium.org/p/chromium/issues/detail?id=1103108#c21

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84237
2020-07-22 12:55:28 -07:00
Louis Dionne afa1afd410 [CMake] Bump CMake minimum version to 3.13.4
This upgrade should be friction-less because we've already been ensuring
that CMake >= 3.13.4 is used.

This is part of the effort discussed on llvm-dev here:

  http://lists.llvm.org/pipermail/llvm-dev/2020-April/140578.html

Differential Revision: https://reviews.llvm.org/D78648
2020-07-22 14:25:07 -04:00
Hans Wennborg 3eec657825 Revert "Enable -Wsuggest-override in the LLVM build" and the follow-ups.
After lots of follow-up fixes, there are still problems, such as
-Wno-suggest-override getting passed to the Windows Resource Compiler
because it was added with add_definitions in the CMake file.

Rather than piling on another fix, let's revert so this can be re-landed
when there's a proper fix.

This reverts commit 21c0b4c1e8.
This reverts commit 81d68ad27b.
This reverts commit a361aa5249.
This reverts commit fa42b7cf29.
This reverts commit 955f87f947.
This reverts commit 8b16e45f66.
This reverts commit 308a127a38.
This reverts commit 274b6b0c7a.
This reverts commit 1c7037a2a5.
2020-07-22 20:23:58 +02:00
Gui Andrade f93b55a5ab [Sanitizers] Add interceptor for xdrrec_create
For now, xdrrec_create is only intercepted Linux as its signature
is different on Solaris.

The method of intercepting xdrrec_create isn't super ideal but I
couldn't think of a way around it: Using an AddrHashMap combined
with wrapping the userdata field.

We can't just allocate a handle on the heap in xdrrec_create and leave
it at that, since there'd be no way to free it later. This is because it
doesn't seem to be possible to access handle from the XDR struct, which
is the only argument to xdr_destroy.
On the other hand, the callbacks don't have a way to get at the
x_private field of XDR, which is what I chose for the HashMap key. So we
need to wrap the handle parameter of the callbacks. But we can't just
pass x_private as handle (as it hasn't been set yet). We can't put the
wrapper struct into the HashMap and pass its pointer as handle, as the
key we need (x_private again) hasn't been set yet.

So I allocate the wrapper struct on the heap, pass its pointer as
handle, and put it into the HashMap so xdr_destroy can find it later and
destroy it.

Differential Revision: https://reviews.llvm.org/D83358
2020-07-22 17:29:41 +00:00
Fangrui Song 746b5fad5b [profile][test] Add -fuse-ld=bfd to make instrprof-lto-pgogen.c robust
Otherwise if 'ld' is an older system LLD (FreeBSD; or if someone adds 'ld' to
point to an LLD from a different installation) which does not support the
current ModuleSummaryIndex::BitCodeSummaryVersion, the test will fail.

Add lit feature 'binutils_lto'. GNU ld is more common than GNU gold, so
we can just require 'is_binutils_lto_supported' to additionally support GNU ld.

Reviewed By: myhsu

Differential Revision: https://reviews.llvm.org/D84133
2020-07-22 10:16:08 -07:00
Gui Andrade 33d239513c [MSAN] Instrument libatomic load/store calls
These calls are neither intercepted by compiler-rt nor is libatomic.a
naturally instrumented.

This patch uses the existing libcall mechanism to detect a call
to atomic_load or atomic_store, and instruments them much like
the preexisting instrumentation for atomics.

Calls to _load are modified to have at least Acquire ordering, and
calls to _store at least Release ordering. Because this needs to be
converted at runtime, msan injects a LUT (implemented as a vector
with extractelement).

Differential Revision: https://reviews.llvm.org/D83337
2020-07-22 16:45:06 +00:00
Hans Wennborg 238bbd48c5 Revert abd45154b "[Coverage] Add comment to skipped regions"
This casued assertions during Chromium builds. See comment on the code review

> Bug filled here: https://bugs.llvm.org/show_bug.cgi?id=45757.
> Add comment to skipped regions so we don't track execution count for lines containing only comments.
>
> Differential Revision: https://reviews.llvm.org/D84208

This reverts commit abd45154bd and the
follow-up 87d7254733.
2020-07-22 17:09:20 +02:00
David Carlier c61dcb8f62 [compiler-rt] fix build on Illumos
- there are additional fields for glob_t struct, thus size check is failing.
- to access old mman.h api based on caddr_t, _XOPEN_SOURCE needs to be not defined
 thus we provide the prototype.
- prxmap_t constified.

Reviewers: ro, eugenis

Reviewed-By: ro

Differential Revision: https://reviews.llvm.org/D84046
2020-07-22 15:19:56 +01:00
Vitaly Buka 952fdb6b43 [sanitizer,NFC] InternalAlloc cleanup 2020-07-22 03:08:24 -07:00
Zequan Wu 87d7254733 [Coverage] Fix coverage test cases. 2020-07-21 18:01:29 -07:00
Zequan Wu abd45154bd [Coverage] Add comment to skipped regions
Bug filled here: https://bugs.llvm.org/show_bug.cgi?id=45757.
Add comment to skipped regions so we don't track execution count for lines containing only comments.

Differential Revision: https://reviews.llvm.org/D84208
2020-07-21 17:34:18 -07:00
Dan Liew 923cf890d1 Avoid failing a CHECK in `DlAddrSymbolizer::SymbolizePC`.
Summary:
It turns out the `CHECK(addr >= reinterpret_cast<upt>(info.dli_saddr)`
can fail because on armv7s on iOS 9.3 `dladdr()` returns
`info.dli_saddr` with an address larger than the address we provided.

We should avoid crashing here because crashing in the middle of reporting
an issue is very unhelpful. Instead we now try to compute a function offset
if the value we get back from `dladdr()` looks sane, otherwise we don't
set the function offset.

A test case is included. It's basically a slightly modified version of
the existing `test/sanitizer_common/TestCases/Darwin/symbolizer-function-offset-dladdr.cpp`
test case that doesn't run on iOS devices right now.

More details:

In the concrete scenario on armv7s `addr` is `0x2195c870` and the returned
`info.dli_saddr` is `0x2195c871`.

This what LLDB says when disassembling the code.

```
(lldb) dis -a 0x2195c870
libdyld.dylib`<redacted>:
    0x2195c870 <+0>: nop
    0x2195c872 <+2>: blx    0x2195c91c                ; symbol stub for: exit
    0x2195c876 <+6>: trap
```

The value returned by `dladdr()` doesn't make sense because it points
into the middle of a instruction.

There might also be other bugs lurking here because I noticed that the PCs we
gather during stackunwinding (before changing them with
`StackTrace::GetPreviousInstructionPc()`) look a little suspicious (e.g.  the
PC stored for the frame with fail to symbolicate is 0x2195c873) as they don't
look properly aligned. This probably warrants further investigation in the future.

rdar://problem/65621511

Reviewers: kubamracek, yln

Subscribers: kristof.beyls, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D84262
2020-07-21 12:49:50 -07:00
Marco Vanotti db00fac2a2 [compiler-rt][asan] decommit shadow memory for unmaps in fuchsia.
This CL allows asan allocator in fuchsia to decommit shadow memory
for memory allocated using mmap.

Big allocations in asan end up being allocated via `mmap` and freed with
`munmap`. However, when that memory is freed, asan returns the
corresponding shadow memory back to the OS via a call to
`ReleaseMemoryPagesToOs`.

In fuchsia, `ReleaseMemoryPagesToOs` is a no-op: to be able to free
memory back to the OS, you have to hold a handle to the vmo you want to
modify, which is tricky at the ReleaseMemoryPagesToOs level as that
function is not exclusively used for shadow memory.

The function `__sanitizer_fill_shadow` fills a given shadow memory range
with a specific value, and if that value is 0 (unpoison) and the memory
range is bigger than a threshold parameter, it will decommit that memory
if it is all zeroes.

This CL modifies the `FlushUnneededASanShadowMemory` function in
`asan_poisoning.cpp` to add a call to `__sanitizer_fill_shadow` with
value and threshold = 0. This way, all the unneeded shadow memory gets
returned back to the OS.

A test for this behavior can be found in fxrev.dev/391974

Differential Revision: https://reviews.llvm.org/D80355

Change-Id: Id6dd85693e78a222f0329d5b2201e0da753e01c0
2020-07-21 11:07:47 -07:00
Jon Roelofs b9fc20ebe7 [compiler-rt][test][profile] Fix missing include
... on systems where wait() isn't one of the declarations transitively included
via unistd.h (i.e. Darwin).

Differential Revision: https://reviews.llvm.org/D84207
2020-07-21 11:59:27 -06:00
Mitch Phillips 4f029d1be4 [GWP-ASan] Split the unwinder into segv/non-segv.
Note: Resubmission with frame pointers force-enabled to fix builds with
-DCOMPILER_RT_BUILD_BUILTINS=False

Summary:
Splits the unwinder into a non-segv (for allocation/deallocation traces) and a
segv unwinder. This ensures that implementations can select an accurate, slower
unwinder in the segv handler (if they choose to use the GWP-ASan provided one).
This is important as fast frame-pointer unwinders (like the sanitizer unwinder)
don't like unwinding through signal handlers.

Reviewers: morehouse, cryptoad

Reviewed By: morehouse, cryptoad

Subscribers: cryptoad, mgorny, eugenis, pcc, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83994
2020-07-21 08:25:37 -07:00
Louis Dionne 14c4de13e9 [compiler-rt] Use -nostdinc++ in clang_rt.profile to avoid including C++ headers
Most of the code in compiler_rt is C code. However, clang_rt.profile
contains the InstrProfilingRuntime.cpp file, which builds as C++. This
means that including e.g. <stdint.h> will actually include libc++'s
<stdint.h> and then #include_next the system's <stdint.h>. However, if
the target we're building compiler-rt for isn't supported by libc++,
this will lead to a failure since libc++'s <stdint.h> includes <__config>,
which performs various checks.

Since the goal seems to *not* be including any header from the C++ Standard
Library in clang_rt.profile, using -nostdinc++ to ensure that doesn't
happen unknowingly seems to make sense.

rdar://65852694

Differential Revision: https://reviews.llvm.org/D84205
2020-07-21 09:14:33 -04:00
Hans Wennborg ab6263c925 Revert 502f0cc0e3 "[GWP-ASan] Split the unwinder into segv/non-segv."
It was causing tests to fail in -DCOMPILER_RT_BUILD_BUILTINS=OFF builds:

   GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.DoubleFree
   GwpAsan-Unittest :: ./GwpAsan-x86_64-Test/BacktraceGuardedPoolAllocator.UseAfterFree

see comment on the code review.

> Summary:
> Splits the unwinder into a non-segv (for allocation/deallocation traces) and a
> segv unwinder. This ensures that implementations can select an accurate, slower
> unwinder in the segv handler (if they choose to use the GWP-ASan provided one).
> This is important as fast frame-pointer unwinders (like the sanitizer unwinder)
> don't like unwinding through signal handlers.
>
> Reviewers: morehouse, cryptoad
>
> Reviewed By: morehouse, cryptoad
>
> Subscribers: cryptoad, mgorny, eugenis, pcc, #sanitizers
>
> Tags: #sanitizers
>
> Differential Revision: https://reviews.llvm.org/D83994

This reverts commit 502f0cc0e3.
2020-07-21 11:18:07 +02:00
Logan Smith 955f87f947 [compiler-rt] Disable -Wsuggest-override for unittests
This uses a special set of flags given to unittests to work around warnings raised by googletest and googlemock. This should bring the sanitizer bots back to green.
2020-07-20 17:42:51 -07:00
Logan Smith 8ed021382e Fix typo causing build failure
(facepalm)
2020-07-20 15:14:08 -07:00
Logan Smith 8b6179f48c [NFC] Add missing 'override's 2020-07-20 14:39:36 -07:00
Fangrui Song 5809a32e7c [gcov] Add __gcov_dump/__gcov_reset and delete __gcov_flush
GCC r187297 (2012-05) introduced `__gcov_dump` and `__gcov_reset`.
  `__gcov_flush = __gcov_dump + __gcov_reset`

The resolution to https://gcc.gnu.org/PR93623 ("No need to dump gcdas when forking" target GCC 11.0) removed the unuseful and undocumented __gcov_flush.

Close PR38064.

Reviewed By: calixte, serge-sans-paille

Differential Revision: https://reviews.llvm.org/D83149
2020-07-18 15:07:46 -07:00
Fangrui Song 6a25838be6 [gcov][test] Simplify instrprof-dlopen-dlclose-gcov.test 2020-07-18 15:04:48 -07:00
Fangrui Song ca1cc5c4e0 [gcov][test] Call wait() to make gcov-fork.c reliable
If the parent exit before the child, the line counts might be 1.

next:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          26:  1: 21: if (fork() == -1) return 1; // CHECK-NEXT: 1: [[#@LINE]]:
next:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          27:  1: 22: func2(); // CHECK-NEXT: 2: [[#@LINE]]:
next:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          28:  1: 23: return 0; // CHECK-NEXT: 2: [[#@LINE]]:
next:18'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2020-07-18 11:10:47 -07:00
Vitaly Buka 1fe0705cb1 [sanitizer] Disable test on incompatible platforms 2020-07-18 02:18:50 -07:00
Gui Andrade 65936fed14 [MSAN tests] Require android for sigandorset.cpp 2020-07-18 03:54:13 +00:00
Gui Andrade 951584db4f Revert "update libatomic instrumentation"
This was committed mistakenly.

This reverts commit 1f29171ae7.
2020-07-18 03:53:00 +00:00
Gui Andrade 1f29171ae7 update libatomic instrumentation 2020-07-18 03:39:21 +00:00
Gui Andrade 780528d9da sanitizers: Implement sig{and,or}set interceptors
Also adds a sanitizers-wide test, and a msan test, for these functions.
2020-07-18 03:09:39 +00:00
Vitaly Buka c12f111846 Corrected __libfuzzer_is_present symbol inclusion for MSVC x86 32-bit
The incorrect symbol will cause linking failures for 32-bit targets:

clang_rt.fuzzer-i386.lib(FuzzerDriver.obj) : error LNK2001: unresolved external symbol __libfuzzer_is_present

Verified no longer fails to link with this change for 32-bit and still succeeds for 64-bit MSVC.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D83594
2020-07-17 18:29:47 -07:00
Kuba Mracek 176a6e7abe [asan] Use dynamic shadow memory position on Apple Silicon macOS
This is needed because macOS on Apple Silicon has some reserved pages inside the "regular" shadow memory location, and mapping over that location fails.

Differential Revision: https://reviews.llvm.org/D82912
2020-07-17 17:40:21 -07:00
Vitaly Buka 1bbed69059 [sanitizer] Another attempt to fix protoent test
Now we are going to pick name and index based on output of getprotoent_r.
2020-07-17 17:31:15 -07:00
Teresa Johnson db15b8ab90 [compiler-rt][asan][hwasan] Fix Fuchsia build
Fix build failure in Fuchsia build from refactoring in
5d2be1a188

Guard the moved versions of ReserveShadowMemoryRange and ProtectGap
the same way they were in the asan code originally (not for Fuchsia or
RTEMS). Otherwise we end up with unsats as they invoke functions not
defined there.
2020-07-17 14:50:01 -07:00
Mitch Phillips 502f0cc0e3 [GWP-ASan] Split the unwinder into segv/non-segv.
Summary:
Splits the unwinder into a non-segv (for allocation/deallocation traces) and a
segv unwinder. This ensures that implementations can select an accurate, slower
unwinder in the segv handler (if they choose to use the GWP-ASan provided one).
This is important as fast frame-pointer unwinders (like the sanitizer unwinder)
don't like unwinding through signal handlers.

Reviewers: morehouse, cryptoad

Reviewed By: morehouse, cryptoad

Subscribers: cryptoad, mgorny, eugenis, pcc, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83994
2020-07-17 12:59:47 -07:00
Vitaly Buka e412cc402e [asan] Dedup MemToShadowSize
Added D83247 and D84004.
2020-07-17 02:40:08 -07:00
Vitaly Buka 650baf22e6 [msan] Fix strxfrm test
Revert D83719 and explicitly set locate to "C".
2020-07-17 02:21:18 -07:00
Vitaly Buka 02c74907e0 [lsan] Fix SyntaxWarning: "is" with a literal 2020-07-17 02:21:18 -07:00
Vitaly Buka 05fe069790 [gwp-asan] Fix check-all with LIT_FILTER 2020-07-17 02:21:18 -07:00
Vitaly Buka 40a073eac1 [sanitizer] Fix protoent without network 2020-07-17 02:21:18 -07:00
Rainer Orth 0db3ac3354 [compiler-rt][asan] Define MemToShadowSize for sparc64
[compiler-rt][asan][hwasan] Refactor shadow setup into sanitizer_common (NFCI) <https://reviews.llvm.org/D83247>
broke the Solaris/sparcv9 <http://lab.llvm.org:8014/builders/clang-solaris11-sparcv9/builds/6623> build:

  FAILED: projects/compiler-rt/lib/asan/CMakeFiles/RTAsan.sparcv9.dir/asan_linux.cpp.o
  /opt/llvm-buildbot/bin/c++  -D_DEBUG -D_FILE_OFFSET_BITS=64 -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -Iprojects/compiler-rt/lib/asan -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan -Iinclude -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/llvm/include -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/llvm/include/llvm/Support/Solaris -I/opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan/.. -fPIC -fvisibility-inlines-hidden -Werror=date-time -Wall -Wextra -Wno-unused-parameter -Wwrite-strings -Wcast-qual -Wno-missing-field-initializers -pedantic -Wno-long-long -Wimplicit-fallthrough -Wno-maybe-uninitialized -Wno-noexcept-type -Wdelete-non-virtual-dtor -Wno-comment -fdiagnostics-color -ffunction-sections -fdata-sections -Wall -std=c++14 -Wno-unused-parameter -O3     -m64 -fPIC -fno-builtin -fno-exceptions -fomit-frame-pointer -funwind-tables -fno-stack-protector -fvisibility=hidden -fno-lto -O3 -g -Wno-variadic-macros -Wno-non-virtual-dtor -fno-rtti -UNDEBUG -std=c++14 -MD -MT projects/compiler-rt/lib/asan/CMakeFiles/RTAsan.sparcv9.dir/asan_linux.cpp.o -MF projects/compiler-rt/lib/asan/CMakeFiles/RTAsan.sparcv9.dir/asan_linux.cpp.o.d -o projects/compiler-rt/lib/asan/CMakeFiles/RTAsan.sparcv9.dir/asan_linux.cpp.o -c /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan/asan_linux.cpp
  /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan/asan_linux.cpp: In function ‘__sanitizer::uptr __asan::FindDynamicShadowStart()’:
  /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan/asan_linux.cpp:103:28: error: ‘MemToShadowSize’ was not declared in this scope
     uptr shadow_size_bytes = MemToShadowSize(kHighMemEnd);
                              ^~~~~~~~~~~~~~~
  /opt/llvm-buildbot/home/solaris11-sparcv9/clang-solaris11-sparcv9/llvm/compiler-rt/lib/asan/asan_linux.cpp:103:28: note: suggested alternative: ‘MemToShadow’
     uptr shadow_size_bytes = MemToShadowSize(kHighMemEnd);
                              ^~~~~~~~~~~~~~~
                              MemToShadow

Fixed by also definining `MemToShadowSize` in `compiler-rt/lib/asan/asan_mapping_sparc64.h`.

Tested on `sparcv9-sun-solaris2.11`.

Differential Revision: https://reviews.llvm.org/D84004
2020-07-17 10:04:19 +02:00
Vitaly Buka dbf39e54f6 [sanitizer] Revert accidentally committed file 2020-07-17 00:08:45 -07:00
Vitaly Buka 1cb8cc1fd1 [profile] Enabled test on windows
Works with D34797
2020-07-17 00:05:46 -07:00
Logan Smith 947bf0fdf6 [compiler-rt][NFC] Add missing 'override's 2020-07-16 20:07:57 -07:00
Vitaly Buka b128f719a4 [profile] Disable new failing test from D83967 2020-07-16 19:47:36 -07:00
Vitaly Buka 147a608b94 [sanitizer] Fix symbolizer build broken by D82702 2020-07-16 19:34:45 -07:00
Richard Smith 8ef9e2bf35 Revert "[libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked."
This causes binaries linked with this runtime to crash on startup if
dlsym uses any of the intercepted functions. (For example, that happens
when using tcmalloc as the allocator: dlsym attempts to allocate memory
with malloc, and tcmalloc uses strncmp within its implementation.)

Also revert dependent commit "[libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given."

This reverts commit f78d9fceea and 12d1124c49.
2020-07-16 18:06:37 -07:00
Min-Yih Hsu 0f6220ddd6 [profile] Move __llvm_profile_raw_version into a separate file
Similar to the reason behind moving __llvm_profile_filename into a
separate file[1]. When users try to use Full LTO with BFD linker to
generate IR level PGO profile, the __llvm_profile_raw_version variable,
which is used for marking instrumentation level, generated by frontend
would somehow conflict with the weak symbol provided by profiling
runtime.

In most of the cases, BFD linkers will pick profiling runtime's weak symbol
as the real definition and thus generate the incorrect instrumentation
level metadata in the final executables.

Moving __llvm_profile_raw_version into a separate file would make
linkers not seeing the weak symbol in the archive unless the frontend
doesn't generate one.

[1] https://reviews.llvm.org/D34797

Differential Revision: https://reviews.llvm.org/D83967
2020-07-16 16:02:04 -07:00
Jon Roelofs 2cf3458c3b [tsan][go] Fix for missing symbols needed by GotsanRuntimeCheck 2020-07-16 17:01:15 -06:00
Dokyung Song 12d1124c49 [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
Summary: This patch disables implicit builtin knowledge about memcmp-like functions when compiling the program for fuzzing, i.e., when -fsanitize=fuzzer(-no-link) is given. This allows libFuzzer to always intercept memcmp-like functions as it effectively disables optimizing calls to such functions into different forms. This is done by adding a set of flags (-fno-builtin-memcmp and others) in the clang driver. Individual -fno-builtin-* flags previously used in several libFuzzer tests are now removed, as it is now done automatically in the clang driver.

Reviewers: morehouse, hctim

Subscribers: cfe-commits, #sanitizers

Tags: #clang, #sanitizers

Differential Revision: https://reviews.llvm.org/D83987
2020-07-16 22:53:54 +00:00
Nico Weber 669b070936 cmake list formatting fix 2020-07-16 18:29:48 -04:00
Ryan Prichard 15b37e1cfa [builtins] Omit 80-bit builtins on Android and MSVC
long double is a 64-bit double-precision type on:
 - MSVC (32- and 64-bit x86)
 - Android (32-bit x86)

long double is a 128-bit quad-precision type on x86_64 Android.

The assembly variants of the 80-bit builtins are correct, but some of
the builtins are implemented in C and require that long double be the
80-bit type passed via an x87 register.

Reviewed By: compnerd

Differential Revision: https://reviews.llvm.org/D82153
2020-07-16 15:11:26 -07:00
Teresa Johnson c489ae2a86 [compiler-rt][asan][hwasan] Fix Android bots
Fix failure in Android bots from refactoring in
5d2be1a188 (https://crbug.com/1106482).

We need to make the UnmapFromTo available outside sanitizer_common for
calls from hwasan and asan linux handling. While here, remove
declaration of GetHighMemEnd which is no longer in sanitizer_common.
2020-07-16 15:11:02 -07:00
Dokyung Song f78d9fceea [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.
Summary: libFuzzer intercepts certain library functions such as memcmp/strcmp by defining weak hooks. Weak hooks, however, are called only when other runtimes such as ASan is linked. This patch defines libFuzzer's own interceptors, which is linked into the libFuzzer executable when other runtimes are not linked, i.e., when -fsanitize=fuzzer is given, but not others.

Reviewers: kcc, morehouse, hctim

Reviewed By: morehouse, hctim

Subscribers: krytarowski, mgorny, cfe-commits, #sanitizers

Tags: #clang, #sanitizers

Differential Revision: https://reviews.llvm.org/D83494
2020-07-16 20:26:35 +00:00
serge-sans-paille 515bc8c155 Harmonize Python shebang
Differential Revision: https://reviews.llvm.org/D83857
2020-07-16 21:53:45 +02:00
Julian Lettner bd88991a01 Revert "[Darwin] Fix OS version checks inside simulators"
This reverts commit b16dfbead2.

Accidental push, reverting and creating a new revision.
2020-07-16 11:47:41 -07:00
Teresa Johnson 5d2be1a188 [compiler-rt][asan][hwasan] Refactor shadow setup into sanitizer_common (NFCI)
Summary:
This refactors some common support related to shadow memory setup from
asan and hwasan into sanitizer_common. This should not only reduce code
duplication but also make these facilities available for new compiler-rt
uses (e.g. heap profiling).

In most cases the separate copies of the code were either identical, or
at least functionally identical. A few notes:

In ProtectGap, the asan version checked the address against an upper
bound (kZeroBaseMaxShadowStart, which is (2^18). I have created a copy
of kZeroBaseMaxShadowStart in hwasan_mapping.h, with the same value, as
it isn't clear why that code should not do the same check. If it
shouldn't, I can remove this and guard this check so that it only
happens for asan.

In asan's InitializeShadowMemory, in the dynamic shadow case it was
setting __asan_shadow_memory_dynamic_address to 0 (which then sets both
macro SHADOW_OFFSET as well as macro kLowShadowBeg to 0) before calling
FindDynamicShadowStart(). AFAICT this is only needed because
FindDynamicShadowStart utilizes kHighShadowEnd to
get the shadow size, and kHighShadowEnd is a macro invoking
MEM_TO_SHADOW(kHighMemEnd) which in turn invokes:
(((kHighMemEnd) >> SHADOW_SCALE) + (SHADOW_OFFSET))
I.e. it computes the shadow space needed by kHighMemEnd (the shift), and
adds the offset. Since we only want the shadow space here, the earlier
setting of SHADOW_OFFSET to 0 via __asan_shadow_memory_dynamic_address
accomplishes this. In the hwasan version, it simply gets the shadow
space via "MemToShadowSize(kHighMemEnd)", where MemToShadowSize just
does the shift. I've simplified the asan handling to do the same
thing, and therefore was able to remove the setting of the SHADOW_OFFSET
via __asan_shadow_memory_dynamic_address to 0.

Reviewers: vitalybuka, kcc, eugenis

Subscribers: dberris, #sanitizers, llvm-commits, davidxl

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83247
2020-07-16 11:47:05 -07:00
Julian Lettner b16dfbead2 [Darwin] Fix OS version checks inside simulators
compiler-rt checks OS versions by querying the Darwin kernel version.
This is not necessarily correct inside the simulators if the simulator
runtime is not aligned with the host macOS.  Let's instead check the
`SIMULATOR_RUNTIME_VERSION` env var.

Note that we still use the old code path as a fallback in case the
`SIMULATOR_RUNTIME_VERSION` environment variable isn't set.

rdar://63031937

Reviewers: delcypher

Differential Revision: https://reviews.llvm.org/D79979
2020-07-16 10:48:04 -07:00
Kostya Kortchinsky 79de8f8441 [scudo][standalone] Release smaller blocks less often
Summary:
Releasing smaller blocks is costly and only yields significant
results when there is a large percentage of free bytes for a given
size class (see numbers below).

This CL introduces a couple of additional checks for sizes lower
than 256. First we want to make sure that there is enough free bytes,
relatively to the amount of allocated bytes. We are looking at 8X% to
9X% (smaller blocks require higher percentage). We also want to make
sure there has been enough activity with the freelist to make it
worth the time, so we now check that the bytes pushed to the freelist
is at least 1/16th of the allocated bytes for those classes.

Additionally, we clear batches before destroying them now - this
could have prevented some releases to occur (class id 0 rarely
releases anyway).

Here are the numbers, for about 1M allocations in multiple threads:

Size: 16
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 0% released
90% freed -> 0% released
91% freed -> 0% released
92% freed -> 0% released
93% freed -> 0% released
94% freed -> 0% released
95% freed -> 0% released
96% freed -> 0% released
97% freed -> 2% released
98% freed -> 7% released
99% freed -> 27% released
Size: 32
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 0% released
90% freed -> 0% released
91% freed -> 0% released
92% freed -> 0% released
93% freed -> 0% released
94% freed -> 0% released
95% freed -> 1% released
96% freed -> 3% released
97% freed -> 7% released
98% freed -> 17% released
99% freed -> 41% released
Size: 48
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 0% released
90% freed -> 0% released
91% freed -> 0% released
92% freed -> 0% released
93% freed -> 0% released
94% freed -> 1% released
95% freed -> 3% released
96% freed -> 7% released
97% freed -> 13% released
98% freed -> 27% released
99% freed -> 52% released
Size: 64
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 0% released
90% freed -> 0% released
91% freed -> 0% released
92% freed -> 1% released
93% freed -> 2% released
94% freed -> 3% released
95% freed -> 6% released
96% freed -> 11% released
97% freed -> 20% released
98% freed -> 35% released
99% freed -> 59% released
Size: 80
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 0% released
90% freed -> 1% released
91% freed -> 1% released
92% freed -> 2% released
93% freed -> 4% released
94% freed -> 6% released
95% freed -> 10% released
96% freed -> 17% released
97% freed -> 26% released
98% freed -> 41% released
99% freed -> 64% released
Size: 96
85% freed -> 0% released
86% freed -> 0% released
87% freed -> 0% released
88% freed -> 0% released
89% freed -> 1% released
90% freed -> 1% released
91% freed -> 3% released
92% freed -> 4% released
93% freed -> 6% released
94% freed -> 10% released
95% freed -> 14% released
96% freed -> 21% released
97% freed -> 31% released
98% freed -> 47% released
99% freed -> 68% released
Size: 112
85% freed -> 0% released
86% freed -> 1% released
87% freed -> 1% released
88% freed -> 2% released
89% freed -> 3% released
90% freed -> 4% released
91% freed -> 6% released
92% freed -> 8% released
93% freed -> 11% released
94% freed -> 16% released
95% freed -> 22% released
96% freed -> 30% released
97% freed -> 40% released
98% freed -> 55% released
99% freed -> 74% released
Size: 128
85% freed -> 0% released
86% freed -> 1% released
87% freed -> 1% released
88% freed -> 2% released
89% freed -> 3% released
90% freed -> 4% released
91% freed -> 6% released
92% freed -> 8% released
93% freed -> 11% released
94% freed -> 16% released
95% freed -> 22% released
96% freed -> 30% released
97% freed -> 40% released
98% freed -> 55% released
99% freed -> 74% released
Size: 144
85% freed -> 1% released
86% freed -> 2% released
87% freed -> 3% released
88% freed -> 4% released
89% freed -> 6% released
90% freed -> 7% released
91% freed -> 10% released
92% freed -> 13% released
93% freed -> 17% released
94% freed -> 22% released
95% freed -> 28% released
96% freed -> 37% released
97% freed -> 47% released
98% freed -> 61% released
99% freed -> 78% released
Size: 160
85% freed -> 1% released
86% freed -> 2% released
87% freed -> 3% released
88% freed -> 4% released
89% freed -> 5% released
90% freed -> 7% released
91% freed -> 10% released
92% freed -> 13% released
93% freed -> 17% released
94% freed -> 22% released
95% freed -> 28% released
96% freed -> 37% released
97% freed -> 47% released
98% freed -> 61% released
99% freed -> 78% released
Size: 176
85% freed -> 2% released
86% freed -> 3% released
87% freed -> 4% released
88% freed -> 6% released
89% freed -> 7% released
90% freed -> 9% released
91% freed -> 12% released
92% freed -> 15% released
93% freed -> 20% released
94% freed -> 25% released
95% freed -> 32% released
96% freed -> 40% released
97% freed -> 51% released
98% freed -> 64% released
99% freed -> 80% released
Size: 192
85% freed -> 4% released
86% freed -> 5% released
87% freed -> 6% released
88% freed -> 8% released
89% freed -> 10% released
90% freed -> 13% released
91% freed -> 16% released
92% freed -> 20% released
93% freed -> 24% released
94% freed -> 30% released
95% freed -> 37% released
96% freed -> 45% released
97% freed -> 55% released
98% freed -> 68% released
99% freed -> 82% released
Size: 224
85% freed -> 8% released
86% freed -> 10% released
87% freed -> 12% released
88% freed -> 14% released
89% freed -> 17% released
90% freed -> 20% released
91% freed -> 23% released
92% freed -> 28% released
93% freed -> 33% released
94% freed -> 39% released
95% freed -> 46% released
96% freed -> 53% released
97% freed -> 63% released
98% freed -> 73% released
99% freed -> 85% released
Size: 240
85% freed -> 8% released
86% freed -> 10% released
87% freed -> 12% released
88% freed -> 14% released
89% freed -> 17% released
90% freed -> 20% released
91% freed -> 23% released
92% freed -> 28% released
93% freed -> 33% released
94% freed -> 39% released
95% freed -> 46% released
96% freed -> 54% released
97% freed -> 63% released
98% freed -> 73% released
99% freed -> 85% released

Reviewers: cferris, pcc, hctim, eugenis

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D82031
2020-07-16 09:44:25 -07:00
Joachim Protze 7358a1104a [TSan] Optimize handling of racy address
This patch splits the handling of racy address and racy stack into separate
functions. If a race was already reported for the address, we can avoid the
cost for collecting the involved stacks.

This patch also removes the race condition in storing the racy address / racy
stack. This race condition allowed all threads to report the race.

This patch changes the transitive suppression of reports. Previously
suppression could transitively chain memory location and racy stacks.
Now racy memory and racy stack are separate suppressions.

Commit again, now with fixed tests.

Reviewed by: dvyukov

Differential Revision: https://reviews.llvm.org/D83625
2020-07-16 16:22:57 +02:00
Hiroshi Yamauchi 4a539faf74 [PGO] Extend the value profile buckets for mem op sizes.
Extend the memop value profile buckets to be more flexible (could accommodate a
mix of individual values and ranges) and to cover more value ranges (from 11 to
22 buckets).

Disabled behind a flag (to be enabled separately) and the existing code to be
removed later.
2020-07-15 10:26:15 -07:00
Joachim Protze d3849dddd2 Revert "[TSan] Optimize handling of racy address"
This reverts commit 00e3a1ddec.
The commit broke most build bots, investigating.
2020-07-15 17:40:28 +02:00
Joachim Protze 00e3a1ddec [TSan] Optimize handling of racy address
This patch splits the handling of racy address and racy stack into separate
functions. If a race was already reported for the address, we can avoid the
cost for collecting the involved stacks.

This patch also removes the race condition in storing the racy address / racy
stack. This race condition allowed all threads to report the race.

This patch changes the transitive suppression of reports. Previously
suppression could transitively chain memory location and racy stacks.
Now racy memory and racy stack are separate suppressions.

Reviewed by: dvyukov

Differential Revision: https://reviews.llvm.org/D83625
2020-07-15 16:50:08 +02:00
Petr Hosek bcd27d9d73 Revert "[CMake] Simplify CMake handling for zlib"
This reverts commit 8c1a79dc12 because
it fails when zlib isn't installed.
2020-07-14 19:56:10 -07:00
Petr Hosek 8c1a79dc12 [CMake] Simplify CMake handling for zlib
Rather than handling zlib handling manually, use find_package from CMake
to find zlib properly. Use this to normalize the LLVM_ENABLE_ZLIB,
HAVE_ZLIB, HAVE_ZLIB_H. Furthermore, require zlib if LLVM_ENABLE_ZLIB is
set to YES, which requires the distributor to explicitly select whether
zlib is enabled or not. This simplifies the CMake handling and usage in
the rest of the tooling.

This is a reland of abb0075 with all followup changes and fixes that
should address issues that were reported in PR44780.

Differential Revision: https://reviews.llvm.org/D79219
2020-07-14 19:30:08 -07:00
Dokyung Song 750369e2e8 [libFuzzer] Fix compilation error by including missing platform macro definitions.
Summary: This patch fixes sanitizer-windows build errors.

Reviewers: morehouse, hctim

Reviewed By: morehouse, hctim

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83823
2020-07-14 22:26:50 +00:00
Arthur Eubanks bef00b244c Revert "[compiler-rt][Android] Stop using detect_target_arch"
This reverts commit 9b7e24c2a5.

See comments in https://reviews.llvm.org/D82148.
2020-07-14 15:05:26 -07:00
Dokyung Song 226866e115 [libFuzzer] Separate platform related macros out from FuzzerDefs.h into FuzzerPlatform.h, and adjust includes in other files.
Summary: This patch separates platform related macros in lib/fuzzer/FuzzerDefs.h into lib/fuzzer/FuzzerPlatform.h, and use FuzzerPlatform.h where necessary. This separation helps when compiling libFuzzer's interceptor module (under review); an unnecessary include of standard headers (such as string.h) may produce conflicts/ambiguation with the interceptor's declarations/definitions of library functions, which complicates interceptor implementation.

Reviewers: morehouse, hctim

Reviewed By: morehouse

Subscribers: krytarowski, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83805
2020-07-14 21:31:56 +00:00
Vedant Kumar a8694eb562 Update ubsan_interface.inc for D71491 (second try)
I mistyped the ubsan objc_cast handler names on the first try.

Testing:

./bin/llvm-lit projects/compiler-rt/test/asan/X86_64HDarwinConfig/TestCases/Darwin/interface_symbols_darwin.cpp
2020-07-14 11:16:11 -07:00
Rainer Orth f0e9b76c35 [compiler-rt][sanitizers] Fix GetPcSpBp determination of SP on 32-bit Solaris/x86
A dozen 32-bit `AddressSanitizer` testcases FAIL on the latest beta of Solaris 11.4/x86, e.g.
`AddressSanitizer-i386-sunos :: TestCases/null_deref.cpp` produces

  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==29274==ERROR: AddressSanitizer: stack-overflow on address 0x00000028 (pc 0x08135efd bp 0xfeffdfd8 sp 0x00000000 T0)
      #0 0x8135efd in NullDeref(int*) /vol/llvm/src/llvm-project/dist/compiler-rt/test/asan/TestCases/null_deref.cpp:15:10
      #1 0x8135ea6 in main /vol/llvm/src/llvm-project/dist/compiler-rt/test/asan/TestCases/null_deref.cpp:21:3
      #2 0x8084b85 in _start (null_deref.cpp.tmp+0x8084b85)

   SUMMARY: AddressSanitizer: stack-overflow /vol/llvm/src/llvm-project/dist/compiler-rt/test/asan/TestCases/null_deref.cpp:15:10 in NullDeref(int*)
  ==29274==ABORTING

instead of the expected

  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==29276==ERROR: AddressSanitizer: SEGV on unknown address 0x00000028 (pc 0x08135f1f bp 0xfeffdf48 sp 0xfeffdf40 T0)
  ==29276==The signal is caused by a WRITE memory access.
  ==29276==Hint: address points to the zero page.
      #0 0x8135f1f in NullDeref(int*) /vol/llvm/src/llvm-project/local/compiler-rt/test/asan/TestCases/null_deref.cpp:15:10
      #1 0x8135efa in main /vol/llvm/src/llvm-project/local/compiler-rt/test/asan/TestCases/null_deref.cpp:21:3
      #2 0x8084be5 in _start (null_deref.cpp.tmp+0x8084be5)

  AddressSanitizer can not provide additional info.
   SUMMARY: AddressSanitizer: SEGV /vol/llvm/src/llvm-project/local/compiler-rt/test/asan/TestCases/null_deref.cpp:15:10 in NullDeref(int*)
  ==29276==ABORTING

I managed to trace this to a change in `<sys/regset.h>`: previously the header would
primarily define the short register indices (like `UESP`). While they are required by the
i386 psABI, they are only required in `<ucontext.h>` and could previously leak into
unsuspecting user code, polluting the namespace and requiring elaborate workarounds
like that in `llvm/include/llvm/Support/Solaris/sys/regset.h`. The change fixed that by restricting
the definition of the short forms appropriately, at the same time defining all `REG_` prefixed
forms for compatiblity with other systems.  This exposed a bug in `compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp`, however:
Previously, the index for the user stack pointer would be hardcoded if `REG_ESP`
wasn't defined. Now with that definition present, it turned out that `REG_ESP` was the wrong index to use: the previous value 17 (and `REG_SP`) corresponds to `REG_UESP`
instead.

With that change, the failures are all gone.

Tested on `amd-pc-solaris2.11`.

Differential Revision: https://reviews.llvm.org/D83664
2020-07-14 12:56:18 +02:00
Sergej Jaskiewicz faa7e306e4 Revert "Revert "[compiler-rt] [test] Use the parent process env as base env in tests""
This reverts commit 979c5023d3.

The underlying issue has been fixed in https://reviews.llvm.org/D83719.
2020-07-14 11:29:40 +03:00
Amara Emerson eafeb8af34 Revert "[compiler-rt] [test] Allow expanding lit substitutions recursively"
This reverts commit 8372d50508.

It broke the TestCases/Darwin/asan-symbolize-partial-report-with-module-map.cpp test on green dragon.
2020-07-14 01:20:51 -07:00
Ryan Prichard 36f9947aac [builtins][ARM] Replace call_apsr.S with inline asm
The %arm_call_apsr expansion doesn't work when config.clang is a clang
driver defaulting to a non-ARM arch. Rather than fix it, replace
call_apsr.S with inline asm in call_apsr.h, which also resolves the
FIXME added in D31259.

Maybe the `__attribute__((noinline,pcs("aapcs")))` attributes are
unnecessary on the static functions, but I was unsure what liberty the
compiler had to insert instructions that modified the condition codes,
so it seemed helpful.

Differential Revision: https://reviews.llvm.org/D82147
2020-07-13 16:53:07 -07:00
Ryan Prichard 9b7e24c2a5 [compiler-rt][Android] Stop using detect_target_arch
For Android only, compiler-rt used detect_target_arch to select the
architecture to target. detect_target_arch was added in Sept 2014
(SVN r218605). At that time, compiler-rt selected the default arch
using ${LLVM_NATIVE_ARCH}, which seems to have been the host
architecture and therefore not suitable for cross-compilation.

The compiler-rt build system was refactored in Sept 2015 (SVN r247094
and SVN r247099) to use COMPILER_RT_DEFAULT_TARGET_TRIPLE to control
the target arch rather than LLVM_NATIVE_ARCH. This approach is simpler
and also works for Android cross-compilation, so remove the
detect_target_arch function.

Android targets i686, but compiler-rt seems to identify 32-bit x86 as
"i386". For Android, we were previously calling add_default_target_arch
with i386, and calling add_default_target_arch with i686 does not build
anything. i686 is not listed in builtin-config-ix.cmake,
ALL_BUILTIN_SUPPORTED_ARCH.

Differential Revision: https://reviews.llvm.org/D82148
2020-07-13 16:53:07 -07:00
Ryan Prichard 8cbb6ccc7f [builtins] Cleanup generic-file filtering
Split filter_builtin_sources into two functions:
 - filter_builtin_sources that removes generic files when an
   arch-specific file is selected.
 - darwin_filter_builtin_sources that implements the EXCLUDE/INCLUDE
   lists (using the files in lib/builtins/Darwin-excludes).

darwin_filter_builtin_sources delegates to filter_builtin_sources.

Previously, lib/builtins/CMakeLists.txt had a number of calls to
filter_builtin_sources (with a confusing/broken use of the
`excluded_list` parameter), as well as a redundant arch-vs-generic
filtering for the non-Apple code path at the end of the file. Replace
all of this with a single call to filter_builtin_sources.

Remove i686_SOURCES. Previously, this list contained only the
arch-specific files common to 32-bit and 64-bit x86, which is a strange
set. Normally the ${ARCH}_SOURCES list contains everything needed for
the arch. "i686" isn't in ALL_BUILTIN_SUPPORTED_ARCH.

NFCI, but i686_SOURCES won't be defined, and the order of files in
${arch}_SOURCES lists will change.

Differential Revision: https://reviews.llvm.org/D82151
2020-07-13 16:53:07 -07:00
Ryan Prichard f398e0f3d1 [builtins][Android] Define HAS_80_BIT_LONG_DOUBLE to 0
Android 32-bit x86 uses a 64-bit long double.

Android 64-bit x86 uses a 128-bit quad-precision long double.

Differential Revision: https://reviews.llvm.org/D82152
2020-07-13 16:53:07 -07:00
Gui Andrade c9b625d09a [Sanitizers] Ensure clock_getcpuclockid interceptor <= 80 chars 2020-07-13 23:18:10 +00:00
Vedant Kumar 004bf35ba0 Update ubsan_interface.inc for D71491
This should address the bot failure here:

http://lab.llvm.org:8011/builders/sanitizer-windows/builds/66309/
2020-07-13 15:40:24 -07:00
Dokyung Song 10aa0d7bbc [compiler-rt] Fix compiler warnings and runtime errors in sanitizer RT strxfrm(_l) test cases.
Summary: Fixed an implicit definition warning by including <string.h>. Also fixed run-time assertions that the return value of strxfrm_l calls is less than the buffer size by increasing the size of the referenced buffer.

Reviewers: morehouse

Reviewed By: morehouse

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83593
2020-07-13 22:35:01 +00:00
Jinsong Ji bf0d060fd4 [compiler-rt][MSAN][test] Update buffersize for UTF-8 to C convert
This is exposed by https://reviews.llvm.org/D83486.
When the host is UTF8, we may get n >10, causing assert failure.
Increase the buffersize to support UTF-8 to C conversion.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D83719
2020-07-13 22:12:55 +00:00
Gui Andrade 42170b3b4e [Sanitizers] Implement getcpuclockid interceptor
Differential Revision: https://reviews.llvm.org/D83000
2020-07-13 22:12:20 +00:00
Vedant Kumar 8c4a65b9b2 [ubsan] Check implicit casts in ObjC for-in statements
Check that the implicit cast from `id` used to construct the element
variable in an ObjC for-in statement is valid.

This check is included as part of a new `objc-cast` sanitizer, outside
of the main 'undefined' group, as (IIUC) the behavior it's checking for
is not technically UB.

The check can be extended to cover other kinds of invalid casts in ObjC.

Partially addresses: rdar://12903059, rdar://9542496

Differential Revision: https://reviews.llvm.org/D71491
2020-07-13 15:11:18 -07:00
Craig Topper b92c2bb6a2 [X86] Add CPU name strings to getIntelProcessorTypeAndSubtype and getAMDProcessorTypeAndSubtype in compiler-rt.
These aren't used in compiler-rt, but I plan to make a similar
change to the equivalent code in Host.cpp where the mapping from
type/subtype is an unnecessary complication. Having the CPU strings
here will help keep the code somewhat synchronized.
2020-07-12 12:59:25 -07:00
Gui Andrade e54b228408 [Sanitizers] Change protoent test to check for IPv6 instead of RDP
Looks like RDP isn't present on some of LLVM's buildbot machines
2020-07-10 23:50:39 +00:00
Sergej Jaskiewicz 979c5023d3 Revert "[compiler-rt] [test] Use the parent process env as base env in tests"
This reverts commit 5ab446cfe5.

That commit caused memory sanitizer test failures on PowerPC buildbots
2020-07-10 20:01:50 +03:00
Vitaly Buka c06417b24d Fix check-all with -DLLVM_USE_SANITIZER=Address 2020-07-10 01:47:51 -07:00
Danila Kutenin 68c011aa08 [builtins] Optimize udivmodti4 for many platforms.
Summary:
While benchmarking uint128 division we found out that it has huge latency for small divisors

https://reviews.llvm.org/D83027

```
Benchmark                                                   Time(ns)        CPU(ns)     Iterations
--------------------------------------------------------------------------------------------------
BM_DivideIntrinsic128UniformDivisor<unsigned __int128>            13.0           13.0     55000000
BM_DivideIntrinsic128UniformDivisor<__int128>                     14.3           14.3     50000000
BM_RemainderIntrinsic128UniformDivisor<unsigned __int128>         13.5           13.5     52000000
BM_RemainderIntrinsic128UniformDivisor<__int128>                  14.1           14.1     50000000
BM_DivideIntrinsic128SmallDivisor<unsigned __int128>             153            153        5000000
BM_DivideIntrinsic128SmallDivisor<__int128>                      170            170        3000000
BM_RemainderIntrinsic128SmallDivisor<unsigned __int128>          153            153        5000000
BM_RemainderIntrinsic128SmallDivisor<__int128>                   155            155        5000000
```

This patch suggests a more optimized version of the division:

If the divisor is 64 bit, we can proceed with the divq instruction on x86 or constant multiplication mechanisms for other platforms. Once both divisor and dividend are not less than 2**64, we use branch free subtract algorithm, it has at most 64 cycles. After that our benchmarks improved significantly

```
Benchmark                                                   Time(ns)        CPU(ns)     Iterations
--------------------------------------------------------------------------------------------------
BM_DivideIntrinsic128UniformDivisor<unsigned __int128>            11.0           11.0     64000000
BM_DivideIntrinsic128UniformDivisor<__int128>                     13.8           13.8     51000000
BM_RemainderIntrinsic128UniformDivisor<unsigned __int128>         11.6           11.6     61000000
BM_RemainderIntrinsic128UniformDivisor<__int128>                  13.7           13.7     52000000
BM_DivideIntrinsic128SmallDivisor<unsigned __int128>              27.1           27.1     26000000
BM_DivideIntrinsic128SmallDivisor<__int128>                       29.4           29.4     24000000
BM_RemainderIntrinsic128SmallDivisor<unsigned __int128>           27.9           27.8     26000000
BM_RemainderIntrinsic128SmallDivisor<__int128>                    29.1           29.1     25000000
```

If not using divq instrinsics, it is still much better

```
Benchmark                                                   Time(ns)        CPU(ns)     Iterations
--------------------------------------------------------------------------------------------------
BM_DivideIntrinsic128UniformDivisor<unsigned __int128>            12.2           12.2     58000000
BM_DivideIntrinsic128UniformDivisor<__int128>                     13.5           13.5     52000000
BM_RemainderIntrinsic128UniformDivisor<unsigned __int128>         12.7           12.7     56000000
BM_RemainderIntrinsic128UniformDivisor<__int128>                  13.7           13.7     51000000
BM_DivideIntrinsic128SmallDivisor<unsigned __int128>              30.2           30.2     24000000
BM_DivideIntrinsic128SmallDivisor<__int128>                       33.2           33.2     22000000
BM_RemainderIntrinsic128SmallDivisor<unsigned __int128>           31.4           31.4     23000000
BM_RemainderIntrinsic128SmallDivisor<__int128>                    33.8           33.8     21000000
```

PowerPC benchmarks:

Was
```
BM_DivideIntrinsic128UniformDivisor<unsigned __int128>            22.3           22.3     32000000
BM_DivideIntrinsic128UniformDivisor<__int128>                     23.8           23.8     30000000
BM_RemainderIntrinsic128UniformDivisor<unsigned __int128>         22.5           22.5     32000000
BM_RemainderIntrinsic128UniformDivisor<__int128>                  24.9           24.9     29000000
BM_DivideIntrinsic128SmallDivisor<unsigned __int128>             394            394        2000000
BM_DivideIntrinsic128SmallDivisor<__int128>                      397            397        2000000
BM_RemainderIntrinsic128SmallDivisor<unsigned __int128>          399            399        2000000
BM_RemainderIntrinsic128SmallDivisor<__int128>                   397            397        2000000
```

With this patch
```
BM_DivideIntrinsic128UniformDivisor<unsigned __int128>            21.7           21.7     33000000
BM_DivideIntrinsic128UniformDivisor<__int128>                     23.0           23.0     31000000
BM_RemainderIntrinsic128UniformDivisor<unsigned __int128>         21.9           21.9     33000000
BM_RemainderIntrinsic128UniformDivisor<__int128>                  23.9           23.9     30000000
BM_DivideIntrinsic128SmallDivisor<unsigned __int128>              32.7           32.6     23000000
BM_DivideIntrinsic128SmallDivisor<__int128>                       33.4           33.4     21000000
BM_RemainderIntrinsic128SmallDivisor<unsigned __int128>           31.1           31.1     22000000
BM_RemainderIntrinsic128SmallDivisor<__int128>                    33.2           33.2     22000000
```

My email: danilak@google.com, I don't have commit rights

Reviewers: howard.hinnant, courbet, MaskRay

Reviewed By: courbet

Subscribers: steven.zhang, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D81809
2020-07-10 09:59:16 +02:00
Julian Lettner bed3e1a99b [Sanitizer] Update macOS version checking
Support macOS 11 in our runtime version checking code and update
`GetMacosAlignedVersionInternal()` accordingly.  This follows the
implementation of `Triple::getMacOSXVersion()` in the Clang driver.

Reviewed By: delcypher

Differential Revision: https://reviews.llvm.org/D82918
2020-07-09 17:28:01 -07:00
Sergej Jaskiewicz 8372d50508 [compiler-rt] [test] Allow expanding lit substitutions recursively
Summary:
This allows using lit substitutions in the `COMPILER_RT_EMULATOR` variable.

(For reference, the ability to expand substitutions recursively has been introduced in https://reviews.llvm.org/D76178.)

Reviewers: phosek, compnerd

Reviewed By: compnerd

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83489
2020-07-09 19:49:18 +03:00
Sergej Jaskiewicz 5ab446cfe5 [compiler-rt] [test] Use the parent process env as base env in tests
Summary:
Right now the lit config builds up an environment that the tests will be run in. However, it does it from scratch instead of adding new variables to the parent process environment. This may (and does) result in strange behavior when running tests with an executor (i. e. with the `COMPILER_RT_EMULATOR` CMake variable set to something), since the executor may need some of the parent process's environment variables.

Here this is fixed.

Reviewers: compnerd, phosek

Reviewed By: compnerd

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83486
2020-07-09 19:44:35 +03:00
Sergej Jaskiewicz a89d54fd61 [compiler-rt] Better Windows support for running tests in external shell
Summary:
These changes are necessary to support remote running compiler-rt tests
that were compiled on Windows.

Most of the code here has been copy-pasted from other lit configs.

Why do we remove the conversions to ASCII in the crt config?

We set the `universal_newlines` argument to `True` in `Popen` instead.
This is supported in both Python 2.7 and 3, is easier
(no need to do the `str(dir.decode('ascii'))` dance) and less
error prone.

Also, this is necessary because if the config is executed on Windows,
and `execute_external` is `True`, we take the branch
`if sys.platform in ['win32'] and execute_external`,
and if we use Python 3, then the `dir` variable is a byte-like object,
not str, but the ``replace method on byte-like objects requires its
arguments to also be byte-like objects, which is incompatible with
Python 2 etc etc.

It is a lot simpler to just work with strings in the first place, which
is achieved by setting `universal_newlines` to `True`. As far as
I understand, this way wasn't taken because of the need to support
Python <2.7, but this is not the case now.

Reviewers: compnerd, phosek, weimingz

Reviewed By: compnerd

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D83485
2020-07-09 19:40:22 +03:00
Eric Christopher 371c94fca0 Fix a typo in an error message. 2020-07-08 20:43:05 -07:00
Gui Andrade 158feabde4 [Sanitizer]: Require !android for protoent test 2020-07-08 23:07:59 +00:00
Gui Andrade 339f1b4903 sanitizers: Add interceptors for getproto{ent,byname,bynumber}_r
This also allows intercepting these getprotoent functions on Linux as
well, since Linux exposes them.

Differential Revision: https://reviews.llvm.org/D82424
2020-07-08 21:41:18 +00:00
Sid Manning baca8f977e [compiler-rt][Hexagon] Remove fma/fmin/max code
This code should reside in the c-library.

Differential Revision: https://reviews.llvm.org/D82263
2020-07-07 19:50:04 -05:00
Dan Liew 8a8d6e2b72 Revert "Temporarily disable the following failing tests on Darwin:"
This reverts commit f3a089506f.

888951aaca introduced a fix that
should make the disabled tests work again.

rdar://problem/62141412
2020-07-07 10:15:46 -07:00
Dan Liew 888951aaca Disable interception of sigaltstack on i386 macOS.
Summary:
28c91219c7 introduced an interceptor for `sigaltstack`. It turns out this
broke `setjmp` on i386 macOS. This is because the implementation of `setjmp` on
i386 macOS is written in assembly and makes the assumption that the call to
`sigaltstack` does not clobber any registers.  Presumably that assumption was
made because it's a system call.  In particular `setjmp`  assumes that before
and after the call that `%ecx` will contain a pointer the `jmp_buf`. The
current interceptor breaks this assumption because it's written in C++ and
`%ecx` is not a callee-saved register. This could be fixed by writing a
trampoline interceptor to the existing interceptor in assembly that
ensures all the registers are preserved. However, this is a lot of work
for very little gain. Instead this patch just disables the interceptor
on i386 macOS.

For other Darwin architectures it currently appears to be safe to intercept
`sigaltstack` using the current implementation because:

* `setjmp` for x86_64 saves the pointer `jmp_buf` to the stack before calling `sigaltstack`.
* `setjmp` for armv7/arm64/arm64_32/arm64e appears to not call `sigaltstack` at all.

This patch should unbreak (once they are re-enabled) the following
tests:

```
AddressSanitizer-Unit :: ./Asan-i386-calls-Test/AddressSanitizer.LongJmpTest
AddressSanitizer-Unit :: ./Asan-i386-calls-Test/AddressSanitizer.SigLongJmpTest
AddressSanitizer-Unit :: ./Asan-i386-inline-Test/AddressSanitizer.LongJmpTest
AddressSanitizer-Unit :: ./Asan-i386-inline-Test/AddressSanitizer.SigLongJmpTest
AddressSanitizer-i386-darwin :: TestCases/longjmp.cpp
```

This patch introduces a `SANITIZER_I386` macro for convenience.

rdar://problem/62141412

Reviewers: kubamracek, yln, eugenis

Subscribers: kristof.beyls, #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D82691
2020-07-07 10:15:37 -07:00
Julian Lettner 71a6a41f1c [Sanitizer] Fix demangling for Swift symbol names
The Swift symbol name prefix has changed from `_T0` to `_$s` as
documented here [1].  This prevents Swift names from properly being
symbolicated when using the in-process LLVM symbolizer.  The best way to
fix this seems to be to avoid the duplication of "Is this a Swift symbol
name?" here.  We can simply remove this check as `swift_demangle`
already returns null for non-Swift names [2,3].

The check was included in the initial support for Swift name demangling
to avoid superfluous calls to `dlsym()` [4].  A subsequent commit
changed this logic to retrieve the `swift_demangle` function pointer
eagerly during sanitizer initialization, but did not remove the check
[5].

[1] https://github.com/apple/swift/blob/master/docs/ABI/Mangling.rst
[2] b5a8b518ea/include/swift/Demangling/Demangle.h (L643)
[3] b5a8b518ea/stdlib/public/runtime/Demangle.cpp (L656)
[4] https://reviews.llvm.org/D19135
[5] https://reviews.llvm.org/D20015

rdar://62753845

Reviewers: kubamracek, delcypher, dcoughlin, samsonov, thakis

Reviewed By: kubamracek

Differential Revision: https://reviews.llvm.org/D81705
2020-07-06 12:12:22 -07:00
Amara Emerson 85e144329c [profile] Mark gcov test as unsupported on Darwin. 2020-07-04 10:41:27 -07:00
Fangrui Song 1c6e2eceeb [gcov][test] Add `UNSUPPORTED: host-byteorder-big-endian` to gcov-fork.c
This test strangely failed on ppc64be
http://lab.llvm.org:8011/builders/clang-ppc64be-linux/builds/50913
2020-07-03 17:06:54 -07:00
Fangrui Song fba8523fb5 [gcov][test] Reorganize some compiler-rt/test/profile tests 2020-07-03 16:17:16 -07:00
Vedant Kumar 47481cbffb [test] Deflake test/profile/ContinuousSyncMode/online-merging.c
This test spawns 32 child processes which race to update counters on
shared memory pages. On some Apple-internal machines, two processes race
to perform an update in approximately 0.5% of the test runs, leading to
dropped counter updates. Deflake the test by using atomic increments.

Tested with:

```
$ for I in $(seq 1 1000); do echo ":: Test run $I..."; ./bin/llvm-lit projects/compiler-rt/test/profile/Profile-x86_64h/ContinuousSyncMode/online-merging.c -av || break; done
```

rdar://64956774
2020-07-02 13:31:56 -07:00
Fangrui Song 48c196f5c8 [gcov] Move llvm_writeout_files from atexit to a static destructor
atexit registered functions run earlier so `__attribute__((destructor))`
annotated functions cannot be tracked.

Set a priority of 100 (compatible with GCC 7 onwards) to track
destructors and destructors whose priorities are greater than 100.

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=7970

Reviewed By: calixte, marco-c

Differential Revision: https://reviews.llvm.org/D82253
2020-07-01 16:41:55 -07:00
Ryan Prichard 3fb48b7088 [compiler-rt][Android] Use correct builtins library name for tests
The builtins library name is special on Android:

 * There is an "-android" suffix.

 * For the compiler-rt i386 architecture, Android targets i686 (in the
   triple and in the builtins library filename)

With this change, check-builtins works with Android.

Reviewed By: compnerd

Differential Revision: https://reviews.llvm.org/D82149
2020-07-01 14:30:25 -07:00
Gui Andrade 05d79295df [Sanitizers] Disable sysmsg interceptors on Android 2020-07-01 18:32:28 +00:00
Gui Andrade cc4d523bb6 sanitizer_common_interceptors: Fix lint errors 2020-07-01 17:33:35 +00:00
Gui Andrade 144e57fc95 [Sanitizers] Implement interceptors for msgsnd, msgrcv
Differential Revision: https://reviews.llvm.org/D82897
2020-06-30 23:48:10 +00:00
Julian Lettner 32791937d7 [Sanitizer] Remove obsolete assert for OS version checking on Darwin
macOS versions do not necessarily start with 10 anymore.  Remove an
obsolete assert.
2020-06-30 13:36:10 -07:00
Anatoly Trosinenko 0ee439b705 [builtins] Change si_int to int in some helper declarations
This patch changes types of some integer function arguments or return values from `si_int` to the default `int` type to make it more compatible with `libgcc`.

The compiler-rt/lib/builtins/README.txt has a link to the [libgcc specification](http://gcc.gnu.org/onlinedocs/gccint/Libgcc.html#Libgcc). This specification has an explicit note on `int`, `float` and other such types being just illustrations in some cases while the actual types are expressed with machine modes.

Such usage of always-32-bit-wide integer type may lead to issues on 16-bit platforms such as MSP430. Provided [libgcc2.h](https://gcc.gnu.org/git/?p=gcc.git;a=blob_plain;f=libgcc/libgcc2.h;hb=HEAD) can be used as a reference for all targets supported by the libgcc, this patch fixes some existing differences in helper declarations.

This patch is expected to not change behavior at all for targets with 32-bit `int` type.

Differential Revision: https://reviews.llvm.org/D81285
2020-06-30 11:07:02 +03:00
Petr Hosek cf1d044843 [CMake][compiler-rt] Only set lld as available when it was built
The `-fuse-ld=lld` check might succeed because there's a system lld,
but that lld may be out-of-date which would cause any tests that
attempt to use for LTO fail. This was observed on some of the bots.

Differential Revision: https://reviews.llvm.org/D81629
2020-06-29 15:09:05 -07:00
Steven Wu 898b01602b [compiler-rt] Fix mismatched #if/#endif comments
Fix a mismatched #if/#endif comments from my previous commit.
2020-06-26 14:54:35 -07:00
Anatoly Trosinenko a4e8f7fe3f [builtins] Improve compatibility with 16 bit targets
Some parts of existing codebase assume the default `int` type to be (at least) 32 bit wide. On 16 bit targets such as MSP430 this may cause Undefined Behavior or results being defined but incorrect.

Differential Revision: https://reviews.llvm.org/D81408
2020-06-26 15:31:11 +03:00
Steven Wu b2303debfa [compiler-rt] Add support for arm64 macOS
Summary: Allow compiler-rt to build for arm64 support on macOS.

Reviewers: arphaman, doug.gregor, dexonsmith

Reviewed By: arphaman, dexonsmith

Subscribers: dberris, mgorny, kristof.beyls, jkorous, ributzka, danielkiss, #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D82610
2020-06-25 16:44:36 -07:00
Anatoly Trosinenko a931ec7ca0 [builtins] Move more float128-related helpers to GENERIC_TF_SOURCES list
There are two different _generic_ lists of source files in the compiler-rt/lib/builtins/CMakeLists.txt. Now there is no simple way to not use the tf-variants of helpers at all.

Since there exists a separate `GENERIC_TF_SOURCES` list, it seems quite natural to move all float128-related helpers there. If it is not possible for some reason, it would be useful to have an explanation of that reason somewhere near the `GENERIC_TF_SOURCES` definition.

Differential Revision: https://reviews.llvm.org/D81282
2020-06-25 22:32:49 +03:00
Hiroshi Yamauchi 9878996c70 Revert "[PGO] Extend the value profile buckets for mem op sizes."
This reverts commit 63a89693f0.

Due to a build failure like http://lab.llvm.org:8011/builders/sanitizer-windows/builds/65386/steps/annotate/logs/stdio
2020-06-25 11:13:49 -07:00