Summary:
Often, a code will call multiple virtual methods of a given object.
If they go in a linear block, it should be possible to check vtable
before the first call, then store vtable pointer and reuse it for
the second vcall without any additional checks.
This is expected to have a positive performance impact on a hot
path in Blink, see https://crbug.com/634139.
Reviewers: kcc
Differential Revision: https://reviews.llvm.org/D23151
llvm-svn: 277795
These are meant to only be included on certain targets. This only disables it
for Windows ARM for now. Ideally these would be conditionally included as
appropriate.
llvm-svn: 277777
Our Report implementation calls OutputDebugString, which calls
RtlRaiseException, which can re-enter back into the ASan runtime and
cause a hang.
Don't treat this special debugger-only exception code as a noreturn
event, since the stack won't really unwind all the way.
llvm-svn: 277763
Summary:
The sanitizer allocators can works with a dynamic address space
(i.e. specified with ~0ULL).
Unfortunately, the code was broken on GetMetadata and GetChunkIdx.
The current patch is moving the Win64 memory test to a dynamic
address space. There is a migration to move every concept to a
dynamic address space on windows.
To have a better coverage, the unittest are now testing
dynamic address space on other platforms too.
Reviewers: rnk, kcc
Subscribers: kubabrecka, dberris, llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23170
llvm-svn: 277745
Since the directory is empty on Darwin, disable the inclusion and avoid
the warning below. Exclude on Android as well to match the behavior from
lib/interception/tests/CMakeLists.txt
lit.py:
/Users/buildslave/jenkins/sharedspace/clang-R_master@2/llvm/utils/lit/lit/discovery.py:224:
warning: input
'/Users/buildslave/jenkins/sharedspace/clang-R_master@2/clang-build/Build/tools/clang/runtime/compiler-rt-bins/test/interception/Unit'
contained no tests
This fixes the above warning in some of public bots, like
http://lab.llvm.org:8080/green/job/clang-stage2-configure-Rlto_check/8686
Differential Revision: https://reviews.llvm.org/D23128
rdar://problem/27581108
llvm-svn: 277692
We now stash and restore the xmm registers in the trampolines so that
log handlers don't need to worry about clobbering these registers.
In response to comments in D21612.
Reviewers: rSerge, eugenis, echristo, rnk
Subscribers: mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D23051
llvm-svn: 277683
Summary:
-lowertypetests-bitsets-level controls which kinds of bitsets
are generated, as introduced in r277556. This change adds tests
to compiler-rt.
Reviewers: kcc
Differential Revision: https://reviews.llvm.org/D23103
llvm-svn: 277632
Summary:
Respect the handle_sigill common flag and handle_segv flags while we're
at it.
We still handle signals/exceptions differently on Unix and Windows. The
installation process is tricky on Windows, and difficult to push down
into sanitizer_common without concerning it with the different
static/dynamic CRT models on Windows.
Reviewers: kcc, etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23098
llvm-svn: 277621
Summary:
This patch is fixing a broken unittest which make the win64 bot failing.
The bug was introduce here:
https://reviews.llvm.org/D23046
The interception code is not the same in 32-bit and in 64-bit.
The added unittest can only be patched on 32-bits.
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23099
llvm-svn: 277560
In r235779, Timur bumped the buffer size up to 1<<27, or about 134
million coverage points, presumably to handle Chrome. We allocate two
arrays of uptrs with this size, and this reliably exhausts all available
address space on 32-bit Windows (2 allocations of 512MB) when ASan is
also enabled.
Let's reduce the buffer size for now to stabilize the test suite. We can
re-evaluate the approach later when we've brought the Chrome ASan
builders back to life.
Kostya said that Mike reduced the number of instrumented coverage points
that LLVM emits by half since Timur made this change, so reducing this
array size should also be safe.
With this change, the 32-bit ASan tests reliably pass for me on Windows
10.
llvm-svn: 277558
Summary:
Currently, the Scudo Hardened Allocator only gets its flags via the SCUDO_OPTIONS environment variable.
With this patch, we offer the opportunity for programs to define their own options via __scudo_default_options() which behaves like __asan_default_options() (weak symbol).
A relevant test has been added as well, and the documentation updated accordingly.
I also used this patch as an opportunity to rename a few variables to comply with the LLVM naming scheme, and replaced a use of Report with dieWithMessage for consistency (and to avoid a callback).
Reviewers: llvm-commits, kcc
Differential Revision: https://reviews.llvm.org/D23018
llvm-svn: 277536
Summary:
These instructions where not supported on my win7 computer.
They were happening on strstr when building chrome unittests with asan.
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23081
llvm-svn: 277519
Summary:
On my install of Windows 10, RaiseException is a tail call to
kernelbase!RaiseException. Obviously, we fail to intercept that.
Instead, try hooking at the ntdll!RtlRaiseException layer. It is
unlikely that this layer will contain control flow.
Intercepting at this level requires adding a decoding for
'LEA ESP, [ESP + 0xXXXXXXXX]', which is a really obscure way to write
'SUB ESP, 0xXXXXXXXX' that avoids clobbering EFLAGS.
Reviewers: etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23046
llvm-svn: 277518
We no longer assign ids to unregistered threads. We don't have any stack
trace for thread creation for these worker threads, so this shouldn't
affect report quality much.
llvm-svn: 277514
Summary:
On Windows 10, this gets called after TLS has been torn down from NTDLL,
and we crash attempting to return fake_tsd. This interceptor isn't
needed after r242948 anyway, so let's remove it. The ASan runtime can
now tolerate unregistered threads calling __asan_handle_no_return.
Reviewers: vitalybuka, etienneb
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23044
llvm-svn: 277478
The system implementation of OSAtomicTestAndClear returns the original bit, but the TSan interceptor has a bug which always returns zero from the function. This patch fixes this and adds a test.
Differential Revision: https://reviews.llvm.org/D23061
llvm-svn: 277461
On Darwin, there are some apps that rely on realloc(nullptr, 0) returning a valid pointer. TSan currently returns nullptr in this case, let's fix it to avoid breaking binary compatibility.
Differential Revision: https://reviews.llvm.org/D22800
llvm-svn: 277458
/Zi creates a separate PDB that we're supposed to pass along with our
sanitizer libraries, but the object library compilation rules aren't set
up to handle that. Rather than set that up, put the debug info in the
object files the way every other platform does it with /Z7.
llvm-svn: 277406
Summary: rnk reported that MSVC ignores unknown flags and still returns 0. This should cause unknown flags to be an error during the compiler check.
Reviewers: rnk
Subscribers: brad.king, llvm-commits
Differential Revision: https://reviews.llvm.org/D23030
llvm-svn: 277377
We were getting warnings about how 'uint32_t*' is different from
'unsigned long*' even though they are effectively the same on Windows.
llvm-svn: 277363
When we run halt_on_error-torture.cc with 10 threads and 20 iterations with halt_on_error=false:suppress_equal_pcs=false, we write 200 reports to 10.txt file and sometimes have collisions.
We have CHECK-COLLISION check that greps 'AddressSanitizer: nested bug in the same thread, aborting' message in 10.txt, but it doesn't contain this line.
If I don't redirect stderr > 10.txt 'AddressSanitizer: nested bug in the same thread, aborting' is printed to my screen as expected.
Same happens for halt_on_error_suppress_equal_pcs.cc and halt_on_error-torture.cc. This happens because of kernel bug: https://lkml.org/lkml/2014/2/17/324
Furtunately, we can fix these tests by implicitly setting O_APPEND for opened files (use >> instead of > for stderr redirection).
Differential Revision: https://reviews.llvm.org/D22921
llvm-svn: 277324
Summary:
Due to a QoI issuse in FreeBSD's libcxxrt-based demangler, one sanitizer
symbolizer test consistently appears to fail:
Value of: DemangleSwiftAndCXX("foo")
Actual: "float"
Expected: "foo"
This is because libcxxrt's __cxa_demangle() incorrectly demangles the "foo"
identifier to "float". It should return an error instead.
For now, XFAIL this particular test for FreeBSD, until we can fix libcxxrt
properly (which might take some time to coordinate with upstream).
Reviewers: rnk, zaks.anna, emaste
Subscribers: emaste, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23001
llvm-svn: 277297
Summary:
On windows, an export can be redirected to an other DLL.
This patch is adding the required support to the internal
GetProcAddress implementation.
This case was encountered by instrumenting chromium (win 64-bits)
using this GN configuration:
```
is_component_build = true
is_debug = false
enable_nacl = false
is_clang = true
is_asan = true
clang_base_path = "d:\src\llvm\ninja64"
clang_use_chrome_plugins = false
clang_version = "4.0.0"
```
The operating system is win7 (x64).
Visual Studio: 2015 Professional
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D22880
llvm-svn: 277294
This patch adds 48-bits VMA support for tsan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable. This
limits the mapping mechanism because the PIE address bits
(usually 0aaaaXXXXXXXX) makes it harder to create a mask/xor value
to include all memory regions. I think it is possible to create a
large application VAM range by either dropping PIE support or tune
current range.
It also changes slight the way addresses are packed in SyncVar structure:
previously it assumes x86_64 as the maximum VMA range. Since ID is 14 bits
wide, shifting 48 bits should be ok.
Tested on x86_64, ppc64le and aarch64 (39 and 48 bits VMA).
llvm-svn: 277137
This addresses some comments from D21612, which contains the following changes:
- Update __xray_patch() and __xray_unpatch() API documentation to not imply asynchrony.
- Introduce a scope cleanup mechanism to make sure we can roll-back changes to the XRayPatching global atomic.
- Introduce a few more comments for potential extension points for other platforms (for the implementation details of patching and un-patching).
Reviewers: eugenis, rnk, kcc, echristo, majnemer
Subscribers: llvm-commits, mehdi_amini
Differential Revision: https://reviews.llvm.org/D22911
llvm-svn: 277124
Summary:
Test where broken because of missing lifetime markers for temps and
because of aggressive optimization which removed markers in some cases.
PR27453
Reviewers: eugenis, kcc
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D22894
llvm-svn: 277074
Ivan Krasin