Dmitry Vyukov
6bd917a31f
asan: optimization experiments
...
The experiments can be used to evaluate potential optimizations that remove
instrumentation (assess false negatives). Instead of completely removing
some instrumentation, you set Exp to a non-zero value (mask of optimization
experiments that want to remove instrumentation of this instruction).
If Exp is non-zero, this pass will emit special calls into runtime
(e.g. __asan_report_exp_load1 instead of __asan_report_load1). These calls
make runtime terminate the program in a special way (with a different
exit status). Then you run the new compiler on a buggy corpus, collect
the special terminations (ideally, you don't see them at all -- no false
negatives) and make the decision on the optimization.
The exact reaction to experiments in runtime is not implemented in this patch.
It will be defined and implemented in a subsequent patch.
http://reviews.llvm.org/D8198
llvm-svn: 232501
2015-03-17 16:59:11 +00:00
Sergey Matveev
348800b3d9
[asan] Demote "trying to poison/unpoison memory region" messages...
...
... to verbosity level 3. Because log spam.
llvm-svn: 230974
2015-03-02 17:13:38 +00:00
Evgeniy Stepanov
f074b3c2de
[asan] Allow changing verbosity in activation flags.
...
This change removes some debug output in asan_flags.cc that
was reading the verbosity level before all the flags were parsed.
llvm-svn: 226566
2015-01-20 13:21:20 +00:00
Alexey Samsonov
91bb25f515
[ASan] Introduce SetCanPoisonMemory() function.
...
SetCanPoisonMemory()/CanPoisonMemory() functions are now used
instead of "poison_heap" flag to determine if ASan is allowed
to poison the shadow memory. This allows to hot-patch this
value in runtime (e.g. during ASan activation) without introducing
a data race.
llvm-svn: 224395
2014-12-17 00:01:02 +00:00
Kostya Serebryany
c9855da6d9
[asan] the run-time part of intra-object-overflow detector (-fsanitize-address-field-padding=1). Note that all of this is still experimental; don't use unless you are brave.
...
llvm-svn: 220013
2014-10-17 01:22:37 +00:00
Kostya Serebryany
da9d495d03
[asan] add a test for array cookie if the operator new is defined inside the class (the cookie should not be poisoned in such case); update the related comment in asan_poisoning.cc
...
llvm-svn: 218620
2014-09-29 19:40:56 +00:00
Kostya Serebryany
1fb81720ec
[asan] relax the assertion around array cookie load; still need to extract a reproducer where this assertion fails...
...
llvm-svn: 217215
2014-09-05 01:16:30 +00:00
Kostya Serebryany
ac77055272
[asan] introduce __asan_load_cxx_array_cookie: check that the array cookie address is properly poisoned and return the cookie value. If not, return 0 to avoid infinite loop of DTORs (in case of use-after-free). Calls to this function will be inserted by clang (separate change)
...
llvm-svn: 216692
2014-08-28 22:28:04 +00:00
Kostya Serebryany
e9f24a9b3b
[asan] poison array cookies only on 64-bit arch
...
llvm-svn: 214713
2014-08-04 12:59:45 +00:00
Kostya Serebryany
522c35eb80
[asan] introduce __asan_poison_cxx_array_cookie. This is asan-rt part of PR19838 (Left OOB accesses on new[]-allocated arrays with array cookies are not detected). No tests yet. They will follow once I commit the clang part.
...
llvm-svn: 214711
2014-08-04 12:43:13 +00:00
Kostya Serebryany
7a733480c8
[asan] introduce interface function __sanitizer_verify_contiguous_container to verify annotations in vector-like containers
...
llvm-svn: 208092
2014-05-06 14:41:01 +00:00
Kostya Serebryany
38bb53b2c5
[asan] add a run-time flag detect_container_overflow=true/false
...
llvm-svn: 206753
2014-04-21 14:18:45 +00:00
Kostya Serebryany
90527cb324
[asan] don't use bool in public interface, make sure the interface headers are usable in plain C
...
llvm-svn: 206160
2014-04-14 11:16:53 +00:00
Kostya Serebryany
f694ab1f18
[asan] provide better reports for cases where memcpy/etc get negative size parameter. Also fix a typo found by Tetsuo Kiso
...
llvm-svn: 206158
2014-04-14 09:50:52 +00:00
Kostya Serebryany
4871067a55
[asan] relax the checks inside __sanitizer_annotate_contiguous_container: they are too optimistic due to https://code.google.com/p/address-sanitizer/issues/detail?id=258 .
...
llvm-svn: 199715
2014-01-21 09:53:49 +00:00
Kostya Serebryany
a650116adb
[asan] convert a CHECK failure in __sanitizer_annotate_contiguous_container into a proper warning message
...
llvm-svn: 197899
2013-12-23 07:01:43 +00:00
Kostya Serebryany
e55d388e71
[asan] when a fake stack is being unmapped also flush the corresponding shadow
...
llvm-svn: 197040
2013-12-11 14:26:41 +00:00
Sergey Matveev
47b02994f1
Fix Windows build.
...
llvm-svn: 196780
2013-12-09 13:24:44 +00:00
Sergey Matveev
b1b8d1aa47
[lsan] Make LSan ignore memory poisoned by ASan.
...
Summary:
No more (potenital) false negatives due to red zones or fake stack
frames.
Reviewers: kcc, samsonov
Reviewed By: samsonov
CC: llvm-commits, samsonov
Differential Revision: http://llvm-reviews.chandlerc.com/D2359
llvm-svn: 196778
2013-12-09 13:12:10 +00:00
Sergey Matveev
9be70fbda9
[sanitizer] Introduce VReport and VPrintf macros and use them in sanitizer code.
...
Instead of "if (common_flags()->verbosity) Report(...)" we now have macros.
llvm-svn: 196497
2013-12-05 12:04:51 +00:00
Kostya Serebryany
3771a3dd73
[asan] remove a fixed FIXME; extend the comment around __sanitizer_annotate_contiguous_container
...
llvm-svn: 195131
2013-11-19 14:54:14 +00:00
Kostya Serebryany
7b664299f0
[asan] new shadow poison magic for contiguous-container-buffer-overflow, addressed Alexey Samsonov's comments for r195011
...
llvm-svn: 195117
2013-11-19 08:40:07 +00:00
Kostya Serebryany
60ecf38133
[asan] fix Windows build
...
llvm-svn: 195012
2013-11-18 14:26:13 +00:00
Kostya Serebryany
3d97c2040d
[asan] introduce __sanitizer_annotate_contiguous_container
...
llvm-svn: 195011
2013-11-18 14:02:05 +00:00
Dmitry Vyukov
52ca74ec61
tsan: move verbosity flag to CommonFlags
...
llvm-svn: 192701
2013-10-15 13:28:51 +00:00
Evgeniy Stepanov
56050e8f69
[sanitizer] Fix __sanitizer_unaligned_* to work with unaligned data types.
...
llvm-svn: 183224
2013-06-04 13:49:10 +00:00
Kostya Serebryany
92684efb1d
[asan] implement callbacks for unaligned loads/stores
...
Reviewers: samsonov
Reviewed By: samsonov
CC: samsonov, llvm-commits
Differential Revision: http://llvm-reviews.chandlerc.com/D652
llvm-svn: 179175
2013-04-10 13:59:32 +00:00
Kostya Serebryany
5b4267f7e7
[sanitizer] found a bug by code inspection: CHECK(a=b) instead of CHECK(a==b). Was puzzled why lint did not catch it. Turns out this check was disabled for asan source. fix all cases and enable the check
...
llvm-svn: 178872
2013-04-05 14:40:25 +00:00
Alexey Samsonov
a88c60b085
[ASan] Speed-up initialization-order checking: create and use fast versions of PoisonShadow functions, store copies of __asan_global descriptors in a vector instead of list of pointers. This gives 3x speedup on both benchmarks and real binaries with lots of globals.
...
llvm-svn: 178239
2013-03-28 15:42:43 +00:00
Alexey Samsonov
a0c0da8f51
[ASan] Split ASan interface header into private and public parts. Add a test that makes sure users can include interface header
...
llvm-svn: 174058
2013-01-31 13:46:14 +00:00
Kostya Serebryany
63c36bbe5e
[asan] fix two off-by-one errors that seem to affect only PowerPC because only there the stack top may be equal to the address space top. Noted by Andreas Schwab in http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55975#c11 . Also make swapcontext interceptor a bit more robust
...
llvm-svn: 172807
2013-01-18 11:30:36 +00:00
Kostya Serebryany
cb510e50e2
[asan] implement more strict checking for memset/etc parameters. Instead of checking the first and the last byte, we check the entire shadow region. This costs ~10 slowdown for the instrumented functions. Motivated by a nasty memset-buffer-overflow-by-140-bytes in chrome which was reported as a use-after-free or not at all
...
llvm-svn: 171198
2012-12-28 15:24:16 +00:00
Kostya Serebryany
9da3dd0415
[asan] add a flag poison_heap to allow better allocator benchmarking, implemenet malloc_stats() on Linux
...
llvm-svn: 170685
2012-12-20 11:54:21 +00:00
Kostya Serebryany
7dfb168eb8
[asan] more asan_allocator2 code: actually un/poison shadow on malloc/free
...
llvm-svn: 170190
2012-12-14 12:15:09 +00:00
Alexey Samsonov
45b6edbd1d
ASan: add new interface functions - __asan_(un)poison_stack_memory. Calls to these functions are inserted by the instrumentation pass in use-after-scope mode
...
llvm-svn: 169201
2012-12-04 01:38:15 +00:00
Chandler Carruth
1aa4fef601
Relocate the external headers provided by ASan and the common sanitizer
...
library.
These headers are intended to be available to user code when built with
AddressSanitizer (or one of the other sanitizer's in the future) to
interface with the runtime library. As such, they form stable external
C interfaces, and the headers shouldn't be located within the
implementation.
I've pulled them out into what seem like fairly obvious locations and
names, but I'm wide open to further bikeshedding of these names and
locations.
I've updated the code and the build system to cope with the new
locations, both CMake and Makefile. Please let me know if this breaks
anyone's build.
The eventual goal is to install these headers along side the Clang
builtin headers when we build the ASan runtime and install it. My
current thinking is to locate them at:
<prefix>/lib/clang/X.Y/include/sanitizer/common_interface_defs.h
<prefix>/lib/clang/X.Y/include/sanitizer/asan_interface.h
<prefix>/lib/clang/X.Y/include/sanitizer/...
But maybe others have different suggestions?
Fixing the style of the #include between these headers at least unblocks
experimentation with installing them as they now should work when
installed in these locations.
llvm-svn: 162822
2012-08-29 02:27:54 +00:00
Alexey Samsonov
34efb8e9b9
[ASan] Use common flags parsing machinery.
...
llvm-svn: 159933
2012-07-09 14:36:04 +00:00
Alexey Samsonov
461820ad67
[ASan] Make printf arguments match format strings better.
...
llvm-svn: 158059
2012-06-06 10:46:00 +00:00
Alexey Samsonov
485d3dc363
Remove file-type tags for .cc files in ASan run-time library
...
llvm-svn: 157927
2012-06-04 13:50:10 +00:00
Kostya Serebryany
1d35d155fd
[asan] more renaming
...
llvm-svn: 157747
2012-05-31 15:02:07 +00:00
Kostya Serebryany
8d03204204
[asan] more renaming
...
llvm-svn: 157746
2012-05-31 14:35:53 +00:00
Kostya Serebryany
1b71207f48
[asan,tsan] introduce sanitizer_common/sanitizer_defs.h and perform some renaming in asan rt. More to come.
...
llvm-svn: 157743
2012-05-31 14:11:07 +00:00
Kostya Serebryany
fd2037162e
[asan] performance optimization: make sure the check for poisoned shadow inside inteceptors is inlined
...
llvm-svn: 152767
2012-03-15 01:18:06 +00:00
Alexey Samsonov
e725478e2f
AddressSanitizer: replace all "real_X" calls with "REAL(X)"
...
llvm-svn: 150073
2012-02-08 13:45:31 +00:00
Alexey Samsonov
f9fef3d275
AddressSanitizer: simplify RoundUpToPowerOfTwo/clz; add a couple of CHECKs for real_X calls. Patch by timurrrr@google.com
...
llvm-svn: 149687
2012-02-03 08:50:16 +00:00
Kostya Serebryany
2d27cdf621
[asan] minimize the use of STL. One bit is still left.
...
llvm-svn: 145691
2011-12-02 18:42:04 +00:00
Kostya Serebryany
15dd3f2500
Refactor shadow poisoning done by asan-rt, no funtionality changes; patch by samsonov@google.com
...
llvm-svn: 145505
2011-11-30 18:50:23 +00:00
Kostya Serebryany
019b76f5fd
AddressSanitizer run-time library. Not yet integrated with the compiler-rt build system, but can be built using the old makefile. See details in README.txt
...
llvm-svn: 145463
2011-11-30 01:07:02 +00:00