Summary:
Repoisoning just the minimal redzones might leave an unpoisoned
gap of the size of the actual redzone minus minimal redzone size.
After ASan activation the actual redzone might be bigger than the minimal
size and ASan allocator assumes that the chunk returned by the common
allocator is either entirely poisoned or entirely not poisoned (it's too
expensive to check the entire chunk or always poison one).
Reviewers: eugenis
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D28577
llvm-svn: 291714
The `-target` impacts the CC for the builtins. HF targets (with either
floating point ABI) always use AAPCS VFP for the builtins unless they
are AEABI builtins, in which case they use AAPCS. Non-HF targets (with
either floating point ABI) always use AAPCS for the builtins and AAPCS
for the AEABI builtins. This introduces the thunks necessary to switch
CC for the floating point operations. This is not currently enabled,
and should be dependent on the target being used to build compiler-rt.
However, as a stop-gap, a define can be added for ASFLAGS to get the
thunks.
llvm-svn: 291677
On Darwin, we currently use 'ignore_interceptors_accesses', which is a heavy-weight solution that simply turns of race detection in all interceptors. This was done to suppress false positives coming from system libraries (non-instrumented code), but it also silences a lot of real races. This patch implements an alternative approach that should allow us to enable interceptors and report races coming from them, but only if they are called directly from instrumented code.
The patch matches the caller PC in each interceptors. For non-instrumented code, we call ThreadIgnoreBegin.
The assumption here is that the number of instrumented modules is low. Most likely there's only one (the instrumented main executable) and all the other modules are system libraries (non-instrumented).
Differential Revision: https://reviews.llvm.org/D28264
llvm-svn: 291631
Summary:
As raised in D28304, enabling SSE 4.2 for the whole Scudo tree leads to the
emission of SSE 4.2 instructions everywhere, while the runtime checks only
applied to the CRC32 computing function.
This patch separates the CRC32 function taking advantage of the hardware into
its own file, and only enabled -msse4.2 for that file, if detected to be
supported by the compiler.
Another consequence of removing SSE4.2 globally is realizing that memcpy were
not being optimized, which turned out to be due to the -fno-builtin in
SANITIZER_COMMON_CFLAGS. So we now explicitely enable builtins for Scudo.
The resulting assembly looks good, with some CALLs are introduced instead of
the CRC32 code being inlined.
Reviewers: kcc, mgorny, alekseyshl
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D28417
llvm-svn: 291570
Summary: This patch attempts to fix test patching-unpatching.cc . The new code flushes the instruction cache after modifying the program at runtime.
Reviewers: dberris, rengolin, pelikan, rovka
Subscribers: rovka, llvm-commits, iid_iunknown, aemerson
Differential Revision: https://reviews.llvm.org/D27996
llvm-svn: 291568
Revert "ASAN activate/deactive controls thread_local_quarantine_size_kb option."
Revert "Bypass quarantine when quarantine size is set ot zero."
Revert "ASAN activate/deactive controls thread_local_quarantine_size_kb option."
One of these commits broke some of the ARM / AArch64 buildbots:
TEST 'AddressSanitizer-aarch64-linux :: TestCases/Posix/start-deactivated.cc' FAILED
Command Output (stderr):
--
/home/buildslave/buildslave/clang-cmake-aarch64-42vma/llvm/projects/compiler-rt/test/asan/TestCases/Posix/start-deactivated.cc:85:12: error: expected string not found in input
// CHECK: WARNING: AddressSanitizer failed to allocate 0xfff{{.*}} bytes
^
<stdin>:1:1: note: scanning from here
start-deactivated.cc.tmp: /home/buildslave/buildslave/clang-cmake-aarch64-42vma/llvm/projects/compiler-rt/test/asan/TestCases/Posix/start-deactivated.cc:40: void test_malloc_shadow(char *, size_t, bool): Assertion `(char *)__asan_region_is_poisoned(p - 1, sz + 1) == (expect_redzones ? p - 1 : nullptr)' failed.
^
<stdin>:2:1: note: possible intended match here
Error: Aborted (core dumped)
^
llvm-svn: 291560
Summary:
The build system was inconsistent in its naming conventions for
link flags. This patch changes all uses of LINKFLAGS to LINK_FLAGS,
for consistency with cmake's LINK_FLAGS property.
This patch should make it easier to search the source code for
uses of link flags, as well as providing the benefit of improved
style and consistency.
Reviewers: compnerd, beanz
Subscribers: kubabrecka, llvm-commits, mgorny
Differential Revision: https://reviews.llvm.org/D28506
llvm-svn: 291539
Summary:
By default, darwin requires a definition for weak interface functions at
link time. Adding the '-U' link flag with each weak function allows these
weak interface functions to be used without definitions, which mirrors
behavior on linux and windows.
Reviewers: compnerd, eugenis
Subscribers: kubabrecka, mgorny, llvm-commits
Differential Revision: https://reviews.llvm.org/D28203
llvm-svn: 291417
As discussed with Dmitry (https://goo.gl/SA4izd), I would like to introduce a function to be called from a third-party library to flush the shadow memory.
In particular, we ran some experiments with our tool Archer (an OpenMP data race detector based on Tsan, https://github.com/PRUNER/archer) and flushing the memory at the end of an outer parallel region, slightly increase the runtime overhead, but reduce the memory overhead of about 30%. This feature would come very handy in case of very large OpenMP applications that may cause an "out of memory" exception when checked with Tsan.
Reviewed in: https://reviews.llvm.org/D28443
Author: Simone Atzeni (simoatze)
llvm-svn: 291346
Summary:
By default, darwin requires a definition for weak interface functions at
link time. Adding the '-U' link flag with each weak function allows these
weak interface functions to be used without definitions, which mirrors
behavior on linux and windows.
Reviewers: compnerd, eugenis
Subscribers: kubabrecka, mgorny, llvm-commits
Differential Revision: https://reviews.llvm.org/D28203
llvm-svn: 291314
Summary:
Adds a few default implementations for weak
interface functions on platforms where weak hooks are not supported.
Reviewers: eugenis, samsonov, timurrrr
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D28201
llvm-svn: 291313
Summary:
The lsan cmake configuration failed when targeting more
than one architecture, because it would attempt to create multiple
components with the same name. Ensure that only one lsan component
is ever created.
Reviewers: beanz, bogner
Subscribers: dberris, llvm-commits, mgorny
Differential Revision: https://reviews.llvm.org/D28151
llvm-svn: 291294
This patch starts passing architecture information about a module to llvm-symbolizer and into text reports. This fixes the longstanding x86_64/x86_64h mismatch issue on Darwin.
Differential Revision: https://reviews.llvm.org/D27390
llvm-svn: 291287
This patch teaches asan_symbolize.py to read an architecture suffix on module names (e.g. ":x86_64") and pass that option to atos and llvm-symbolizer.
Differential Revision: https://reviews.llvm.org/D27378
llvm-svn: 291280
This patch add a new sanitizer flag, print_module_map, which enables printing a module map when the process exits, or after each report (for TSan). The output format is very similar to what Crash Reporter produces on Darwin (e.g. the format of module UUIDs). This enables users to use the existing symbol servers to offline symbolicate and aggregate reports.
Differential Revision: https://reviews.llvm.org/D27400
llvm-svn: 291277
This patch adds tracking which modules are instrumented and which are not. On macOS, instrumented modules link against the ASan/TSan/... dylib, so we can just check if such a load command exists or not.
Differential Revision: https://reviews.llvm.org/D28263
llvm-svn: 291268
Implement the missing __floattitf() and __floatuntitf() functions, to
convert 128-bit (unsigned) integers to quad-precision floating-point
types. This is needed e.g. on AArch64 where 'long double' is
a quad-precision type.
The code is based on the existing code for __floattixf()
and __floatuntixf(), updated to account for different bit field lengths
of quad-precision float. The tests are also copied, with the rounding
tests adjusted for longer significand.
Differential Revision: https://reviews.llvm.org/D27898
llvm-svn: 291259
Summary: This is the compiler-rt side of D28242.
Reviewers: kcc, vitalybuka, pgousseau, gbedwell
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D28244
llvm-svn: 291237
Disable the code appending -msse4.2 flag implicitly when the compiler
supports it. The compiler support for this flags do not indicate that
the underlying CPU will support SSE4.2, and passing it may result in
SSE4.2 code being emitted *implicitly*.
If the target platform supports SSE4.2 appropriately, the relevant bits
should be already enabled via -march= or equivalent. In this case
passing -msse4.2 is redundant.
If a runtime detection is desired (which seems to be a case with SCUDO),
then (as gcc manpage points out) the specific SSE4.2 needs to be
isolated into a separate file, the -msse4.2 flag can be forced only
for that file and the function defined in that file can only be called
when the CPU is determined to support SSE4.2.
This fixes SIGILL on SCUDO when it is compiled using gcc-5.4.
Differential Revision: https://reviews.llvm.org/D28304
llvm-svn: 291217
Summary:
Debug builds can have larger distance between stack trace and PC on that stack.
If we assume that PC is always correct we can snap it to the nearest trace.
Reviewers: eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D28342
llvm-svn: 291173
Summary:
At this point SANCOV_OPTIONS are not functional but it is our intent
to move here sanitizer coverage flags from various sanitizers _OPTIONS.
Reviewers: kcc
Subscribers: kubabrecka, mgorny
Differential Revision: https://reviews.llvm.org/D28311
llvm-svn: 291068
Summary:
A previous fix used __assume(0), but not all compilers know that control will
not pass that. This patch uses a macro which works in more compilers.
Reviewers: rnk
Subscribers: kubabrecka
Differential Revision: https://reviews.llvm.org/D28268
llvm-svn: 291042
Summary:
If you decide to recompile parts of your Linux distro with XRay, it may
be useful to know which trace belongs to which binary. While there, get
rid of the incorrect strncat() usage; it always returns a pointer to the
start which makes that if() always true. Replace with snprintf which is
bounded so that enough from both strings fits nicely.
Reviewers: dberris
Subscribers: danalbert, srhines, kubabrecka, mgorny, llvm-commits
Differential Revision: https://reviews.llvm.org/D27912
llvm-svn: 290861
Summary:
In this change we introduce the notion of a "flight data recorder" mode
for XRay logging, where XRay logs in-memory first, and write out data
on-demand as required (as opposed to the naive implementation that keeps
logging while tracing is "on"). This depends on D26232 where we
implement the core data structure for holding the buffers that threads
will be using to write out records of operation.
This implementation only currently works on x86_64 and depends heavily
on the TSC math to write out smaller records to the inmemory buffers.
Also, this implementation defines two different kinds of records with
different sizes (compared to the current naive implementation): a
MetadataRecord (16 bytes) and a FunctionRecord (8 bytes). MetadataRecord
entries are meant to write out information like the thread ID for which
the metadata record is defined for, whether the execution of a thread
moved to a different CPU, etc. while a FunctionRecord represents the
different kinds of function call entry/exit records we might encounter
in the course of a thread's execution along with a delta from the last
time the logging handler was called.
While this implementation is not exactly what is described in the
original XRay whitepaper, this one gives us an initial implementation
that we can iterate and build upon.
Reviewers: echristo, rSerge, majnemer
Subscribers: mehdi_amini, llvm-commits, mgorny
Differential Revision: https://reviews.llvm.org/D27038
llvm-svn: 290852
Summary:
Make kLargeMalloc big enough to be handled by secondary allocator
and small enough to fit into quarantine for all configurations.
It become too big to fit into quarantine on Android after D27873.
Reviewers: eugenis
Patch by Alex Shlyapnikov.
Subscribers: danalbert, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D28142
llvm-svn: 290689
Updated test according to commit 290539:
According to extended asm syntax, a case where the clobber list includes a variable from the inputs or outputs should be an error - conflict.
for example:
const long double a = 0.0;
int main()
{
char b;
double t1 = a;
__asm__ ("fucompp": "=a" (b) : "u" (t1), "t" (t1) : "cc", "st", "st(1)");
return 0;
}
This should conflict with the output - t1 which is st, and st which is st aswell.
The patch fixes it.
Commit on behald of Ziv Izhar.
Differential Revision: https://reviews.llvm.org/D15075
llvm-svn: 290540
This allows compiler-rt to be built on older macOS SDKs, where there symbols are not defined.
Patch by Jeremy Huddleston Sequoia <jeremyhu@apple.com>.
llvm-svn: 290521
Summary: This patch attempts to fix test patching-unpatching.cc . The new code flushes the instruction cache after modifying the program at runtime.
Reviewers: dberris, rengolin
Subscribers: llvm-commits, iid_iunknown, aemerson
Differential Revision: https://reviews.llvm.org/D27996
llvm-svn: 290452
Summary: We setup these interceptors twice which hangs test on windows.
Reviewers: eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D28070
llvm-svn: 290393
Summary: Make thread local quarantine size an option so it can be turned off to save memory.
Reviewers: eugenis
Patch by Alex Shlyapnikov.
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D28027
llvm-svn: 290373
Summary:
Warm up ASAN caches in ThreadedQuarantineTest to get more predictable
incremental heap memory usage measurements.
Reviewers: eugenis
Patch by Alex Shlyapnikov.
Subscribers: aemerson, kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D28061
llvm-svn: 290371
Summary: This patch attempts to fix test patching-unpatching.cc . The new code flushes the instruction cache after modifying the program at runtime.
Reviewers: dberris, rengolin
Subscribers: llvm-commits, iid_iunknown, aemerson
Differential Revision: https://reviews.llvm.org/D27996
llvm-svn: 290354
Summary:
Experiments show that on Android the current values result in too much
of the memory consumption for all quarantined chunks.
Reviewers: kcc, eugenis
Subscribers: mgorny, danalbert, srhines, llvm-commits, kubabrecka
Patch by Aleksey Shlyapnikov.
Differential Revision: https://reviews.llvm.org/D27873
llvm-svn: 290218
Summary:
After rL289878/rL289881, the build on FreeBSD is broken, because
sanitizer_platform_limits_posix.cc attempts to include <utmp.h> and use
`struct utmp`, neither of which are supported anymore on FreeBSD.
Fix this by adding `&& !SANITIZER_FREEBSD` in a few places, and stop
intercepting utmp functions altogether for FreeBSD.
Reviewers: kubabrecka, emaste, eugenis, ed
Subscribers: ed, llvm-commits
Differential Revision: https://reviews.llvm.org/D27902
llvm-svn: 290167
In ASan, we have __asan_locate_address and __asan_get_alloc_stack, which is used in LLDB/Xcode to show the allocation backtrace for a heap memory object. This patch implements the same for TSan.
Differential Revision: https://reviews.llvm.org/D27656
llvm-svn: 290119
Missed a couple of files:
- Using #pragma once
- Missing top-matter for headers
- Missing an include for <cstdint>
Follow-up on D25360.
llvm-svn: 290079
Summary:
Getting rid of the distance number altogether because:
- a person knowledgeable enough to know what the message means will also
know how to do hexadecimal math (with the help of a calculator)
- numbers outside INT_MIN - INT_MAX are hard to comprehend anyway
This unbreaks the case when you dynamically link a library with XRay and
it exits pre-main() with a not very informative static string.
Author: pelikan
Reviewers: dberris
Subscribers: llvm-commits, mehdi_amini
Differential Revision: https://reviews.llvm.org/D27894
llvm-svn: 290074
projects/compiler-rt/lib/xray/xray_trampoline_x86_64.S:33:7: error: unexpected token in '.endm' directive
.endm SAVE_REGISTERS
^
projects/compiler-rt/lib/xray/xray_trampoline_x86_64.S:52:7: error: unexpected token in '.endm' directive
.endm RESTORE_REGISTERS
^
Remove the trailing name on the `.endm` which does not take the name of the
macro. This should bring the compiler-rt build bot back into working state.
llvm-svn: 289852
Summary:
With the recent changes to the Secondary, we use less bits for UnusedBytes,
which allows us in return to increase the bits used for Offset. That means
that we can use a Primary SizeClassMap allowing for a larger maximum size.
Reviewers: kcc, alekseyshl
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D27816
llvm-svn: 289838
We already have an interceptor for __shared_weak_count::__release_shared, this patch handles __shared_count::__release_shared in the same way. This should get rid of TSan false positives when using std::future.
Differential Revision: https://reviews.llvm.org/D27797
llvm-svn: 289831
Summary:
The layout of all registers saved on stack shouldn't deviate and will be reused in future trampolines as well.
While there, fix whitespace and clarify comments.
Author: mpel
Reviewers: dberris
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D27799
llvm-svn: 289789
Objects may move during the garbage collection, and JVM needs
to notify ThreadAnalyzer about that. The new function
__tsan_java_find eliminates the need to maintain these
objects both in ThreadAnalyzer and JVM.
Author: Alexander Smundak (asmundak)
Reviewed in https://reviews.llvm.org/D27720
llvm-svn: 289682
Summary:
I atually had an integer overflow on 32-bit with D27428 that didn't reproduce
locally, as the test servers would manage allocate addresses in the 0xffffxxxx
range, which led to some issues when rounding addresses.
At this point, I feel that Scudo could benefit from having its own combined
allocator, as we don't get any benefit from the current one, but have to work
around some hurdles (alignment checks, rounding up that is no longer needed,
extraneous code).
Reviewers: kcc, alekseyshl
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D27681
llvm-svn: 289572
Summary:
This should improve the error messages generated providing a bit more
information when the failures are printed out. One example of a
contrived error looks like:
```
Expected: (Buffers.getBuffer(Buf)) != (std::error_code()), actual:
system:0 vs system:0
```
Because we're using error codes, the default printing gets us more
useful information in case of failure.
This is a follow-up on D26232.
Reviewers: rSerge
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D27495
llvm-svn: 289501
In certain OS versions, it was possible that libmalloc replaced the sanitizer zone from being the default zone (i.e. being in malloc_zones[0]). This patch introduces a failsafe that makes sure we always stay the default zone. No testcase for this, because this doesn't reproduce under normal circumstances.
Differential Revision: https://reviews.llvm.org/D27083
llvm-svn: 289376
We currently have a interceptor for malloc_create_zone, which returns a new zone that redirects all the zone requests to our sanitizer zone. However, calling malloc_destroy_zone on that zone will cause libmalloc to print out some warning messages, because the zone is not registered in the list of zones. This patch handles this and adds a testcase for that.
Differential Revision: https://reviews.llvm.org/D27083
llvm-svn: 289375
Summary: I see crashes on this check when some reports are being generated.
Reviewers: eugenis
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D27574
llvm-svn: 289145
Summary:
The combined allocator rounds up the requested size with regard to the
alignment, which makes sense when being serviced by the primary as it comes
with alignment guarantees, but not with the secondary. For the rare case of
large alignments, it wastes memory, and entices unnecessarily large fields for
the Scudo header. With this patch, we pass the non-alignement-rounded-up size
to the secondary, and adapt the Scudo code for this change.
Reviewers: alekseyshl, kcc
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D27428
llvm-svn: 289088
Summary: For platforms which support slow unwinder only, we restrict the store context size to 1, basically only storing the current pc. We do this because the slow unwinder which is based on libunwind is not async signal safe and causes random freezes in forking applications as well as in signal handlers.
Reviewed by eugenis.
Differential: D23107
llvm-svn: 289027
Summary:
For idivsi3, convert the Thumb2 only instruction to thumb1.
For aeabi_idivmod, using __divsi3.
Reviewers: rengolin, compnerd
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D27472
llvm-svn: 288960
Summary: Since CLZ is not available for Thumb1, we use __ARM_ARCH_ISA_THUMB != 1 as one of the conditions.
Reviewers: rnk, compnerd, rengolin
Subscribers: aemerson, rengolin, llvm-commits
Differential Revision: https://reviews.llvm.org/D27530
llvm-svn: 288954