Commit Graph

12744 Commits

Author SHA1 Message Date
Nemanja Ivanovic 7cc6d0cc90 [TSAN] Fix infinite loop on targets where char is unsigned
For targets where char is unsigned (like PowerPC), something like
char c = fgetc(...) will never produce a char that will compare
equal to EOF so this loop does not terminate.
Change the type to int (which appears to be the POSIX return type
for fgetc).
This allows the test case to terminate normally on PPC.
2020-04-11 07:12:47 -05:00
Dmitry Vyukov c65e6079fc tsan: add newline in test file
Buildbots say:

[126/127] Running lint check for sanitizer sources...
FAILED: projects/compiler-rt/lib/CMakeFiles/SanitizerLintCheck
cd /home/buildbots/ppc64be-clang-multistage-test/clang-ppc64be-multistage/stage1/projects/compiler-rt/lib && env LLVM_CHECKOUT=/home/buildbots/ppc64be-clang-multistage-test/clang-ppc64be-multistage/llvm/llvm SILENT=1 TMPDIR= PYTHON_EXECUTABLE=/usr/bin/python COMPILER_RT=/home/buildbots/ppc64be-clang-multistage-test/clang-ppc64be-multistage/llvm/compiler-rt /home/buildbots/ppc64be-clang-multistage-test/clang-ppc64be-multistage/llvm/compiler-rt/lib/sanitizer_common/scripts/check_lint.sh
/home/buildbots/ppc64be-clang-multistage-test/clang-ppc64be-multistage/llvm/compiler-rt/test/tsan/fiber_cleanup.cpp:71:  Could not find a newline character at the end of the file.  [whitespace/ending_newline] [5]
ninja: build stopped: subcommand failed.

Somehow this check is not part of 'ninja check-tsan'.
2020-04-11 11:13:39 +02:00
Dmitry Vyukov 1624be938d tsan: fix leak of ThreadSignalContext memory mapping when destroying fibers
When creating and destroying fibers in tsan a thread state is created and destroyed. Currently, a memory mapping is leaked with each fiber (in __tsan_destroy_fiber). This causes applications with many short running fibers to crash or hang because of linux vm.max_map_count.

The root of this is that ThreadState holds a pointer to ThreadSignalContext for handling signals. The initialization and destruction of it is tied to platform specific events in tsan_interceptors_posix and missed when destroying a fiber (specifically, SigCtx is used to lazily create the ThreadSignalContext in tsan_interceptors_posix). This patch cleans up the memory by makinh the ThreadState create and destroy the ThreadSignalContext.

The relevant code causing the leak with fibers is the fiber destruction:

void FiberDestroy(ThreadState *thr, uptr pc, ThreadState *fiber) {
  FiberSwitchImpl(thr, fiber);
  ThreadFinish(fiber);
  FiberSwitchImpl(fiber, thr);
  internal_free(fiber);
}

Author: Florian
Reviewed-in: https://reviews.llvm.org/D76073
2020-04-11 10:30:31 +02:00
Dmitry Vyukov efeb35e195 tsan: disable ASLR in Go test on NetBSD
Tsan does not support ASLR on NetBSD.
Disable ASLR in the Go test and extend
the error message to be more actionable.

Reported-by: Keith Randall (khr)
2020-04-11 09:46:45 +02:00
Matt Morehouse bef187c750 Implement `-fsanitize-coverage-whitelist` and `-fsanitize-coverage-blacklist` for clang
Summary:
This commit adds two command-line options to clang.
These options let the user decide which functions will receive SanitizerCoverage instrumentation.
This is most useful in the libFuzzer use case, where it enables targeted coverage-guided fuzzing.

Patch by Yannis Juglaret of DGA-MI, Rennes, France

libFuzzer tests its target against an evolving corpus, and relies on SanitizerCoverage instrumentation to collect the code coverage information that drives corpus evolution. Currently, libFuzzer collects such information for all functions of the target under test, and adds to the corpus every mutated sample that finds a new code coverage path in any function of the target. We propose instead to let the user specify which functions' code coverage information is relevant for building the upcoming fuzzing campaign's corpus. To this end, we add two new command line options for clang, enabling targeted coverage-guided fuzzing with libFuzzer. We see targeted coverage guided fuzzing as a simple way to leverage libFuzzer for big targets with thousands of functions or multiple dependencies. We publish this patch as work from DGA-MI of Rennes, France, with proper authorization from the hierarchy.

Targeted coverage-guided fuzzing can accelerate bug finding for two reasons. First, the compiler will avoid costly instrumentation for non-relevant functions, accelerating fuzzer execution for each call to any of these functions. Second, the built fuzzer will produce and use a more accurate corpus, because it will not keep the samples that find new coverage paths in non-relevant functions.

The two new command line options are `-fsanitize-coverage-whitelist` and `-fsanitize-coverage-blacklist`. They accept files in the same format as the existing `-fsanitize-blacklist` option <https://clang.llvm.org/docs/SanitizerSpecialCaseList.html#format>. The new options influence SanitizerCoverage so that it will only instrument a subset of the functions in the target. We explain these options in detail in `clang/docs/SanitizerCoverage.rst`.

Consider now the woff2 fuzzing example from the libFuzzer tutorial <https://github.com/google/fuzzer-test-suite/blob/master/tutorial/libFuzzerTutorial.md>. We are aware that we cannot conclude much from this example because mutating compressed data is generally a bad idea, but let us use it anyway as an illustration for its simplicity. Let us use an empty blacklist together with one of the three following whitelists:

```
  # (a)
  src:*
  fun:*

  # (b)
  src:SRC/*
  fun:*

  # (c)
  src:SRC/src/woff2_dec.cc
  fun:*
```

Running the built fuzzers shows how many instrumentation points the compiler adds, the fuzzer will output //XXX PCs//. Whitelist (a) is the instrument-everything whitelist, it produces 11912 instrumentation points. Whitelist (b) focuses coverage to instrument woff2 source code only, ignoring the dependency code for brotli (de)compression; it produces 3984 instrumented instrumentation points. Whitelist (c) focuses coverage to only instrument functions in the main file that deals with WOFF2 to TTF conversion, resulting in 1056 instrumentation points.

For experimentation purposes, we ran each fuzzer approximately 100 times, single process, with the initial corpus provided in the tutorial. We let the fuzzer run until it either found the heap buffer overflow or went out of memory. On this simple example, whitelists (b) and (c) found the heap buffer overflow more reliably and 5x faster than whitelist (a). The average execution times when finding the heap buffer overflow were as follows: (a) 904 s, (b) 156 s, and (c) 176 s.

We explain these results by the fact that WOFF2 to TTF conversion calls the brotli decompression algorithm's functions, which are mostly irrelevant for finding bugs in WOFF2 font reconstruction but nevertheless instrumented and used by whitelist (a) to guide fuzzing. This results in longer execution time for these functions and a partially irrelevant corpus. Contrary to whitelist (a), whitelists (b) and (c) will execute brotli-related functions without instrumentation overhead, and ignore new code paths found in them. This results in faster bug finding for WOFF2 font reconstruction.

The results for whitelist (b) are similar to the ones for whitelist (c). Indeed, WOFF2 to TTF conversion calls functions that are mostly located in SRC/src/woff2_dec.cc. The 2892 extra instrumentation points allowed by whitelist (b) do not tamper with bug finding, even though they are mostly irrelevant, simply because most of these functions do not get called. We get a slightly faster average time for bug finding with whitelist (b), which might indicate that some of the extra instrumentation points are actually relevant, or might just be random noise.

Reviewers: kcc, morehouse, vitalybuka

Reviewed By: morehouse, vitalybuka

Subscribers: pratyai, vitalybuka, eternalsakura, xwlin222, dende, srhines, kubamracek, #sanitizers, lebedev.ri, hiraditya, cfe-commits, llvm-commits

Tags: #clang, #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D63616
2020-04-10 10:44:03 -07:00
Florian Hahn d6525eff5e [compiler-rt] Try to disable failing test on Darwin.
Looks like this test fails on Darwin x86_64 as well:

http://green.lab.llvm.org/green/job/clang-stage1-RA/8593/

Command Output (stderr):
--
fatal error: error in backend: Global variable '__sancov_gen_' has an invalid section specifier '__DATA,__sancov_bool_flag': mach-o section specifier requires a section whose length is between 1 and 16 characters.
2020-04-10 11:08:49 +01:00
Dmitry Vyukov 87735b5b1d tsan: don't check libc dependency on NetBSD
This new check fails on NetBSD as well.
It is meant to prevent regressions, so disable it on NetBSD.

Reported-by: Keith Randall (khr)
2020-04-10 11:12:55 +02:00
Peter Collingbourne 9c86b83ffc scudo: Replace ALIGNED macro with standard alignas specifier.
alignas was introduced in C++11 and is already being used throughout LLVM.

Differential Revision: https://reviews.llvm.org/D77823
2020-04-09 14:36:03 -07:00
Pratyai Mazumder 2d39559d68 [SanitizerCoverage] Add compiler-rt test for -fsanitize-coverage=inline-bool-flag
Reviewers: kcc, vitalybuka

Reviewed By: vitalybuka

Subscribers: dberris, #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D77638
2020-04-09 13:49:13 -07:00
Marek Kurdej 8b3d3921b0 [libFuzzer] Fix typo in seed_inputs flag description. NFC. 2020-04-09 13:54:07 +02:00
Raul Tambre 3e9d074dea [compiler-rt] Don't print warning about missing testingsupport if not including tests
Reviewers: samsonov, vitalybuka

Reviewed By: vitalybuka

Subscribers: dberris, mgorny, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D77375
2020-04-09 02:31:12 -07:00
Ilya Leoshkevich aaba9a7761 [compiler-rt] Don't use __libc_stack_end on ARM
Summary:
Commit b684c1a50f ("Add a `Symbolizer::GetEnvP()` method that allows
symbolizer implementations to customise the environment of the
symbolizer binary.") exposed a latent ARM issue, and that broke

http://lab.llvm.org:8011/builders/clang-cmake-thumbv7-full-sh

This coincided with breakage caused by my commit 5f5fb56c68
("[compiler-rt] Intercept the uname() function"), so I had to
investigate.

The issue is that GetArgsAndEnv does not work on ARM: there glibc's
_start overwrites argc value stored at __libc_start_end, breaking the
existing argv/envp parsing logic.

Fix by inferring argc from argv.

Reviewers: eugenis, vitalybuka

Reviewed By: eugenis

Subscribers: dberris, kristof.beyls, danielkiss, #sanitizers, delcypher

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D77400
2020-04-08 14:25:59 +02:00
Dmitry Vyukov 2db63723a8 tsan: fix Go/ppc build
PPC now requires ReExec due to ASLR.
Pull in more functions for Go build.

Suggested-by: Keith Randall (khr)
2020-04-07 16:40:59 +02:00
Nico Weber e613f0ee8d Reland "Make llvm_source_root in llvm-lit relative too."
This reverts commit 3185881d69
and adds a missing "include(AddLLVM)" (similar lines already
exist elsewhere in compiler-rt).
2020-04-06 20:49:10 -04:00
Matt Morehouse ec69bac144 [sanitizer_common] Update global_symbols.txt. 2020-04-06 09:58:04 -07:00
Matt Morehouse d0498faeae Revert "[sanitizer_common] Show new unexpected symbols."
This reverts commit 68d73dfa1a.
2020-04-06 09:58:03 -07:00
Matt Morehouse 7bea22d36f Revert "[sanitizer_common] Update global_symbols.txt."
This reverts commit 98bb7fdbe5.
2020-04-06 09:58:03 -07:00
Matt Morehouse 98bb7fdbe5 [sanitizer_common] Update global_symbols.txt. 2020-04-06 09:43:34 -07:00
Matt Morehouse 68d73dfa1a [sanitizer_common] Show new unexpected symbols. 2020-04-06 09:43:33 -07:00
Kamil Rytarowski 695ca346eb [compiler-rt] Fix build on NetBSD 9.99.52+
Add a fallback definition of the netsmb device driver that
was removed.
2020-04-05 01:08:17 +02:00
Riyaz V Puthiyapurayil 9657446313 [compiler-rt] Build with correct ABI (PR38025)
Summary:
This patch fixes [[ https://bugs.llvm.org/show_bug.cgi?id=38025 | PR38025 ]]:
Wrong ABI used when building compiler-rt

Differential Revision: https://reviews.llvm.org/D74133
2020-04-03 11:53:40 -07:00
Ilya Leoshkevich 6897111231 [MSan] Add COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED
Summary:
MSan not implementing COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED looks
like an omission - this macro makes it possible for those intercepted
functions, which libc needs very early, to work before interceptors are
initialized (i.e. before REAL() is usable).

While currently there are no observable practical problems in this
area, changes in libc or in MSan runtime may provoke them. Therefore,
change MSan to work like ASan and TSan already do - use internal
functions in certain interceptors when initialization is not complete.

Reviewers: eugenis, vitalybuka

Reviewed By: eugenis

Subscribers: #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76969
2020-04-03 17:18:53 +02:00
Julian Lettner b94afc19eb iOS simulator testing: replace `simctl bootstatus` with boot+shutdown
rdar://59643443
2020-04-02 14:45:54 -07:00
Dmitry Vyukov 0fb8a53562 tsan: don't check libc dependency on FreeBSD
This check fails on FreeBSD:
https://github.com/golang/go/issues/14481#issuecomment-607471193
It is meant to prevent regressions, so disable it on FreeBSD.
2020-04-02 12:46:28 +02:00
Dmitry Vyukov e2d6023250 tsan: fix Go build on Windows
Fix similar to https://reviews.llvm.org/D77111 but fow Windows.

gotsan.cpp:14071:16: error: missing terminating ' character [-Werror]
case 0b10'010:  // c.lwsp (rd != x0)
         ^

Reported-by: Keith Randall
2020-04-01 10:36:29 +02:00
KAWASHIMA Takahiro 9180c14fe4 Fix simultaneous .gcda creation
The intent of the `llvm_gcda_start_file` function is that only
one process create the .gcda file and initialize it to be updated
by other processes later.

Before this change, if multiple processes are started simultaneously,
some of them may initialize the file because both the first and
second `open` calls may succeed in a race condition and `new_file`
becomes 1 in those processes. This leads incorrect coverage counter
values. This often happens in MPI (Message Passing Interface) programs.
The test program added in this change is a simple reproducer.

This change ensures only one process creates/initializes the file by
using the `O_EXCL` flag.

Differential Revision: https://reviews.llvm.org/D76206
2020-04-01 10:29:50 +09:00
Valentin Churavy cba15d1b5c
Add manually overriding of the darwin SDK version
Summary:
When doing cross-compilation from Linux to MacOS we don't have
access to have access to `xcodebuild` and therefore need a way
to set the SDK version from the outside.

Fixes https://reviews.llvm.org/D68292#1853594 for me.

Reviewers: delcypher, yln

Reviewed By: delcypher

Subscribers: #julialang, mgorny, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D77026
2020-03-31 12:54:56 -04:00
Douglas Yung 41c135d6d2 Fix buildgo.sh script to fix linux build failure due to changes in ad1466f8cb.
The above change used a binary literal that is not supported in c++11 mode when
using gcc. It was formalized into the c++14 standard and works when using that
mode to compile, so change the script to use c++14 instead.

Reviewed by: dvyukov

Differential Revision: https://reviews.llvm.org/D77111
2020-03-31 09:32:00 -07:00
Dmitry Vyukov 65b4695375 tsan: fix build bugs
1. Fix expression inside of DCHECK_LE.
2. Add a debug build test to buildgo.sh.
3. Fix race binary path in buildgo.sh.
2020-03-28 09:09:39 +01:00
Ilya Leoshkevich fad47d2225 [compiler-rt] Fall back to internal_uname() when called early
Summary:
Commit 5f5fb56c68 ("[compiler-rt] Intercept the uname() function")
broke sanitizer-x86_64-linux and clang-cmake-thumbv7-full-sh (again)
builds:

http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux/builds/26313
http://lab.llvm.org:8011/builders/clang-cmake-thumbv7-full-sh/builds/4324

The reason is that uname() can be called as early as
__pthread_initialize_minimal_internal(). When intercepted, this
triggers ASan initialization, which eventually calls dlerror(), which
in turn uses pthreads, causing all sorts of issues.

Fix by falling back to internal_uname() when interceptor runs before
ASan is initialized. This is only for Linux at the moment.

Reviewers: eugenis, vitalybuka

Reviewed By: eugenis

Subscribers: dberris, #sanitizers, pcc

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76919
2020-03-28 03:14:19 +01:00
Dan Liew 853a1e6942 Only add `darwin_log_cmd` lit shell test feature when the log can be queried.
Summary:
Follow up fix to 445b810fbd. The `log show` command only works for
privileged users so run a quick test of the command during lit config to
see if the command works and only add the `darwin_log_cmd` feature if
this is the case.

Unfortunately this means the `asan/TestCases/Darwin/duplicate_os_log_reports.cpp`
test and any other tests in the future that use this feature won't run
for unprivileged users which is likely the case in CI.

rdar://problem/55986279

Reviewers: kubamracek, yln, dcoughlin

Subscribers: Charusso, #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76899
2020-03-27 11:24:50 -07:00
Luís Marques ad1466f8cb [sanitizer][RISCV] Implement SignalContext::GetWriteFlag for RISC-V
This patch follows the approach also used for MIPS, where we decode the
offending instruction to determine if the fault was caused by a read or
write operation, as that seems to be the only relevant information we have
in the signal context structure to determine that.

Differential Revision: https://reviews.llvm.org/D75168
2020-03-26 19:55:35 +00:00
Dan Liew 445b810fbd [ASan] Fix issue where system log buffer was not cleared after reporting an issue.
Summary:
When ASan reports an issue the contents of the system log buffer
(`error_message_buffer`) get flushed to the system log (via
`LogFullErrorReport()`). After this happens the buffer is not cleared
but this is usually fine because the process usually exits soon after
reporting the issue.

However, when ASan runs in `halt_on_error=0` mode execution continues
without clearing the buffer. This leads to problems if more ASan
issues are found and reported.

1. Duplicate ASan reports in the system log. The Nth (start counting from 1)
ASan report  will be duplicated (M - N) times in the system log if M is the
number of ASan issues reported.

2. Lost ASan reports. Given a sufficient
number of reports the buffer will fill up and consequently cannot be appended
to. This means reports can be lost.

The fix here is to reset `error_message_buffer_pos` to 0 which
effectively clears the system log buffer.

A test case is included but unfortunately it is Darwin specific because
querying the system log is an OS specific activity.

rdar://problem/55986279

Reviewers: kubamracek, yln, vitalybuka, kcc, filcab

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76749
2020-03-26 10:56:17 -07:00
Mitch Phillips 1216f4c0ea [GWP-ASan] Use functions in backtrace test, not line numbers.
Summary:
There's no unwinding functionality on Android that allows for line
numbers to be retrieved in-process. As a result, we can't have
this backtrace test run on Android.

Cleanup the test to use optnone functions instead, which is more stable
than line numbers anyway.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers, morehouse, cferris

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76807
2020-03-26 10:10:24 -07:00
Ilya Leoshkevich 2ca7fe3796 [compiler-rt] Use uname syscall in GetKernelAreaSize()
Commit 5f5fb56c68 ("[compiler-rt] Intercept the uname() function")
broke clang-cmake-thumbv7-full-sh build:

http://lab.llvm.org:8011/builders/clang-cmake-thumbv7-full-sh/builds/4296

This also affects i386.

The reason is that intercepted uname() is called by GetKernelAreaSize()
during ASAN initialization on 32-bit platforms, but the respective
interceptor is not initialized yet at this point, leading to null
pointer dereference.

Introduce internal_uname() wrapper around uname syscall, and use it in
GetKernelAreaSize() and in FixedCVE_2016_2143().

Author: Ilya Leoshkevich
Reviewed By: Evgenii Stepanov

Differential Revision: https://reviews.llvm.org/D76776
2020-03-26 13:35:09 +01:00
Ilya Leoshkevich dc37287320 [asan] Fix read_binary_name_regtest.c test dying with SIGPIPE
Disable symbolization of results, since llvm-symbolizer cannot start
due to restricted readlink(), causing the test to die with SIGPIPE.

Author: Ilya Leoshkevich
Reviewed By: Evgenii Stepanov

Differential Revision: https://reviews.llvm.org/D76576
2020-03-26 13:34:18 +01:00
Jonas Devlieghere 6430707196 Revert "tsan: fix leak of ThreadSignalContext for fibers"
Temporarily revert "tsan: fix leak of ThreadSignalContext for fibers"
because it breaks the LLDB bot on GreenDragon.

This reverts commit 93f7743851.
This reverts commit d8a0f76de7.
2020-03-25 19:18:38 -07:00
Wolfgang 93f7743851 Fixing a sanitizer lint problem that was breaking some builds. 2020-03-25 18:26:28 -07:00
Max Moroz 6d0488f75b [compiler-rt] Mark FDP non-template methods inline to avoid ODR violations. 2020-03-25 13:43:54 -07:00
Dmitry Vyukov d8a0f76de7 tsan: fix leak of ThreadSignalContext for fibers
When creating and destroying fibers in tsan a thread state
is created and destroyed. Currently, a memory mapping is
leaked with each fiber (in __tsan_destroy_fiber).
This causes applications with many short running fibers
to crash or hang because of linux vm.max_map_count.

The root of this is that ThreadState holds a pointer to
ThreadSignalContext for handling signals. The initialization
and destruction of it is tied to platform specific events
in tsan_interceptors_posix and missed when destroying a fiber
(specifically, SigCtx is used to lazily create the
ThreadSignalContext in tsan_interceptors_posix). This patch
cleans up the memory by inverting the control from the
platform specific code calling the generic ThreadFinish to
ThreadFinish calling a platform specific clean-up routine
after finishing a thread.

The relevant code causing the leak with fibers is the fiber destruction:

void FiberDestroy(ThreadState *thr, uptr pc, ThreadState *fiber) {
  FiberSwitchImpl(thr, fiber);
  ThreadFinish(fiber);
  FiberSwitchImpl(fiber, thr);
  internal_free(fiber);
}

I would appreciate feedback if this way of fixing the leak is ok.
Also, I think it would be worthwhile to more closely look at the
lifecycle of ThreadState (i.e. it uses no constructor/destructor,
thus requiring manual callbacks for cleanup) and how OS-Threads/user
level fibers are differentiated in the codebase. I would be happy to
contribute more if someone could point me at the right place to
discuss this issue.

Reviewed-in: https://reviews.llvm.org/D76073
Author: Florian (Florian)
2020-03-25 17:05:46 +01:00
Dmitry Vyukov 5f149ef51f compiler-rt: allow golang race detector to run on musl-c
tsan while used by golang's race detector was not working on alpine
linux, since it is using musl-c instead of glibc. Since alpine is very
popular distribution for container deployments, having working race
detector would be nice. This commits adds some ifdefs to get it working.

It fixes https://github.com/golang/go/issues/14481 on golang's issue tracker.

Reviewed-in: https://reviews.llvm.org/D75849
Author: graywolf-at-work (Tomas Volf)
2020-03-25 17:05:45 +01:00
Max Moroz 1e65209e04 [compiler-rt] FuzzedDataProvider: make linter happy. 2020-03-25 00:39:17 -07:00
Max Moroz 1262db1b6a [compiler-rt] Refactor FuzzedDataProvider for better readability.
Summary: Separate class definition and actual methods implementation. The main
goal is to keep the list of available methods in a concise readable form inside
the class definition.

Reviewers: hctim, metzman

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76651
2020-03-24 23:51:49 -07:00
Petr Hosek ba1f4405c6 [profile] Move RuntimeCounterRelocation and ProfileDumped into a separate file
This avoids the test failure that was introduced in rG32bddad where
this function pulls in the rest of InstrProfilingFile.c which is
undesirable in use cases when profile runtime is being used without
the rest of libc.

This also allows additional cleanup by eliminating another variable
from platforms that don't need it.

Differential Revision: https://reviews.llvm.org/D76750
2020-03-24 20:27:14 -07:00
Petr Hosek 32bddad37b [profile] Make atexit hook a no-op on Fuchsia
On Fuchsia, we always use the continuous mode with runtime counter
relocation, so there's no need for atexit hook or support for dumping
the profile manually.

Differential Revision: https://reviews.llvm.org/D76556
2020-03-24 18:47:38 -07:00
Dan Liew b684c1a50f Add a `Symbolizer::GetEnvP()` method that allows symbolizer implementations to customise the environment of the symbolizer binary.
Summary:
This change introduces the `Symbolizer::GetEnvP()` method that returns a
pointer to environment array used for spawning the symbolizer process.
The motivation is to allow implementations to customise the environment
if required.  The default implementation just returns
`__sanitizer::GetEnviron()` which (provided it's implemented) should
preserve the existing behaviours of the various implementations.

This change has been plumbed through the `internal_spawn(...)` and
`StartSubprocess(...)` process spawning implementations.

For the `StartSubprocess()` implementation we need to call `execve()`
rather than `execv()` to pass the environment. However, it appears that
`internal_execve(...)` exists in sanitizer_common so this patch use that
which seems like a nice clean up.

Support in the Windows implementation of
`SymbolizerProcess:StartSymbolizerSubprocess()` has not been added
because the Windows sanitizer runtime doesn't implement `GetEnviron()`.

rdar://problem/58789439

Reviewers: kubamracek, yln, dvyukov, vitalybuka, eugenis, phosek, aizatsky, rnk

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76666
2020-03-24 15:41:46 -07:00
Mitch Phillips a4e8d89704 [GWP-ASan] Only pack frames that are stored.
Summary:
Backtrace() returns the number of frames that are *available*, rather
than the number of frames stored. When we pack, we supply the number of
frames we have stored. The number of available frames can exceed the
number of stored frames, leading to stack OOB read.

Fix up this problem.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers, morehouse, cferris, pcc

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76722
2020-03-24 14:37:09 -07:00
Dmitry Vyukov 180d211770 tsan: Adding releaseAcquire() to ThreadClock
realeaseAcquire() is a new function added to TSan in support of the Go data-race detector.
It's semantics is:

void ThreadClock::releaseAcquire(SyncClock *sc) const {
  for (int i = 0; i < kMaxThreads; i++) {
    tmp = clock[i];
    clock[i] = max(clock[i], sc->clock[i]);
    sc->clock[i] = tmp;
  }
}

For context see: https://go-review.googlesource.com/c/go/+/220419

Reviewed-in: https://reviews.llvm.org/D76322
Author: dfava (Daniel Fava)
2020-03-24 11:27:46 +01:00
Peter Collingbourne 8140f6bcde scudo: Create a public include directory. NFCI.
For MTE error reporting we will need to expose interfaces for crash handlers
to use to interpret scudo headers and metadata. The intent is that these
interfaces will live in scudo/interface.h.

Move the existing interface.h into an include/scudo directory and make it
independent of the internal headers, so that we will be able to add the
interfaces there.

Differential Revision: https://reviews.llvm.org/D76648
2020-03-23 18:23:29 -07:00
Max Moroz 2136d17d8d [compiler-rt] Add ConsumeRandomLengthString() version without arguments.
Reviewers: hctim, metzman

Subscribers: dberris, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76448
2020-03-23 16:32:37 -07:00
Evgenii Stepanov 987f153929 [msan] Fix sigaltstack false positive.
struct stack_t on Linux x86_64 has internal padding which may be left
uninitialized. The check should be replaced with multiple checks for
individual fields of the struct. For now, remove the check altogether.
2020-03-23 16:17:31 -07:00
Ilya Leoshkevich 5f5fb56c68 [compiler-rt] Intercept the uname() function
Summary:
Move interceptor from msan to sanitizer_common_interceptors.inc, so that
other sanitizers could benefit.

Adjust FixedCVE_2016_2143() to deal with the intercepted uname().

Patch by Ilya Leoshkevich.

Reviewers: eugenis, vitalybuka, uweigand, jonpa

Reviewed By: eugenis, vitalybuka

Subscribers: dberris, krytarowski, #sanitizers, stefansf, Andreas-Krebbel

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76578
2020-03-23 12:59:38 -07:00
Dmitry Vyukov be41a98ac2 tsan: fix deadlock with pthread_atfork callbacks
This fixes the bug reported at:
https://groups.google.com/forum/#!topic/thread-sanitizer/e_zB9gYqFHM

A pthread_atfork callback triggers a data race
and we deadlock on the report_mtx. Ignore memory access
in the pthread_atfork callbacks to prevent the deadlock.
2020-03-21 14:36:51 +01:00
Kostya Kortchinsky f8352502a3 [scudo][standalone] Allow fallback to secondary if primary is full
Summary:
We introduced a way to fallback to the immediately larger size class for
the Primary in the event a region was full, but in the event of the largest
size class, we would just fail.

This change allows to fallback to the Secondary when the last region of
the Primary is full. We also expand the trick to all platforms as opposed
to being Android only, and update the test to cover the new case.

Reviewers: hctim, cferris, eugenis, morehouse, pcc

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76430
2020-03-20 07:55:20 -07:00
Petr Hosek 6ef1f3718f [sanitizer_coverage][Fuchsia] Set ZX_PROP_VMO_CONTENT_SIZE
The VMO size is always page-rounded, but Zircon now provides
a way to publish the precise intended size.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D76437
2020-03-19 19:12:06 -07:00
Petr Hosek 4e6c778eca [XRay] Record the XRay data size as a property of the VMO
While the VMO size is always page aligned, we can record the content
size as a property and then use this metadata when writing the data to
a file.

Differential Revision: https://reviews.llvm.org/D76462
2020-03-19 19:01:05 -07:00
Petr Hosek d6fc61b7e8 [profile] Record the profile size as a property of the VMO
While the VMO size is always page aligned, we can record the content
size as a property and then use this metadata when writing the profile
to a file.

Differential Revision: https://reviews.llvm.org/D76402
2020-03-19 16:22:19 -07:00
Ilya Leoshkevich c985b244ee [MSan] Simulate OOM in mmap_interceptor()
Summary:
Some kernels can provide 16EiB worth of mappings to each process, which
causes mmap test to run for a very long time. In order to make it stop
after a few seconds, make mmap_interceptor() fail when the original
mmap() returns an address which is outside of the application range.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers, Andreas-Krebbel, stefansf, jonpa, uweigand

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D76426
2020-03-19 13:33:45 -07:00
Julian Lettner f8e8f0a603 [TSan] Support pointer authentication in setjmp/longjmp interceptors
arm64e adds support for pointer authentication, which was adopted by
libplatform to harden setjmp/longjmp and friends.  We need to teach
the TSan interceptors for those functions about this.

Reviewed By: kubamracek

Differential Revision: https://reviews.llvm.org/D76257
2020-03-18 11:46:23 -07:00
Vitaly Buka f0714cbb6a [sanitizer] Fix warning on windows
Return value is not used anyway as PTHREAD_JOIN is not implemented.
2020-03-16 19:17:03 -07:00
Nemanja Ivanovic f594328853 [PowerPC] Disable sanitizer test due to failures when using LLD
This test case fails due to different handling of weak items between
LLD and LD on PPC. The issue only occurs when the default linker is LLD
and the test case is run on a system where ASLR is enabled.
2020-03-16 12:26:51 -05:00
Kamil Rytarowski 7f6b25ad1b [compiler-rt] [netbsd] Add support for the MKIPFILTER=no distribution
Add fallback definition for the IPFilter ioctl commands.
2020-03-16 00:47:40 +01:00
Evgenii Stepanov 54d6c11a6c [msan] Fix srcaddr handling in recvfrom interceptor.
Recvfrom may receive a 0 byte packet with a non-empty source address.
2020-03-12 17:29:10 -07:00
Shoaib Meenai f481256bfe [builtins] Build for arm64e for Darwin
https://github.com/apple/swift/pull/30112/ makes the Swift standard
library for iOS build for arm64e. If you're building Swift against your
own LLVM, this in turn requires having the builtins built for arm64e,
otherwise you won't be able to use the builtins (which will in turn lead
to an undefined symbol for `__isOSVersionAtLeast`). Make the builtins
build for arm64e to fix this.

Differential Revision: https://reviews.llvm.org/D76041
2020-03-11 22:01:44 -07:00
Joachim Protze 31c85ca06d [compiler-rt][tsan] Make fiber support in thread sanitizer dynamic linkable
This patch will allow dynamic libraries to call into the fiber support functions
introduced in https://reviews.llvm.org/D54889

Differential Revision: https://reviews.llvm.org/D74487
2020-03-11 14:14:33 +01:00
Sergej Jaskiewicz f7c4d796ba [compiler-rt] Define ElfW() macro if it's not defined
Summary:
The `ElfW()` macro is not provided by `<link.h>` on some
systems (e.g., FreeBSD). On these systems the data structures are
just called `Elf_XXX`. Define `ElfW()` locally.

(This fix is taken from [libunwind](9b05596eff/libunwind/src/AddressSpace.hpp (L144-L157)).)

Reviewers: compnerd

Differential revision: https://reviews.llvm.org/D75907
2020-03-10 18:54:28 +03:00
Dmitry Vyukov a72dc86cdd tsan: tsan_interface.h: make constants static
Note that in C++ the static keyword is implicit for const objects.
In C however it is not, and we get clashes at link time after
including the header from more than one C file:

lib.a(bar.o):(.rodata+0x0): multiple definition of `__tsan_mutex_linker_init'
lib.a(foo.o):(.rodata+0x0): first defined here
lib.a(bar.o):(.rodata+0xc): multiple definition of `__tsan_mutex_not_static'
lib.a(foo.o):(.rodata+0xc): first defined here
<snip>
Indeed both foo.o and bar.o define the clashing symbols:

$ nm foo.o
<snip>
0000000000000000 R __tsan_mutex_linker_init
000000000000000c R __tsan_mutex_not_static
<snip>
Fix it by explicitly making the constants static.

Reviewed-in: https://reviews.llvm.org/D75820
Author: cota (Emilio G. Cota)
2020-03-10 09:13:41 +01:00
Richard Smith 51fab8f36f Mark test function as 'weak' to prevent interprocedural CSE.
A recent change to MemorySSA caused LLVM to start optimizing the call to
'f(x)' into just 'x', despite the 'noinline' attribute. So try harder to
prevent this optimization from firing.
2020-03-09 17:01:07 -07:00
Matt Morehouse d93303b783 [ASan] Enable set_shadow_test.c on Windows.
It looks like the recent -fno-common is making it pass now.
2020-03-09 16:09:28 -07:00
George Burgess IV cfc3e7f458 [cmake] Strip quotes in compiler-rt/lib/crt; error if checks fail
Patch by Zhizhou Yang!

In his own words:

"""
Similar change to CMakeLists as r372312.

After r372209, compiler command line may include argument with quotes:

```
-fprofile-instr-use="/foo/bar.profdata"
```

And it causes a hidden failure with execute_process later: Could not
read profile "/foo/bar.profdata": No such file or directory.

In this particular case, the check for .init_array will fail silently
and creates a PGO-ed binary with bad .init_array section in compiler-rt.

Bug details can be found in PR45022
"""

Differential Revision: https://reviews.llvm.org/D75065
2020-03-09 15:52:39 -07:00
George Burgess IV 20dfcf189d [cmake] By default do not build compiler-rt with PGO
Patch by Zhizhou Yang!

In his own words:

"""
Currently compiler-rt doesn't officially support either PGO
instrumentation or use PGO profdata to build it.

PGO related flags are passed into compiler-rt since rL372209, and
causing bugs: 45022, crbug:1018840

This patch adds several checks in compiler-rt to disable PGO related
flags and provides a flag to turn on PGO for compiler-rt if needed.
"""

Differential Revision: https://reviews.llvm.org/D75499
2020-03-09 15:52:38 -07:00
Sjoerd Meijer 3d9a0445cc Recommit #2 "[Driver] Default to -fno-common for all targets"
After a first attempt to fix the test-suite failures, my first recommit
caused the same failures again. I had updated CMakeList.txt files of
tests that needed -fcommon, but it turns out that there are also
Makefiles which are used by some bots, so I've updated these Makefiles
now too.

See the original commit message for more details on this change:
0a9fc9233e
2020-03-09 19:57:03 +00:00
Sjoerd Meijer f35d112efd Revert "Recommit "[Driver] Default to -fno-common for all targets""
This reverts commit 2c36c23f34.

Still problems in the test-suite, which I really thought I had fixed...
2020-03-09 10:37:28 +00:00
Sjoerd Meijer 2c36c23f34 Recommit "[Driver] Default to -fno-common for all targets"
This includes fixes for:
- test-suite: some benchmarks need to be compiled with -fcommon, see D75557.
- compiler-rt: one test needed -fcommon, and another a change, see D75520.
2020-03-09 10:07:37 +00:00
Mitch Phillips 85c0b34fc5 [GWP-ASan] Fix thread ID.
Summary:
GWP-ASan currently reports <unknown> thread ID, as the crash handler
merge dropped the include. Oops.

Reviewers: morehouse

Reviewed By: morehouse

Subscribers: eugenis, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75693
2020-03-05 10:28:09 -08:00
Luís Marques 99a8cc2b7d [compiler-rt][builtins][RISCV] Port __clear_cache to RISC-V Linux
Implements `__clear_cache` for RISC-V Linux. We can't just use `fence.i` on
Linux, because the Linux thread might be scheduled on another hart, and the
`fence.i` instruction only flushes the icache of the current hart.
2020-03-05 16:44:47 +00:00
Kostya Kortchinsky a0e86420ae [scudo][standalone] Do not fill 32b regions at once
Summary:
For the 32b primary, whenever we created a region, we would fill it
all at once (eg: create all the transfer batches for all the blocks
in that region). This wasn't ideal as all the potential blocks in
a newly created region might not be consummed right away, and it was
using extra memory (and release cycles) to keep all those free
blocks.

So now we keep track of the current region for a given class, and
how filled it is, carving out at most `MaxNumBatches` worth of
blocks at a time.

Additionally, lower `MaxNumBatches` on Android from 8 to 4. This
lowers the randomness of blocks, which isn't ideal for security, but
keeps things more clumped up for PSS/RSS accounting purposes.

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75551
2020-03-04 14:22:24 -08:00
Reid Kleckner 5d3a995938 Port ubsan nullability.c test to Windows
Two issues:
- Need to add env prefix to be compatible with the lit internal shell
- Need to quote the colon in Windows paths with '"%t.supp"'
2020-03-03 13:18:58 -08:00
serge-sans-paille 292ab49d43 Fix UB in compiler-rt base64 implementation
As a follow-up to 1454c27b60
2020-03-03 13:28:32 +01:00
serge-sans-paille 1454c27b60 Syndicate, test and fix base64 implementation
llvm/Support/Base64, fix its implementation and provide a decent test suite.

Previous implementation code was using + operator instead of | to combine

results, which is a problem when shifting signed values. (0xFF << 16) is
implicitly converted to a (signed) int, and thus results in 0xffff0000,
h is
negative. Combining negative numbers with a + in that context is not what we
want to do.

This is a recommit of 5a1958f267 with UB removved.

This fixes https://github.com/llvm/llvm-project/issues/149.

Differential Revision: https://reviews.llvm.org/D75057
2020-03-03 12:17:53 +01:00
Hans Wennborg 916be8fd6a Revert abb00753 "build: reduce CMake handling for zlib" (PR44780)
and follow-ups:
a2ca1c2d "build: disable zlib by default on Windows"
2181bf40 "[CMake] Link against ZLIB::ZLIB"
1079c68a "Attempt to fix ZLIB CMake logic on Windows"

This changed the output of llvm-config --system-libs, and more
importantly it broke stand-alone builds. Instead of piling on more fix
attempts, let's revert this to reduce the risk of more breakages.
2020-03-03 11:03:09 +01:00
Vedant Kumar 0eb5b6e88c [test/compiler-rt] Disable ubsan/TestCases/Misc/nullability.c on Android
It looks like the suppression file isn't being copied over to the
device.
2020-03-02 12:01:09 -08:00
Vedant Kumar 80cd518b80 [Coverage] Collect all function records in an object (D69471 followup)
After the format change from D69471, there can be more than one section
in an object that contains coverage function records. Look up each of
these sections and concatenate all the records together.

This re-enables the instrprof-merging.cpp test, which previously was
failing on OSes which use comdats.

Thanks to Jeremy Morse, who very kindly provided object files from the
bot I broke to help me debug.
2020-03-02 12:01:09 -08:00
Mitch Phillips 49684f9db5 Revert "Syndicate, test and fix base64 implementation"
This reverts commit 5a1958f267.

This change broke the UBSan build bots. See
https://reviews.llvm.org/D75057 for more information.
2020-03-02 09:33:22 -08:00
Vedant Kumar 806bb1e029 Second attempt to disable instrprof-merging.cpp
The first attempt in f82ae3ad was not handled correctly, as
'UNSUPPORTED: *' is not accepted by lit.
2020-03-02 09:26:52 -08:00
Vedant Kumar f82ae3ad8f Disable instrprof-merging.cpp to unblock bots while I investigate
After D69471, this test started failing on powerpc64, s390x and on a
sanitizer bot. Disable the test while I investigate.
2020-03-02 07:52:30 -08:00
serge-sans-paille 5a1958f267 Syndicate, test and fix base64 implementation
Move Base64 implementation from clangd/SemanticHighlighting to
llvm/Support/Base64, fix its implementation and provide a decent test suite.

Previous implementation code was using + operator instead of | to combine some
results, which is a problem when shifting signed values. (0xFF << 16) is
implicitly converted to a (signed) int, and thus results in 0xffff0000, which is
negative. Combining negative numbers with a + in that context is not what we
want to do.

This fixes https://github.com/llvm/llvm-project/issues/149.

Differential Revision: https://reviews.llvm.org/D75057
2020-03-02 10:02:25 +01:00
Vedant Kumar a1f3eb2085 Disable instrprof-merging.cpp on powerpc64 (D69471 follow up)
An execution count goes missing for a constructor, this needs
investigation:

http://lab.llvm.org:8011/builders/clang-ppc64be-linux/builds/45132/

```
/home/buildbots/ppc64be-clang-test/clang-ppc64be/llvm/compiler-rt/test/profile/instrprof-merging.cpp:28:16:
error: V1: expected string not found in input
 A() {} // V1: [[@LINE]]{{ *}}|{{ *}}1

<stdin>:28:32: note: possible intended match here
 28| | A() {} // V1: [[@LINE]]{{ *}}|{{ *}}1
```
2020-02-28 19:00:38 -08:00
Vedant Kumar dd1ea9de2e Reland: [Coverage] Revise format to reduce binary size
Try again with an up-to-date version of D69471 (99317124 was a stale
revision).

---

Revise the coverage mapping format to reduce binary size by:

1. Naming function records and marking them `linkonce_odr`, and
2. Compressing filenames.

This shrinks the size of llc's coverage segment by 82% (334MB -> 62MB)
and speeds up end-to-end single-threaded report generation by 10%. For
reference the compressed name data in llc is 81MB (__llvm_prf_names).

Rationale for changes to the format:

- With the current format, most coverage function records are discarded.
  E.g., more than 97% of the records in llc are *duplicate* placeholders
  for functions visible-but-not-used in TUs. Placeholders *are* used to
  show under-covered functions, but duplicate placeholders waste space.

- We reached general consensus about giving (1) a try at the 2017 code
  coverage BoF [1]. The thinking was that using `linkonce_odr` to merge
  duplicates is simpler than alternatives like teaching build systems
  about a coverage-aware database/module/etc on the side.

- Revising the format is expensive due to the backwards compatibility
  requirement, so we might as well compress filenames while we're at it.
  This shrinks the encoded filenames in llc by 86% (12MB -> 1.6MB).

See CoverageMappingFormat.rst for the details on what exactly has
changed.

Fixes PR34533 [2], hopefully.

[1] http://lists.llvm.org/pipermail/llvm-dev/2017-October/118428.html
[2] https://bugs.llvm.org/show_bug.cgi?id=34533

Differential Revision: https://reviews.llvm.org/D69471
2020-02-28 18:12:04 -08:00
Vedant Kumar 3388871714 Revert "[Coverage] Revise format to reduce binary size"
This reverts commit 99317124e1. This is
still busted on Windows:

http://lab.llvm.org:8011/builders/lld-x86_64-win7/builds/40873

The llvm-cov tests report 'error: Could not load coverage information'.
2020-02-28 18:03:15 -08:00
Vedant Kumar 7300c338e5 [compiler-rt/test] Relax a test so we can debug it on sanitizer-x86_64-linux-android
This test is failing with a core dump on /just/ this bot, and I'd like
to find out why.

http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-android/builds/27979/
2020-02-28 17:46:56 -08:00
Vedant Kumar 99317124e1 [Coverage] Revise format to reduce binary size
Revise the coverage mapping format to reduce binary size by:

1. Naming function records and marking them `linkonce_odr`, and
2. Compressing filenames.

This shrinks the size of llc's coverage segment by 82% (334MB -> 62MB)
and speeds up end-to-end single-threaded report generation by 10%. For
reference the compressed name data in llc is 81MB (__llvm_prf_names).

Rationale for changes to the format:

- With the current format, most coverage function records are discarded.
  E.g., more than 97% of the records in llc are *duplicate* placeholders
  for functions visible-but-not-used in TUs. Placeholders *are* used to
  show under-covered functions, but duplicate placeholders waste space.

- We reached general consensus about giving (1) a try at the 2017 code
  coverage BoF [1]. The thinking was that using `linkonce_odr` to merge
  duplicates is simpler than alternatives like teaching build systems
  about a coverage-aware database/module/etc on the side.

- Revising the format is expensive due to the backwards compatibility
  requirement, so we might as well compress filenames while we're at it.
  This shrinks the encoded filenames in llc by 86% (12MB -> 1.6MB).

See CoverageMappingFormat.rst for the details on what exactly has
changed.

Fixes PR34533 [2], hopefully.

[1] http://lists.llvm.org/pipermail/llvm-dev/2017-October/118428.html
[2] https://bugs.llvm.org/show_bug.cgi?id=34533

Differential Revision: https://reviews.llvm.org/D69471
2020-02-28 17:33:25 -08:00
Vedant Kumar e71835f15c [compiler-rt/test] Use FileCheck -allow-empty instead of count 0
Hope this fixes:

http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-android/builds/27977/steps/run%20lit%20tests%20%5Bi686%2Ffugu-userdebug%2FN2G48C%5D/logs/stdio

```
: 'RUN: at line 8';   UBSAN_OPTIONS=suppressions=/var/lib/buildbot/sanitizer-buildbot6/sanitizer-x86_64-linux-android/build/compiler_rt_build_android_i686/test/ubsan/Standalone-i386/TestCases/Misc/Output/nullability.c.tmp.supp  /var/lib/buildbot/sanitizer-buildbot6/sanitizer-x86_64-linux-android/build/compiler_rt_build_android_i686/test/ubsan/Standalone-i386/TestCases/Misc/Output/nullability.c.tmp 2>&1 | count 0
--
Exit Code: 1

Command Output (stderr):
--
Expected 0 lines, got 2.
```

Not sure what this would be printing though, a sanitizer initialization message?
2020-02-28 16:21:57 -08:00
Matt Morehouse 30bb737a75 [DFSan] Add __dfsan_cmp_callback.
Summary:
When -dfsan-event-callbacks is specified, insert a call to
__dfsan_cmp_callback on every CMP instruction.

Reviewers: vitalybuka, pcc, kcc

Reviewed By: kcc

Subscribers: hiraditya, #sanitizers, eugenis, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75389
2020-02-28 15:49:44 -08:00
Matt Morehouse f668baa459 [DFSan] Add __dfsan_mem_transfer_callback.
Summary:
When -dfsan-event-callbacks is specified, insert a call to
__dfsan_mem_transfer_callback on every memcpy and memmove.

Reviewers: vitalybuka, kcc, pcc

Reviewed By: kcc

Subscribers: eugenis, hiraditya, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75386
2020-02-28 15:48:25 -08:00
Vedant Kumar c54597b99d [ubsan] Add support for -fsanitize=nullability-* suppressions
rdar://59402904
2020-02-28 14:30:40 -08:00
Matt Morehouse 52f889abec [DFSan] Add __dfsan_load_callback.
Summary:
When -dfsan-event-callbacks is specified, insert a call to
__dfsan_load_callback() on every load.

Reviewers: vitalybuka, pcc, kcc

Reviewed By: vitalybuka, kcc

Subscribers: hiraditya, #sanitizers, llvm-commits, eugenis, kcc

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75363
2020-02-28 14:26:09 -08:00
Matt Morehouse 470db54cbd [DFSan] Add flag to insert event callbacks.
Summary:
For now just insert the callback for stores, similar to how MSan tracks
origins.  In the future we may want to add callbacks for loads, memcpy,
function calls, CMPs, etc.

Reviewers: pcc, vitalybuka, kcc, eugenis

Reviewed By: vitalybuka, kcc, eugenis

Subscribers: eugenis, hiraditya, #sanitizers, llvm-commits, kcc

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75312
2020-02-27 17:14:19 -08:00
Mitch Phillips 20f508efc0 Update Sanitizer tests for Android R.
Summary:
Sanitizer tests don't entirely pass on an R device. Fix up all the
incompatibilities with the new system.

Reviewers: eugenis, pcc

Reviewed By: eugenis

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75303
2020-02-27 14:15:21 -08:00
Kostya Kortchinsky c753a306fd [scudo][standalone] Various improvements wrt RSS
Summary:
This patch includes several changes to reduce the overall footprint
of the allocator:
- for realloc'd chunks: only keep the same chunk when lowering the size
  if the delta is within a page worth of bytes;
- when draining a cache: drain the beginning, not the end; we add pointers
  at the end, so that meant we were draining the most recently added
  pointers;
- change the release code to account for an freed up last page: when
  scanning the pages, we were looking for pages fully covered by blocks;
  in the event of the last page, if it's only partially covered, we
  wouldn't mark it as releasable - even what follows the last chunk is
  all 0s. So now mark the rest of the page as releasable, and adapt the
  test;
- add a missing `setReleaseToOsIntervalMs` to the cacheless secondary;
- adjust the Android classes based on more captures thanks to pcc@'s
  tool.

Reviewers: pcc, cferris, hctim, eugenis

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75142
2020-02-26 12:25:43 -08:00
Julian Lettner 3bf3996cd4 [TSan] Add CMake check for minimal SDK requirements on Darwin
Fails with the following message in the error case:
```
CMake Error at /path/to/llvm-project/compiler-rt/lib/tsan/CMakeLists.txt:119 (message):
  Building the TSan runtime requires at least macOS SDK 10.12
```

Fixes #44682.
https://bugs.llvm.org/show_bug.cgi?id=44682

Reviewed By: dmajor, delcypher

Differential Revision: https://reviews.llvm.org/D74501
2020-02-26 11:33:24 -08:00
Steven Wu 387c3f74fd [compiler-rt] Build all alias in builtin as private external on Darwin
Summary:
For builtin compiler-rt, it is built with visibility hidden by default
to avoid the client exporting symbols from libclang static library. The
compiler option -fvisibility=hidden doesn't work on the aliases in c files
because they are created with inline assembly. On Darwin platform,
thoses aliases are exported by default if they are reference by the client.

Fix the issue by adding ".private_extern" to all the aliases if the
library is built with visibility hidden.

rdar://problem/58960296

Reviewers: dexonsmith, arphaman, delcypher, kledzik

Reviewed By: delcypher

Subscribers: dberris, jkorous, ributzka, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73577
2020-02-26 09:29:11 -08:00
Hans Wennborg 546918cbb4 Revert "[compiler-rt] Add a critical section when flushing gcov counters"
See discussion on PR44792.

This reverts commit 02ce9d8ef5.

It also reverts the follow-up commits
8f46269f0 "[profile] Don't dump counters when forking and don't reset when calling exec** functions"
62c7d8402 "[profile] gcov_mutex must be static"
2020-02-26 13:27:44 +01:00
Dmitry Vyukov 2dcbdba854 tsan: fix pthread_detach with called_from_lib suppressions
Generally we ignore interceptors coming from called_from_lib-suppressed libraries.
However, we must not ignore critical interceptors like e.g. pthread_create,
otherwise runtime will lost track of threads.
pthread_detach is one of these interceptors we should not ignore as it affects
thread states and behavior of pthread_join which we don't ignore as well.
Currently we can produce very obscure false positives. For more context see:
https://groups.google.com/forum/#!topic/thread-sanitizer/ecH2P0QUqPs
The added test captures this pattern.

While we are here rename ThreadTid to ThreadConsumeTid to make it clear that
it's not just a "getter", it resets user_id to 0. This lead to confusion recently.

Reviewed in https://reviews.llvm.org/D74828
2020-02-26 12:59:49 +01:00
Max Moroz 5517d3b80b [compiler-rt] Fix a typo in a comment in FuzzedDataProvider.h. 2020-02-25 17:10:16 -08:00
Calixte Denizet 62c7d84026 [profile] gcov_mutex must be static
Summary: Forget static keyword for gcov_mutex in https://reviews.llvm.org/D74953 and that causes test failure on mac.

Reviewers: erik.pilkington, vsk

Reviewed By: vsk

Subscribers: vsk, dexonsmith, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D75080
2020-02-25 10:54:52 +01:00
Shoaib Meenai e34ddc09f4 [arcconfig] Delete subproject arcconfigs
From https://secure.phabricator.com/book/phabricator/article/arcanist_new_project/:

> An .arcconfig file is a JSON file which you check into your project's root.

I've done some experimentation, and it looks like the subproject
.arcconfigs just get ignored, as the documentation says. Given that
we're fully on the monorepo now, it's safe to remove them.

Differential Revision: https://reviews.llvm.org/D74996
2020-02-24 16:20:36 -08:00
Calixte Denizet 8f46269f0c [profile] Don't dump counters when forking and don't reset when calling exec** functions
Summary:
There is no need to write out gcdas when forking because we can just reset the counters in the parent process.
Let say a counter is N before the fork, then fork and this counter is set to 0 in the child process.
In the parent process, the counter is incremented by P and in the child process it's incremented by C.
When dump is ran at exit, parent process will dump N+P for the given counter and the child process will dump 0+C, so when the gcdas are merged the resulting counter will be N+P+C.
About exec** functions, since the current process is replaced by an another one there is no need to reset the counters but just write out the gcdas since the counters are definitely lost.
To avoid to have lists in a bad state, we just lock them during the fork and the flush (if called explicitely) and lock them when an element is added.

Reviewers: marco-c

Reviewed By: marco-c

Subscribers: hiraditya, cfe-commits, #sanitizers, llvm-commits, sylvestre.ledru

Tags: #clang, #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74953
2020-02-24 10:38:33 +01:00
Sid Manning d37cbda5f9 [Hexagon] Define __ELF__ by default.
Differential Revision: https://reviews.llvm.org/D74972
2020-02-21 16:10:31 -06:00
Luís Marques 689f1e85ba [compiler-rt] [builtins] Fix logb / logbl tests
Like was done before in D67999 for `logbf`, this patch fixes the tests for
the internal compiler-rt implementations of `logb` and `logbl` to consider
all NaNs equivalent. Not doing so was resulting in test failures for
riscv64, since the the NaNs had different signs, but the spec doesn't
specify the NaN signedness or payload.

Fixes bug 44244.

Reviewers: rupprecht, delcypher
Reviewed By: rupprecht, delcypher
Differential Revision: https://reviews.llvm.org/D74826
2020-02-20 10:16:03 +00:00
Dan Liew 562c6b8019 Add a `%darwin_min_target_with_tls_support` lit substitution.
Summary:
This substitution expands to the appropriate minimum deployment target
flag where thread local storage (TLS) was first introduced on Darwin
platforms. For all other platforms the substitution expands to an empty
string.

E.g. for macOS the substitution expands to `-mmacosx-version-min=10.12`

This patch adds support for the substitution (and future substitutions)
by doing a minor refactor and then uses the substitution in the relevant
TSan tests.

rdar://problem/59568956

Reviewers: yln, kubamracek, dvyukov, vitalybuka

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74802
2020-02-19 15:41:36 -08:00
Dan Liew ddd2257f48 [TSan] Fix incorrect expansion of `%deflake` lit substitution.
dadc214e4d introduced a change to
`%deflake` to support a configurable threshold but the patch forgot
to add a trailing space.
2020-02-19 13:23:26 -08:00
Max Moroz 076475713c [libFuzzer] Fix denominator in the "inputs have DFT" log line.
Summary:
The number of "inputs have the Data Flow Trace" cannot be greater than
the number of inputs touching the focus function. The existing message is rather
confusing as the same log would mention a greater total number of traces a few
lines above.

Reviewers: kcc, metzman

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74779
2020-02-19 11:05:14 -08:00
Jordan Rupprecht 3f7d0e7e31 [NFC][compiler-rt][test] Fully qualify string -> std::string 2020-02-19 08:59:26 -08:00
Daniel Fava 9b91bcf6c6 tsan: removing redundant loop in ThreadClock::release()
The removed loop clears reused for entries at the tail of a SyncClock.
The loop is redundant since those entries were already cleared by the
immediately preceding loop, which iterates over all entries in the
SyncClock (including the tail entries).
2020-02-19 17:30:00 +01:00
Kostya Kortchinsky fc69967a4b [scudo][standalone] Shift some data from dynamic to static
Summary:
Most of our larger data is dynamically allocated (via `map`) but it
became an hindrance with regard to init time, for a cost to benefit
ratio that is not great. So change the `TSD`s, `RegionInfo`, `ByteMap`
to be static.

Additionally, for reclaiming, we used mapped & unmapped a buffer each
time, which is costly. It turns out that we can have a static buffer,
and that there isn't much contention on it.

One of the other things changed here, is that we hard set the number
of TSDs on Android to the maximum number, as there could be a
situation where cores are put to sleep and we could miss some.

Subscribers: mgorny, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74696
2020-02-18 09:38:50 -08:00
Dan Liew f4141367d0 [compiler-rt] Make various Apple lit substitutions work correctly for other Apple platforms.
This change makes the following lit substitutions expand to the correct
thing for macOS, iOS, tvOS, and watchOS.

%darwin_min_target_with_full_runtime_arc_support
%macos_min_target_10_11

rdar://problem/59463146
2020-02-14 13:53:54 -08:00
Dan Liew a7018e8a2e [compiler-rt] Disable building LibFuzzer for WatchOS and the corresponding simulator.
rdar://problem/59466685
2020-02-14 13:53:54 -08:00
Dan Liew f5951bdc3a [compiler-rt] Provide a lit config variable that defines the minimum deployment OS version flag appropriate for the configured OS.
This patch defines `config.apple_platform_min_deployment_target_flag`
in the ASan, LibFuzzer, TSan, and UBSan lit test configs.

rdar://problem/59463146
2020-02-14 13:53:54 -08:00
Dan Liew 8337fb00e6 [compiler-rt] Add `DARWIN_osx_MIN_VER_FLAG` variable to match the other Apple platforms.
rdar://problem/59463146
2020-02-14 13:53:53 -08:00
Dan Liew 86dceb9bcd [compiler-rt] Use the correct minimum version flag for simulators on Apple
platforms.

For the simulators this changes the following compilation flags (
used both for building the runtime and lit tests).

iOS simulator: `-miphoneos-version-min` -> `-mios-simulator-version-min`
watchOS simulator: `-mwatchos-version-min` -> `-mwatchos-simulator-version-min`
tvOS simulator: `-mtvos-version-min` -> `-mtvos-simulator-version-min`

rdar://problem/59463146
2020-02-14 13:53:53 -08:00
Christopher Ferris 5f91c7b980 [scudo][standalone] Allow setting release to OS
Summary:
Add a method to set the release to OS value as the system runs,
and allow this to be set differently in the primary and the secondary.
Also, add a default value to use for primary and secondary. This
allows Android to have a default that is different for
primary/secondary.

Update mallopt to support setting the release to OS value.

Reviewers: pcc, cryptoad

Reviewed By: cryptoad

Subscribers: cryptoad, jfb, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74448
2020-02-14 12:57:34 -08:00
Kostya Kortchinsky ef7488ef20 [GWP-ASan] Silence gcc error
Summary: It complains about reaching the end of a non-void returning function.

Reviewers: eugenis, hctim, morehouse

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74578
2020-02-13 13:08:37 -08:00
Kostya Kortchinsky 21695710cf [scudo][standalone] Workaround for full regions on Android
Summary:
Due to Unity, we had to reduce our region sizes, but in some rare
situations, some programs (mostly tests AFAICT) manage to fill up
a region for a given size class.

So this adds a workaround for that attempts to allocate the block
from the immediately larger size class, wasting some memory but
allowing the application to keep going.

Reviewers: pcc, eugenis, cferris, hctim, morehouse

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74567
2020-02-13 12:54:25 -08:00
Melanie Blower a0d913a1ac Fix regression due to reviews.llvm.org/D74436 by adding option ffp-contract=off to RUN line 2020-02-12 19:05:18 -08:00
Mitch Phillips 91e194d1ff [GWP-ASan] [NFC] Change enum from ANDROID->BIONIC. 2020-02-12 16:06:59 -08:00
Yuanfang Chen 4caeb62e51 [Fuzzer] Rename ExecuteCommandWithPopen to ExecuteCommandNon-Fushsia target will keep using popen/pclose implementation. OnFuchsia, Two-args version of `ExecuteCommand` is a simple wrapper of theone-arg version. (Hopefully) Fix D73329 build on Fuchsia. 2020-02-12 16:03:55 -08:00
Mitch Phillips 5f2a74c87a [GWP-ASan] Update alignment on Android.
Summary:
Android has different alignment requirements. You can read more about
them here
(https://cs.android.com/android/platform/superproject/+/master:bionic/tests/malloc_test.cpp;l=808),
but the general gist is that for malloc(x <= 8), we do malloc(8), and
for everything else, we do 16-byte alignment.

Reviewers: eugenis, morehouse, cferris

Reviewed By: eugenis, morehouse

Subscribers: #sanitizers, llvm-commits, pcc

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74364
2020-02-12 15:24:58 -08:00
Anh Tuyen Tran dadc214e4d Title: [TSAN] Parameterize the hard-coded threshold of deflake in tsan test
Summary:
A number of testcases in TSAN are designed to deal with intermittent problems
not exist in all executions of the tested program. A script called deflake.bash
runs the executable up to 10 times to deal with the intermittent nature of the tests.

The purpose of this patch is to parameterize the hard-coded threshold above via
--cmake_variables=-DTSAN_TEST_DEFLAKE_THRESHOLD=SomeIntegerValue
When this cmake var is not set, the default value of 10 will be used.

Reviewer: dvyukov (Dmitry Vyukov), eugenis (Evgenii Stepanov), rnk (Reid Kleckner), hubert.reinterpretcast (Hubert Tong), vitalybuka (Vitaly Buka)

Reviewed By: vitalybuka (Vitaly Buka)

Subscribers: mgorny (Michal Gorny), jfb (JF Bastien), steven.zhang (qshanz), llvm-commits (Mailing List llvm-commits), Sanitizers

Tag: LLVM, Sanitizers

Differential Revision: https://reviews.llvm.org/D73707
2020-02-12 15:51:57 +00:00
Sam Clegg 2f172d8d3c [compiler-rt] Compile __powitf2 under wasm
See https://github.com/emscripten-core/emscripten/issues/10374
See https://reviews.llvm.org/D74274

Differential Revision: https://reviews.llvm.org/D74275
2020-02-11 17:35:07 -08:00
Max Moroz 20a604d3f5 [compiler-rt] FuzzedDataProvider: add ConsumeData and method.
Reviewers: metzman

Subscribers: dberris, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74359
2020-02-11 13:46:24 -08:00
Peter Collingbourne 87303fd917 scudo: Fix various test failures, mostly on 32-bit.
Differential Revision: https://reviews.llvm.org/D74429
2020-02-11 12:18:35 -08:00
Peter Collingbourne 515e19ae7b Fix errors/warnings in scudo build. 2020-02-11 08:37:37 -08:00
Kamil Rytarowski b664321ff1 [compiler-rt] Restrict sanitizer_linux.cpp dlinfo(3) to FreeBSD
FreeBSD is currently the only user in this file.
Accessing this symbol on Linux does not work as is.
2020-02-11 12:10:03 +01:00
Evgenii Stepanov f69c83645b [asan] Disable qsort interceptor on Android.
The interceptor uses thread-local variables, which (until very recently)
are emu-tls. An access to such variable may call malloc which can
deadlock the runtime library.
2020-02-10 18:26:18 -08:00
Yuanfang Chen 4f3c3bbbf8 Reland "[NFC][libFuzzer] Prefix TempPath with string showing the work it is doing."
With fix (somehow one hunk is missed).
2020-02-10 18:23:39 -08:00
Yuanfang Chen b1c7623982 Revert "[NFC][libFuzzer] Prefix TempPath with string showing the work it is doing."
This reverts commit 8a29cb4421.

fuzzer-linux bot has failure because of this.
2020-02-10 18:06:17 -08:00
Peter Collingbourne e79c3b4c2d scudo: Fix Android build.
Differential Revision: https://reviews.llvm.org/D74366
2020-02-10 17:01:10 -08:00
Yuanfang Chen 8a29cb4421 [NFC][libFuzzer] Prefix TempPath with string showing the work it is doing. 2020-02-10 16:45:10 -08:00
Yuanfang Chen 85515c7fd5 [libFuzzer] communicate through pipe to subprocess for MinimizeCrashInput
For CleanseCrashInput, discards stdout output anyway since it is not used.

These changes are to defend against aggressive PID recycle on windows to reduce the chance of contention on files.

Using pipe instead of file also workaround the problem that when the
process is spawned by llvm-lit, the aborted process keeps a handle to the
output file such that the output file can not be removed. This will
cause random test failures.

https://devblogs.microsoft.com/oldnewthing/20110107-00/?p=11803

Reviewers: kcc, vitalybuka

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D73329
2020-02-10 16:45:10 -08:00
Peter Collingbourne 9068766b9a scudo: Add a dump of primary allocation sizes to malloc_info output.
This will be useful for optimizing the size class map.

Differential Revision: https://reviews.llvm.org/D74098
2020-02-10 15:05:27 -08:00
Peter Collingbourne 041547eb4e scudo: Table driven size classes for Android allocator.
Add an optional table lookup after the existing logarithm computation
for MidSize < Size <= MaxSize during size -> class lookups. The lookup is
O(1) due to indexing a precomputed (via constexpr) table based on a size
table. Switch to this approach for the Android size class maps.

Other approaches considered:
- Binary search was found to have an unacceptable (~30%) performance cost.
- An approach using NEON instructions (see older version of D73824) was found
  to be slightly slower than this approach on newer SoCs but significantly
  slower on older ones.

By selecting the values in the size tables to minimize wastage (for example,
by passing the malloc_info output of a target program to the included
compute_size_class_config program), we can increase the density of allocations
at a small (~0.5% on bionic malloc_sql_trace as measured using an identity
table) performance cost.

Reduces RSS on specific Android processes as follows (KB):

                             Before  After
zygote (median of 50 runs)    26836  26792 (-0.2%)
zygote64 (median of 50 runs)  30384  30076 (-1.0%)
dex2oat (median of 3 runs)   375792 372952 (-0.8%)

I also measured the amount of whole-system idle dirty heap on Android by
rebooting the system and then running the following script repeatedly until
the results were stable:

for i in $(seq 1 50); do grep -A5 scudo: /proc/*/smaps | grep Pss: | cut -d: -f2 | awk '{s+=$1} END {print s}' ; sleep 1; done

I did this 3 times both before and after this change and the results were:

Before: 365650, 356795, 372663
After:  344521, 356328, 342589

These results are noisy so it is hard to make a definite conclusion, but
there does appear to be a significant effect.

On other platforms, increase the sizes of all size classes by a fixed offset
equal to the size of the allocation header. This has also been found to improve
density, since it is likely for allocation sizes to be a power of 2, which
would otherwise waste space by pushing the allocation into the next size class.

Differential Revision: https://reviews.llvm.org/D73824
2020-02-10 14:59:49 -08:00
Peter Collingbourne 681773f291 scudo: Instead of exporting a pointer to the allocator, export the allocator directly. NFCI.
This lets us remove two pointer indirections (one by removing the pointer,
and another by making the AllocatorPtr declaration hidden) in the C++ wrappers.

Differential Revision: https://reviews.llvm.org/D74356
2020-02-10 14:57:54 -08:00
Dimitry Andric 52f2df1ecd [Sanitizers] Get link map on FreeBSD and NetBSD via documented API
Summary:
Instead of hand-crafting an offset into the structure returned by
dlopen(3) to get at the link map, use the documented API.  This is
described in dlinfo(3): by calling it with `RTLD_DI_LINKMAP`, the
dynamic linker ensures the right address is returned.

This is a recommit of 92e267a94d, with
dlinfo(3) expliclity being referenced only for FreeBSD, non-Android
Linux, NetBSD and Solaris.  Other OSes will have to add their own
implementation.

Reviewers: devnexen, emaste, MaskRay, krytarowski

Reviewed By: krytarowski

Subscribers: krytarowski, vitalybuka, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73990
2020-02-10 23:43:20 +01:00
Dimitry Andric 480eea4e45 Revert "[Sanitizers] Get link map on FreeBSD via documented API"
This reverts commit 92e267a94d, as it
appears Android is missing dlinfo(3).
2020-02-10 23:26:33 +01:00
Max Moroz 405093045f [compiler-rt] Follow up fix for the refactoring in https://reviews.llvm.org/D74137.
Summary:
The refactoring has caused a failure in
http://lab.llvm.org:8011/builders/clang-ppc64le-linux/builds/29265

The idea of failing the symbolization when the symbolizer bufer is too small
was incorrect. The symbolizer can be invoked for other frames that may fit into
the buffer and get symbolized.

Reviewers: vitalybuka, eugenis

Subscribers: dberris, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74343
2020-02-10 10:28:06 -08:00
Dimitry Andric 92e267a94d [Sanitizers] Get link map on FreeBSD via documented API
Summary:
Instead of hand-crafting an offset into the structure returned by
dlopen(3) to get at the link map, use the documented API.  This is
described in dlinfo(3): by calling it with `RTLD_DI_LINKMAP`, the
dynamic linker ensures the right address is returned.

Reviewers: devnexen, emaste, MaskRay, krytarowski

Reviewed By: krytarowski

Subscribers: krytarowski, vitalybuka, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73990
2020-02-10 19:21:19 +01:00
Max Moroz 5ad62d3b7f [compiler-rt] Some clean up / refactoring in sanitizer_symbolizer_libcdep.cpp.
Summary:
Nothing critical, just a few potential improvements I've noticed while reading
the code:
- return `false` when symbolizer buffer is too small to read all data
- invert some conditions to reduce indentation
- prefer `nullptr` over `0` for pointers; init some pointers on stack;
- remove minor code duplication

Reviewers: eugenis, vitalybuka

Subscribers: dberris, #sanitizers, llvm-commits, kcc

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74137
2020-02-10 06:50:59 -08:00
Kostya Kortchinsky fe6e77f6fb [scudo][standalone] 32-bit improvement
Summary:
This tweaks some behaviors of the allocator wrt 32-bit, notably
tailoring the size-class map.

I had to remove a `printStats` from `__scudo_print_stats` since when
within Bionic they share the same slot so they can't coexist at the
same time. I have to find a solution for that later, but right now we
are not using the Svelte configuration.

Reviewers: rengolin

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74178
2020-02-07 11:16:48 -08:00
Jonas Devlieghere 4fe839ef3a [CMake] Rename EXCLUDE_FROM_ALL and make it an argument to add_lit_testsuite
EXCLUDE_FROM_ALL means something else for add_lit_testsuite as it does
for something like add_executable. Distinguish between the two by
renaming the variable and making it an argument to add_lit_testsuite.

Differential revision: https://reviews.llvm.org/D74168
2020-02-06 15:33:18 -08:00
Dimitry Andric 924c9030a8 [compiler-rt] clang-format FreeBSD-specific sanitizer sources
Formatting only, no functional change intended.
2020-02-06 22:48:08 +01:00
Mitch Phillips 8d19af685c [GWP-ASan] Use weak abort message definition.
Summary:
New shard out of the Check() function for GWP-ASan uses
android_set_abort_message. This is happily present on bionic Android,
but not Android for glibc host x86. Fix up to use the weak definition
always, so we don't have to worry.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: #sanitizers, llvm-commits, pcc, cferris

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74142
2020-02-06 10:36:25 -08:00
Mitch Phillips 25de3f98b8 [GWP-ASan] Fix PRNG to use IE TLS.
Summary:
GWP-ASan's PRNG didn't use Initial-Exec TLS. Fix that to ensure that we don't
have infinite recursion, and also that we don't allocate a DTV on Android when
GWP-ASan is touched.

Test coverage ensuring that the sample counter is UINT32_MAX for an
uninitialised GWP-ASan is provided by gwp_asan/tests/late_init.cpp.

Reviewers: pcc, cferris

Reviewed By: pcc

Subscribers: #sanitizers, llvm-commits, rprichard, eugenis

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74135
2020-02-06 10:08:23 -08:00
Peter Collingbourne dab7bdad04 scudo: Delete unused class ScudoByteMap. NFCI.
The class is only used in SizeClassAllocator32 in 64-bit mode, but we don't
use that class in 64-bit mode.

Differential Revision: https://reviews.llvm.org/D74099
2020-02-06 09:30:24 -08:00
Mitch Phillips 0bfc489093 [GWP-ASan] Fix unused variables from crash handler + clang-format
Summary: NFC - See title

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: merge_guards_bot, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74100
2020-02-05 17:31:32 -08:00
Mitch Phillips 0c3b2986ac [GWP-ASan] Change crash handler constant.
Constant is too large to fit into uintptr_t on 32-bit.
2020-02-05 16:46:51 -08:00
Mitch Phillips a62586846f [GWP-ASan] Crash Handler API.
Summary:
Forewarning: This patch looks big in #LOC changed. I promise it's not that bad, it just moves a lot of content from one file to another. I've gone ahead and left inline comments on Phabricator for sections where this has happened.

This patch:
 1. Introduces the crash handler API (crash_handler_api.h).
 2. Moves information required for out-of-process crash handling into an AllocatorState. This is a trivially-copied POD struct that designed to be recovered from a deceased process, and used by the crash handler to create a GWP-ASan report (along with the other trivially-copied Metadata struct).
 3. Implements the crash handler API using the AllocatorState and Metadata.
 4. Adds tests for the crash handler.
 5. Reimplements the (now optionally linked by the supporting allocator) in-process crash handler (i.e. the segv handler) using the new crash handler API.
 6. Minor updates Scudo & Scudo Standalone to fix compatibility.
 7. Changed capitalisation of errors (e.g. /s/Use after free/Use After Free).

Reviewers: cryptoad, eugenis, jfb

Reviewed By: eugenis

Subscribers: merge_guards_bot, pcc, jfb, dexonsmith, mgorny, cryptoad, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73557
2020-02-05 15:39:17 -08:00
Kostya Kortchinsky a9d5f8989d [scudo][standalone] Fix a race in the secondary release
Summary:
I tried to move the `madvise` calls outside of one of the secondary
mutexes, but this backfired. There is situation when a low release
interval is set combined with secondary pressure that leads to a race:
a thread can get a block from the cache, while another thread is
`madvise`'ing that block, resulting in a null header.

I changed the secondary race test so that this situation would be
triggered, and moved the release into the cache mutex scope.

Reviewers: cferris, pcc, eugenis, hctim, morehouse

Subscribers: jfb, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D74072
2020-02-05 11:02:51 -08:00
Petr Hosek 7800310cb5 [CMake][compiler-rt] Replace Windows backslashes with CMake ones
XRay builds uses llvm-config to obtain the ldflags and libs and then
passes those to CMake. Unfortunately, this breaks on Windows because
CMake tries to interpret backslashes followed by certain characters
as flags. We need to rewrite these into forward slashes that are used
by CMake (even on Windows).

Differential Revision: https://reviews.llvm.org/D73523
2020-02-04 22:35:31 -08:00
Evgenii Stepanov f48c1f5085 [compiler-rt] fix OpenBSD and Solaris build with sigaltstack interception
Summary:
`sigaltstack` interception is implemented D73816. This updated OpenBSD and Solaris bits to fix the build errors.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: fedor.sergeev, krytarowski, emaste, eugenis, dberris, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Patch by Igor Sugak.

Differential Revision: https://reviews.llvm.org/D73976
2020-02-04 15:50:59 -08:00
Kamil Rytarowski b79b7674eb [compiler-rt] [netbsd] Fix build after "implement sigaltstack interception"
Fallout after: https://reviews.llvm.org/D73816
2020-02-04 23:31:58 +01:00
Dimitry Andric 8a1f4feb1b [compiler-rt] Fix sanitizer_common build for FreeBSD
This was broken by 28c91219c7, which added `struct_stack_t_sz` only to
sanitizer_platform_limits_posix.{cpp,h}.
2020-02-04 22:51:07 +01:00
Evgenii Stepanov dd921cb89b [sanitizer] Add missing declarations for sigaltstack syscall wrappers.
Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73987
2020-02-04 13:10:43 -08:00
Peter Collingbourne f7de7084f4 scudo: Simplify getClassIdBySize() logic. NFCI.
By subtracting 1 from Size at the beginning we can simplify the
subsequent calculations. This also saves 4 instructions on aarch64
and 9 instructions on x86_64, but seems to be perf neutral.

Differential Revision: https://reviews.llvm.org/D73936
2020-02-04 09:32:27 -08:00
Evgenii Stepanov 6da6153759 hwasan_symbolize: allow 0x in the address field
Summary:
Fix parsing of mangled stack trace lines where the address has been
replaced with "0x", literally.

Reviewers: vitalybuka

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73823
2020-02-03 18:23:48 -08:00
Evgenii Stepanov 0dc634babf hwasan_symbolize: warn about missing symbols at most once per library
Reviewers: vitalybuka

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73822
2020-02-03 18:23:48 -08:00
Evgenii Stepanov 28c91219c7 [compiler-rt] implement sigaltstack interception
Summary:
An implementation for `sigaltstack` to make its side effect be visible to MSAN.

```
ninja check-msan
```

Reviewers: vitalybuka, eugenis

Reviewed By: eugenis

Subscribers: dberris, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73816

Patch by Igor Sugak.
2020-02-03 16:28:47 -08:00
Peter Collingbourne 47cda0cb36 scudo: Use more size classes in the malloc_free_loop benchmarks.
As a result of recent changes to the Android size classes, the malloc_free_loop
benchmark started exhausting the 8192 size class at 32768 iterations. To avoid
this problem (and to make the test more realistic), change the benchmark to
use a variety of size classes.

Differential Revision: https://reviews.llvm.org/D73918
2020-02-03 13:18:25 -08:00
Mitch Phillips 0d6fccb460 [GWP-ASan] Allow late initialisation if single-threaded.
Summary:
This patch allows for late initialisation of the GWP-ASan allocator. Previously, if late initialisation occurred, the sample counter was never updated, meaning we would end up having to wait for 2^32 allocations before getting a sampled allocation.

Now, we initialise the sampling mechanism in init() as well. We require init() to be called single-threaded, so this isn't a problem.

Reviewers: eugenis

Reviewed By: eugenis

Subscribers: merge_guards_bot, mgorny, #sanitizers, llvm-commits, cferris

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73896
2020-02-03 12:34:26 -08:00
Max Moroz ad7b908b4e [libFuzzer] Make dataflow and focus functions more user friendly.
Summary:
- Fail loudly if SetFocusFunction failed when it should not. For more info see
  - https://github.com/google/oss-fuzz/issues/3311
  - https://github.com/google/sanitizers/issues/1190
- Fail loudly if CollectDataFlow is called without seed corpus.

Reviewers: kcc, metzman

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73813
2020-02-03 08:36:03 -08:00
Petr Hosek c96eeebca8 [CMake] compiler-rt: Add COMPILER_RT_BUILTINS_ENABLE_PIC
The configuration for -fPIC in the builtins library when built standalone
is unconditional, stating that the flags would "normally be added... by
the llvm cmake step"

This is untrue, as the llvm cmake step checks LLVM_ENABLE_PIC, which allows
a client to turn off -fPIC.

I've added an option when compiler-rt builtins are configured standalone, such
as when built as part of the LLVM runtimes system, to guard the application of
-fPIC for users that want it.

Patch By: JamesNagurne

Differential Revision: https://reviews.llvm.org/D72950
2020-01-31 15:57:18 -08:00
Kostya Kortchinsky 64cb77b946 [scudo][standalone] Change default Android config
Summary:
This changes a couple of parameters in the default Android config to
address some performance and memory footprint issues (well to be closer
to the default Bionic allocator numbers).

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73750
2020-01-31 14:46:35 -08:00
Kamil Rytarowski 3a200f3f2e [compiler-rt] Fix build on NetBSD 9.99.44
Fix build on >= 9.99.44 after the removal of urio(4).
Add compat code for the device as NetBSD-9.0 is supported.
2020-01-31 14:57:20 +01:00
Kostya Kortchinsky 654f5d6845 [scudo][standalone] Release secondary memory on purge
Summary:
The Secondary's cache needs to be released when the Combined's
`releaseToOS` function is called (via `M_PURGE`) for example,
which this CL adds.

Additionally, if doing a forced release, we'll release the
transfer batch class as well since now we can do that.

There is a couple of other house keeping changes as well:
- read the page size only once in the Secondary Cache `store`
- remove the interval check for `CanRelease`: we are going to
  make that configurable via `mallopt` so this needs not be
  set in stone there.

Reviewers: cferris, hctim, pcc, eugenis

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73730
2020-01-30 13:22:45 -08:00
Yuanfang Chen 29181e5426 [compiler-rt][profile] fix test/instrprof-set-filename.c on windows
Summary: `.cmd` is interpreted as script in windows console.

Reviewers: davidxl, rnk

Reviewed By: davidxl

Differential Revision: https://reviews.llvm.org/D73327
2020-01-29 15:00:56 -08:00
Kostya Kortchinsky 6cb830de6e [scudo][standalone] Revert some perf-degrading changes
Summary:
A couple of seemingly innocuous changes ended up having a large impact
on the 32-bit performance. I still have to make those configurable at
some point, but right now it will have to do.

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73658
2020-01-29 14:00:48 -08:00
Bjorn Pettersson f4ca2ac822 [scudo] Skip building scudo standalone if sys/auxv.h can't be found
Summary:
Since commit c299d1981d scudo
standalone can't be built without including sys/auxv.h.
I do not have that file on my system, and my builds have failed
when trying to simply build "all" runtimes. Assuming that "all"
means "all possible given the current environment" we need to
guard the setting of COMPILER_RT_HAS_SCUDO_STANDALONE=TRUE by
first checking if sys/auxv.h can be found.

Reviewers: pcc, cryptoad

Reviewed By: pcc

Subscribers: mgorny, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73631
2020-01-29 18:18:59 +01:00
Shoaib Meenai d8f6950828 [asan] Fix test compilation on Android API <= 17
mlockall and munlockall were introduced in Android API 17, so avoid
referencing them on prior versions.

Differential Revision: https://reviews.llvm.org/D73515
2020-01-28 14:36:19 -08:00
Roland McGrath 90a10f00ff [lsan] Support LeakSanitizer runtime on Fuchsia
Support LeakSanitizer runtime on Fuchsia.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D72887
2020-01-28 11:34:53 -08:00
Kostya Kortchinsky a1f6ff2681 [scudo][standalone] Fix Android logging
Summary:
Zygote & children's stderr is lost, so use Bionic's provided allocation
free syslog function for `outputRaw`. Get rid of the mutex as it's not
vital and could cause issues with `fork`.

Reviewers: cferris, pcc, eugenis, hctim, morehouse

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73561
2020-01-28 11:03:39 -08:00
Kostya Kortchinsky 993e3c9269 [scudo][standalone] Secondary & general other improvements
Summary:
This CL changes multiple things to improve performance (notably on
Android).We introduce a cache class for the Secondary that is taking
care of this mechanism now.

The changes:
- change the Secondary "freelist" to an array. By keeping free secondary
  blocks linked together through their headers, we were keeping a page
  per block, which isn't great. Also we know touch less pages when
  walking the new "freelist".
- fix an issue with the freelist getting full: if the pattern is an ever
  increasing size malloc then free, the freelist would fill up and
  entries would not be used. So now we empty the list if we get to many
  "full" events;
- use the global release to os interval option for the secondary: it
  was too costly to release all the time, particularly for pattern that
  are malloc(X)/free(X)/malloc(X). Now the release will only occur
  after the selected interval, when going through the deallocate path;
- allow release of the `BatchClassId` class: it is releasable, we just
  have to make sure we don't mark the batches containing batches
  pointers as free.
- change the default release interval to 1s for Android to match the
  current Bionic allocator configuration. A patch is coming up to allow
  changing it through `mallopt`.
- lower the smallest class that can be released to `PageSize/64`.

Reviewers: cferris, pcc, eugenis, morehouse, hctim

Subscribers: phosek, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73507
2020-01-28 07:28:55 -08:00
Petr Hosek 2533bc2361 Revert "[lsan] Support LeakSanitizer runtime on Fuchsia"
This reverts commit d59e3429f3.
2020-01-28 00:24:41 -08:00
Roland McGrath d59e3429f3 [lsan] Support LeakSanitizer runtime on Fuchsia
Support LeakSanitizer runtime on Fuchsia.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D72887
2020-01-27 23:35:06 -08:00
Evgenii Stepanov 46044a6900 [gwp-asan] Implement malloc_iterate.
Summary:
This is an Android-specific interface for iterating over all live
allocations in a memory range.

Reviewers: hctim, cferris

Subscribers: mgorny, mgrang, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73305
2020-01-27 14:37:33 -08:00
Roland McGrath 38fd1806a1 [lsan] Factor pthread-specific assumptions out of thread tracking code
This is a small refactoring to prepare for porting LSan to Fuchsia.
Factor out parts of lsan_thread.{cpp,h} that don't apply to Fuchsia.
Since existing supported systems are POSIX-based, the affected code
is moved to lsan_posix.{cpp.h}.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D73309
2020-01-24 16:55:11 -08:00
Roland McGrath aae707cd88 [lsan] Expose Frontier object to OS-specific LockStuffAndStopTheWorld callback
This is a small refactoring to prepare for porting LSan to Fuchsia.
On Fuchsia, the system supplies a unified API for suspending threads and
enumerating roots from OS-specific places like thread state and global data
ranges. So its LockStuffAndStopTheWorld implementation will make specific
callbacks for all the OS-specific root collection work before making the
common callback that includes the actual leak-checking logic.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D72988
2020-01-24 16:53:35 -08:00
Roland McGrath 81b700e302 [sanitizer_common] Implement MemoryMappingLayout for Fuchsia
This is needed to port lsan to Fuchsia.

Patch By: mcgrathr

Differential Revision: https://reviews.llvm.org/D72886
2020-01-24 16:35:43 -08:00
Mitch Phillips e1440f594c [GWP-ASan] Add names to anonymous mappings.
Summary:
Adds names to anonymous GWP-ASan mappings. This helps Android with debugging
via. /proc/maps, as GWP-ASan-allocated mappings are now easily identifyable.

Reviewers: eugenis, cferris

Reviewed By: eugenis

Subscribers: merge_guards_bot, #sanitizers, llvm-commits, cryptoad, pcc

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73373
2020-01-24 15:02:02 -08:00
Evgenii Stepanov 596d06145a [GWP-ASan] enable/disable and fork support.
Summary:
* Implement enable() and disable() in GWP-ASan.
* Setup atfork handler.
* Improve test harness sanity and re-enable GWP-ASan in Scudo.

Scudo_standalone disables embedded GWP-ASan as necessary around fork().
Standalone GWP-ASan sets the atfork handler in init() if asked to. This
requires a working malloc(), therefore GWP-ASan initialization in Scudo
is delayed to the post-init callback.

Test harness changes are about setting up a single global instance of
the GWP-ASan allocator so that pthread_atfork() does not create
dangling pointers.

Test case shamelessly stolen from D72470.

Reviewers: cryptoad, hctim, jfb

Subscribers: mgorny, jfb, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73294
2020-01-24 13:53:26 -08:00
Evgenii Stepanov 966b5182ba Change internal_start_thread arguments to match pthread_create.
This avoids a CFI-unfriendly function pointer type cast in
internal_start_thread.
2020-01-23 13:15:16 -08:00
Dan Liew 9d9b470e69 [CMake] Refactor iOS simulator/device test configuration generation code for LibFuzzer.
Summary:
In order to do this `FUZZER_SUPPORTED_OS` had to be pulled out of
`lib/fuzzer/CMakeLists.txt` and into the main config so we can use it
from the `test/fuzzer/CMakeList.txt`. `FUZZER_SUPPORTED_OS` currently
has the same value of `SANITIZER_COMMON_SUPPORTED_OS` which preserves
the existing behaviour but this allows us in the future to adjust the
supported platforms independent of `SANITIZER_COMMON_SUPPORTED_OS`. This
mirrors the other sanitizers.

For non-Apple platforms `FUZZER_SUPPORTED_OS` is not defined and
surprisingly this was the behaviour before this patch because
`SANITIZER_COMMON_SUPPORTED_OS` was actually empty. This appears to
not matter right now because the functions that take an `OS` as an
argument seem to ignore it on non-Apple platforms.

While this change tries to be NFC it is technically not because we
now generate an iossim config whereas previously we didn't. This seems
like the right thing to do because the build system was configured to
compile LibFuzzer for iossim but previously we weren't generating a lit
test config for it. The device/simulator testing configs don't run by
default anyway so this shouldn't break testing.

This change relies on the get_capitalized_apple_platform() function
added in a previous commit.

rdar://problem/58798733

Reviewers: kubamracek, yln

Subscribers: mgorny, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73243
2020-01-23 12:44:00 -08:00
Dan Liew 06569361d0 [CMake][NFC] Refactor iOS simulator/device test configuration generation code for TSan.
Summary:
The previous code hard-coded platform names but compiler-rt's CMake
build system actually already knows which Apple platforms TSan supports.

This change uses this information to enumerate the different Apple
platforms.

This change relies on the `get_capitalized_apple_platform()` function
added in a previous commit.

rdar://problem/58798733

Reviewers: kubamracek, yln

Subscribers: mgorny, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73238
2020-01-23 12:44:00 -08:00
Dan Liew 1262745060 [CMake][NFC] Refactor iOS simulator/device test configuration generation code for ASan.
Summary:
The previous code hard-coded platform names but compiler-rt's CMake
build system actually already knows which Apple platforms ASan supports.

This change uses this information to enumerate the different Apple
platforms.

rdar://problem/58798733

Reviewers: kubamracek, yln

Subscribers: mgorny, #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73232
2020-01-23 12:44:00 -08:00
Max Moroz 15f1d5d144 [libFuzzer] Add INFO output when LLVMFuzzerCustomMutator is found.
Summary:
there is an ongoing work on interchangeable custom mutators
(https://github.com/google/clusterfuzz/pull/1333/files#r367706283)
and having some sort of signalling from libFuzzer that it has loaded
a custom mutator would be helpful.

The initial idea was to make the mutator to print something, but given
the anticipated variety of different mutators, it does not seem possible
to make all of them print the same message to signal their execution.

Reviewers: kcc, metzman

Reviewed By: metzman

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73136
2020-01-22 12:56:16 -08:00
Kostya Kortchinsky 990acd450c [scudo][standalone] Reduce Android region sizes to 128MB
Summary:
Unity is making irresponsible assumptions as to how clumped up memory
should be. With larger regions, we break those, resulting in errors
like:

"Using memoryadresses from more that 16GB of memory"

This is unfortunately one of those situations where we have to bend to
existing code because we doubt it's going to change any time soon.

128MB should be enough, but we could be flirting with OOMs in the
higher class sizes.

Reviewers: cferris, eugenis, hctim, morehouse, pcc

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73143
2020-01-22 09:42:07 -08:00
Michał Górny 3215f7c7a8 [compiler-rt] [builtins] Fix clear_cache_test to work with MPROTECT
Fix clear_cache_test to work on NetBSD with PaX MPROTECT enabled, that
is when creating W+X mmaps is prohibited.  Use the recommended solution:
create two mappings for the same memory area, make one of them RW, while
the other RX.  Copy the function into the RW area but run it from the RX
area.

In order to implement this, I've split the pointer variables to
'write_buffer' and 'execution_buffer'.  Both are separate pointers
on NetBSD, while they have the same value on other systems.

I've also split the memcpy_f() into two: new memcpy_f() that only takes
care of copying memory and discards the (known) result of memcpy(),
and realign_f() that applies ARM realignment to the given pointer.
Again, there should be no difference on non-NetBSD systems but on NetBSD
copying is done on write_buffer, while realignment on pointer
to the execution_buffer.

I have tested this change on NetBSD and Linux.

Differential Revision: https://reviews.llvm.org/D72578
2020-01-22 17:04:54 +01:00
Kostya Kortchinsky 561fa84477 [scudo][standalone] Allow sched_getaffinity to fail
Summary:
In some configuration, `sched_getaffinity` can fail. Some reasons for
that being the lack of `CAP_SYS_NICE` capability or some syscall
filtering and so on.

This should not be fatal to the allocator, so in this situation, we
will fallback to the `MaxTSDCount` value specified in the allocator
configuration.

Reviewers: cferris, eugenis, hctim, morehouse, pcc

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D73055
2020-01-21 11:18:18 -08:00
Peter Collingbourne 9b9c68a2d6 hwasan: Remove dead code. NFCI.
Differential Revision: https://reviews.llvm.org/D72896
2020-01-17 15:12:38 -08:00
Petr Hosek d3db13af7e [profile] Support counter relocation at runtime
This is an alternative to the continous mode that was implemented in
D68351. This mode relies on padding and the ability to mmap a file over
the existing mapping which is generally only available on POSIX systems
and isn't suitable for other platforms.

This change instead introduces the ability to relocate counters at
runtime using a level of indirection. On every counter access, we add a
bias to the counter address. This bias is stored in a symbol that's
provided by the profile runtime and is initially set to zero, meaning no
relocation. The runtime can mmap the profile into memory at abitrary
location, and set bias to the offset between the original and the new
counter location, at which point every subsequent counter access will be
to the new location, which allows updating profile directly akin to the
continous mode.

The advantage of this implementation is that doesn't require any special
OS support. The disadvantage is the extra overhead due to additional
instructions required for each counter access (overhead both in terms of
binary size and performance) plus duplication of counters (i.e. one copy
in the binary itself and another copy that's mmapped).

Differential Revision: https://reviews.llvm.org/D69740
2020-01-17 15:02:23 -08:00
Marco Vanotti 44aaca3de4 [libFuzzer] Allow discarding output in ExecuteCommand in Fuchsia.
Summary:
This commit modifies the way `ExecuteCommand` works in fuchsia by adding
special logic to handle `/dev/null`.

The FuzzerCommand interface does not have a way to "discard" the output,
so other parts of the code just set the output file to `getDevNull()`.
The problem is that fuchsia does not have a named file that is
equivalent to `/dev/null`, so opening that file just fails.

This commit detects whether the specified output file is `getDevNull`,
and if that's the case, it will not copy the file descriptor for stdout
in the spawned process.

NOTE that modifying `FuzzerCommand` to add a "discardOutput" function
involves a significant refactor of all the other platforms, as they all
rely on the `toString()` method of `FuzzerCommand`.

This allows libfuzzer in fuchsia to run with `fork=1`, as the merge
process (`FuzzerMerge.cpp`) invoked `ExecuteCommand` with `/dev/null` as the
output.

Reviewers: aarongreen, phosek

Reviewed By: aarongreen

Subscribers: #sanitizers, llvm-commits

Tags: #sanitizers, #llvm

Differential Revision: https://reviews.llvm.org/D72894
2020-01-17 12:15:46 -08:00