Commit Graph

1118 Commits

Author SHA1 Message Date
Adhemerval Zanella 689724e578 [compiler-rt] [msan] Unify aarch64 mapping
This patch unify the 39-bit and 42-bit mapping for aarch64 to use only
one instrumentation algorithm.  A runtime check avoid mapping 42-bit 
only segments for 39-bit kernels.

The mapping to use now is for 39 and 42-bits:

    0x00000000000ULL-0x01000000000ULL  MappingDesc::INVALID
    0x01000000000ULL-0x02000000000ULL  MappingDesc::SHADOW
    0x02000000000ULL-0x03000000000ULL  MappingDesc::ORIGIN
    0x03000000000ULL-0x04000000000ULL  MappingDesc::SHADOW
    0x04000000000ULL-0x05000000000ULL  MappingDesc::ORIGIN
    0x05000000000ULL-0x06000000000ULL  MappingDesc::APP
    0x06000000000ULL-0x07000000000ULL  MappingDesc::INVALID
    0x07000000000ULL-0x08000000000ULL  MappingDesc::APP

And only for 42-bits:

    0x08000000000ULL-0x09000000000ULL  MappingDesc::INVALID
    0x09000000000ULL-0x0A000000000ULL  MappingDesc::SHADOW
    0x0A000000000ULL-0x0B000000000ULL  MappingDesc::ORIGIN
    0x0B000000000ULL-0x0F000000000ULL  MappingDesc::INVALID
    0x0F000000000ULL-0x10000000000ULL  MappingDesc::APP
    0x10000000000ULL-0x11000000000ULL  MappingDesc::INVALID
    0x11000000000ULL-0x12000000000ULL  MappingDesc::APP
    0x12000000000ULL-0x17000000000ULL  MappingDesc::INVALID
    0x17000000000ULL-0x18000000000ULL  MappingDesc::SHADOW
    0x18000000000ULL-0x19000000000ULL  MappingDesc::ORIGIN
    0x19000000000ULL-0x20000000000ULL  MappingDesc::INVALID
    0x20000000000ULL-0x21000000000ULL  MappingDesc::APP
    0x21000000000ULL-0x26000000000ULL  MappingDesc::INVALID
    0x26000000000ULL-0x27000000000ULL  MappingDesc::SHADOW
    0x27000000000ULL-0x28000000000ULL  MappingDesc::ORIGIN
    0x28000000000ULL-0x29000000000ULL  MappingDesc::SHADOW
    0x29000000000ULL-0x2A000000000ULL  MappingDesc::ORIGIN
    0x2A000000000ULL-0x2B000000000ULL  MappingDesc::APP
    0x2B000000000ULL-0x2C000000000ULL  MappingDesc::INVALID
    0x2C000000000ULL-0x2D000000000ULL  MappingDesc::SHADOW
    0x2D000000000ULL-0x2E000000000ULL  MappingDesc::ORIGIN
    0x2E000000000ULL-0x2F000000000ULL  MappingDesc::APP
    0x2F000000000ULL-0x39000000000ULL  MappingDesc::INVALID
    0x39000000000ULL-0x3A000000000ULL  MappingDesc::SHADOW
    0x3A000000000ULL-0x3B000000000ULL  MappingDesc::ORIGIN
    0x3B000000000ULL-0x3C000000000ULL  MappingDesc::APP
    0x3C000000000ULL-0x3D000000000ULL  MappingDesc::INVALID
    0x3D000000000ULL-0x3E000000000ULL  MappingDesc::SHADOW
    0x3E000000000ULL-0x3F000000000ULL  MappingDesc::ORIGIN
    0x3F000000000ULL-0x40000000000ULL  MappingDesc::APP

And although complex it provides a better memory utilization that
previous one.

[1] http://reviews.llvm.org/D13817

llvm-svn: 251625
2015-10-29 13:04:19 +00:00
Anna Zaks 7920eb0b1f Reapply: [asan] On OS X, log reports to syslog and os_trace
When ASan currently detects a bug, by default it will only print out the text
        of the report to stderr. This patch changes this behavior and writes the full
        text of the report to syslog before we terminate the process. It also calls
        os_trace (Activity Tracing available on OS X and iOS) with a message saying
        that the report is available in syslog. This is useful, because this message
        will be shown in the crash log.

        For this to work, the patch makes sure we store the full report into
        error_message_buffer unconditionally, and it also strips out ANSI escape
        sequences from the report (they are used when producing colored reports).

        I've initially tried to log to syslog during printing, which is done on Android
        right now. The advantage is that if we crash during error reporting or the
        produced error does not go through ScopedInErrorReport, we would still get a
        (partial) message in the syslog. However, that solution is very problematic on
        OS X. One issue is that the logging routine uses GCD, which may spawn a new
        thread on its behalf. In many cases, the reporting logic locks threadRegistry,
        which leads to deadlocks.

        Reviewed at http://reviews.llvm.org/D13452

        (In addition, add sanitizer_common_libcdep.cc to buildgo.sh to avoid
         build failures on Linux.)

llvm-svn: 251577
2015-10-28 23:18:44 +00:00
Evgeniy Stepanov d10e6280cb [asan] Disable a flaky test on Android.
Bug: https://github.com/google/sanitizers/issues/618
llvm-svn: 251554
2015-10-28 20:45:52 +00:00
Anna Zaks 55fbb6d7f5 Revert "[asan] On OS X, log reports to syslog and os_trace"
This reverts commit 251447.

(Which caused failures on a Linux bot.)

llvm-svn: 251467
2015-10-27 23:15:05 +00:00
Daniel Sanders 6c583b8b25 [mips][asan] XFAIL ptrace.cc
It was recently enabled for non-x86 targets and doesn't seem to work for MIPS.
The reason is currently unclear so XFAILing while I investigate.

llvm-svn: 251466
2015-10-27 23:13:26 +00:00
Anna Zaks 9a95c9a633 [asan] On OS X, log reports to syslog and os_trace
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.

For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).

I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.

Reviewed at http://reviews.llvm.org/D13452

llvm-svn: 251447
2015-10-27 20:13:01 +00:00
Daniel Sanders 171d6fa35d Attempt to fix asan's ptrace.cc on the clang-cmake-mips builder after r251331.
llvm-svn: 251379
2015-10-27 01:35:57 +00:00
Evgeniy Stepanov 12ffb42893 [msan] Yet another attempt to fix process_vm_readv test.
llvm-svn: 251372
2015-10-27 00:11:28 +00:00
Evgeniy Stepanov f0344626d2 [asan] Mark 5 tests unsupported on Android.
llvm-svn: 251362
2015-10-26 22:19:50 +00:00
Evgeniy Stepanov fb38728241 [asan] Fix throw-call-test to properly XFAIL on android/aarch64.
The test is sensitive to stack layout changes. Tweak it a bit to
expose the bug on aarch64 as well as on arm.

llvm-svn: 251361
2015-10-26 22:19:47 +00:00
Evgeniy Stepanov 798d4f0329 [asan] Switch back to BFD linker in asan/android tests.
We've switched to Gold earlier because of a minor misconfiguration
of the BFD linker in Android NDK. It turns out, Gold has much bigger
problems:

https://sourceware.org/bugzilla/show_bug.cgi?id=19163
(a bug is actually in the android runtime loader, but it means that
gold does not work with android L and even M).

Switching back to BFD and adding a workaround by explicitly linking
libm to all tests.

llvm-svn: 251360
2015-10-26 22:19:46 +00:00
Evgeniy Stepanov 9944209a0a [asan] Don't use asanwrapper in 64-bit android tests.
Asanwrapper is required on older android versions to work around undesired
linker behavior. It is not required on L and newer, and does not fully
support multiarch devices.

llvm-svn: 251359
2015-10-26 22:19:44 +00:00
Evgeniy Stepanov 1a1973b846 [msan] Fix process_vm_readv test.
The check for the glibc version was not working as expected (dlsym
was finding the interceptor instead of the libc implementation).

llvm-svn: 251345
2015-10-26 20:55:35 +00:00
Adhemerval Zanella 6153ecc4fd [compiler-rt] Fix ptrace interceptor for aarch64
This patch fixes the ptrace interceptor for aarch64. The PTRACE_GETREGSET
ptrace syscall with with invalid memory might zero the iovec::iov_base
field and then masking the subsequent check after the syscall (since it
will be 0 and it will not trigger an invalid access). The fix is to copy
the value on a local variable and use its value on the checks.

The patch also adds more coverage on the Linux/ptrace.cc testcase by addding
check for PTRACE_GETREGSET for both general and floating registers (aarch64
definitions added only).

llvm-svn: 251331
2015-10-26 18:55:04 +00:00
Adhemerval Zanella 871d324799 [compiler-rt] Enable ptrace sanitizer for arm
This patch enables the ptrace syscall interceptors for arm and adds support
for both PTRACE_GETVFPREGS and PTRACE_SETVFPREGS used to get the VFP register
from ARM.

The ptrace tests is also updated with arm and PTRACE_GETVFPREGS tests.

llvm-svn: 251321
2015-10-26 18:15:14 +00:00
Hal Finkel 9f42bf047c Fixup test/ubsan/TestCases/Misc/coverage-levels.cc, LLVM is smarter
Fixing up this test case because LLVM is smarter now, and can better analyze:

  if ((argc << shift) == 16)

in this test case.

llvm-svn: 251147
2015-10-23 20:37:51 +00:00
Evgeniy Stepanov 1e9aadba17 [msan] Re-submit test for process_vm_readv.
Includes a workaround for glibc < 2.15, which does not provide the
function under test.

llvm-svn: 251079
2015-10-23 00:00:22 +00:00
Evgeniy Stepanov 7b04acd28d [msan] Temporarily remove a failing test to fix the bot.
The test requires a newer glibc version that the one on the bot.

llvm-svn: 251077
2015-10-22 23:40:06 +00:00
Kostya Serebryany e3d25c3873 [sanitizer-coverage] introduce __sanitizer_get_total_unique_caller_callee_pairs
llvm-svn: 251071
2015-10-22 22:06:41 +00:00
Evgeniy Stepanov 0d933e0b27 [msan] Intercept process_vm_readv/writev.
llvm-svn: 251059
2015-10-22 20:35:42 +00:00
Yury Gribov 8da1408277 [asan] Get rid of UB in string tests. Patch by Max Ostapenko.
Differential revision: http://reviews.llvm.org/D13895

llvm-svn: 250998
2015-10-22 08:10:56 +00:00
Ivan Krasin cffe8caed3 Disabling speculative loads under asan.
Summary:
While instrumenting std::string with asan I discovered that speculative load might load data from poisoned region. Disabling all speculative loads for asan-annotated functions.

The test follows the std::string implementation.

Corresponding CL in llvm: http://reviews.llvm.org/D13264
Patch by Mike Aizatsky, the review page for the CL is http://reviews.llvm.org/D13265

Reviewers: aizatsky

Subscribers: kcc, llvm-commits

Differential Revision: http://reviews.llvm.org/D13905

llvm-svn: 250837
2015-10-20 17:34:47 +00:00
Evgeniy Stepanov 0b98b27677 [msan] Intercept mincore.
llvm-svn: 250761
2015-10-19 23:39:11 +00:00
Evgeniy Stepanov cc25301092 [msan] Intercept pthread_getcancel*.
llvm-svn: 250752
2015-10-19 23:00:13 +00:00
Evgeniy Stepanov c7ee62c561 [msan] Add __msan_copy_shadow interface function.
This can be used to annotate copies of memory that are not observed by MSan.

llvm-svn: 250124
2015-10-12 23:20:24 +00:00
Evgeniy Stepanov f4ebc08831 [asan] Zero initialize sem_t in sem_init.
Old version of sem_init (GLIBC_2.0) fails to initialize parts of
sem_t that are used in sem_timedwait. This is fixed in GLIBC_2.1,
but since ASan interceptors downgrade sem_* to the oldest available
version, this can introduce bugs that are only present in sanitized
build. Workaround by zero-initializing sem_t in sem_init.

llvm-svn: 250113
2015-10-12 21:32:30 +00:00
Filipe Cabecinhas 150def9787 [ubsan] Invoke test program using %run.
llvm-svn: 250063
2015-10-12 16:33:40 +00:00
Reid Kleckner 8da160173c Remove the XFAIL for the C++ EH test
It works on Windows now.

llvm-svn: 249799
2015-10-09 01:33:15 +00:00
Evgeniy Stepanov b688a47963 New MSan mapping layout (compiler-rt part).
This is an implementation of
https://github.com/google/sanitizers/issues/579

It has a number of advantages over the current mapping:
* Works for non-PIE executables.
* Does not require ASLR; as a consequence, debugging MSan programs in
  gdb no longer requires "set disable-randomization off".
* Supports linux kernels >=4.1.2.
* The code is marginally faster and smaller.

This is an ABI break. We never really promised ABI stability, but
this patch includes a courtesy escape hatch: a compile-time macro
that reverts back to the old mapping layout.

llvm-svn: 249754
2015-10-08 21:35:34 +00:00
Renato Golin 814e5caebc [LSAN] Mark death callback as unstable while we investigate the cause in AArch64
llvm-svn: 249398
2015-10-06 13:29:44 +00:00
Daniel Sanders bb9c116165 [asan][mips] Fix ABI incompatibility crash in pthread_create() following r248325.
Like i386, Mips needs a versioned interceptor but must select GLIBC_2.2.

llvm-svn: 249307
2015-10-05 12:43:47 +00:00
Evgeniy Stepanov 06e338b403 [asan] Disable pthread_create_version test on mips.
llvm-svn: 249191
2015-10-02 21:23:53 +00:00
Evgeniy Stepanov 25c58d124b [asan] Fix asan_symbolize.py handling of non-existing paths
llvm-svn: 248962
2015-09-30 23:17:39 +00:00
Ivan Krasin 97746d75bb CFI: add a test from base-to-derived cast from the base destructor.
Summary: This adds an interesting bad cast case, originally found in https://crbug.com/537398.

Reviewers: kcc

Subscribers: pcc

Differential Revision: http://reviews.llvm.org/D13307

llvm-svn: 248958
2015-09-30 23:08:55 +00:00
Evgeniy Stepanov 01e4c87a5a [msan] Disable allocator_mapping test on mips64 and aarch64.
llvm-svn: 248835
2015-09-29 22:24:57 +00:00
Alexey Samsonov 4133c18b1c [CFI] Make CFI tests require UBSan (for diagnostic mode).
CFI itself, on the other hand, doesn't require anything, including
sanitizer_common.

llvm-svn: 248830
2015-09-29 21:43:37 +00:00
Evgeniy Stepanov 7aba3960c7 [msan] Early allocator initialization.
Map MSan heap space early (in __msan_init) so that user code can not
accidentally (i.e. w/o MAP_FIXED) create a conflicting mapping.

llvm-svn: 248829
2015-09-29 21:28:54 +00:00
Renato Golin 9be32f6317 Add armhf as unstable runtime temporarily
llvm-svn: 248819
2015-09-29 18:35:55 +00:00
Dmitry Vyukov 2fe0efcc69 tsan: add test for issue #602
llvm-svn: 248522
2015-09-24 17:38:56 +00:00
Evgeniy Stepanov a7ecbe5685 [asan] Add missing -pthread in tests.
llvm-svn: 248332
2015-09-22 22:24:46 +00:00
Evgeniy Stepanov 9147de0ddf [asan] Versioned interceptor for pthread_create.
This fixes a crash in pthread_create on linux/i386 due to abi
incompatibility between intercepted and non-intercepted functions.

See the test case for more details.

llvm-svn: 248325
2015-09-22 21:34:44 +00:00
Renato Golin 7716df5b7d Disable final MSAN test in AArch64 to get the bots green
llvm-svn: 248014
2015-09-18 18:02:55 +00:00
Renato Golin 4610486e88 Disable one MSAN test in AArch64 until we have a proper fix
llvm-svn: 248008
2015-09-18 17:22:48 +00:00
Adhemerval Zanella dab7043d89 [compiler-rt] [sanitizer] Clean buildbot failures for aarch64
Currently aarch64 lacks instrumentation support for variadic arguments
for MSan.  This patch sets the UBSan tests that uses it as to require
stable-runtime and sets aarch64/ubsan as an unstable one.

llvm-svn: 247996
2015-09-18 15:48:32 +00:00
Evgeniy Stepanov 6e663a1e32 Revert "ubsan: Implement memory permission validation for vtables."
This reverts r247484 and two follow-up commits.
Breaks ppc and x86_64 sanitizer bots.

llvm-svn: 247921
2015-09-17 19:15:54 +00:00
Reid Kleckner 3e9d733e68 [Windows] xfail a test that uses C++ EH
llvm-svn: 247845
2015-09-16 20:32:22 +00:00
Adhemerval Zanella 19074450ee [MSan] Enable MSAN for aarch64
This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:

   00 0000 0000 - 40 0000 0000:  invalid
   40 0000 0000 - 43 0000 0000:  shadow
   43 0000 0000 - 46 0000 0000:  origin
   46 0000 0000 - 55 0000 0000:  invalid
   55 0000 0000 - 56 0000 0000:  app (low)
   56 0000 0000 - 70 0000 0000:  invalid
   70 0000 0000 - 80 0000 0000:  app (high)

And for 42-bit VMA:

   000 0000 0000 - 100 0000 0000:  invalid
   100 0000 0000 - 11b 0000 0000:  shadow
   11b 0000 0000 - 120 0000 0000:  invalid
   120 0000 0000 - 13b 0000 0000:  origin
   13b 0000 0000 - 2aa 0000 0000:  invalid
   2aa 0000 0000 - 2ab 0000 0000:  app (low)
   2ab 0000 0000 - 3f0 0000 0000:  invalid
   3f0 0000 0000 - 400 0000 0000:  app (high)

Most of tests are passing with exception of:

   * Linux/mallinfo.cc
   * chained_origin_limits.cc
   * dlerror.cc
   * param_tls_limit.cc
   * signal_stress_test.cc
   * nonnull-arg.cpp

The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'.  So a function prototype that
aims  to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects is an unused variable and generate wrong code.

The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).

The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.

Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.

All the failures are XFAIL for aarch64 for now.

llvm-svn: 247809
2015-09-16 15:12:25 +00:00
Naomi Musgrave 36597fa128 Explicit reference to bug highlighted by
test/msan/dtor-trivial.cpp. Runtime testing for poisoning
vtable pointer in dtor.

Summary: Runtime testing for vtable ptr poisoning in dtor.

Reviewers: eugenis, kcc

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D12713

Clean test case & comments.

Update tests for vptr poisoning order.

Simplify test to rely upon globals.

Assertions verify that vtable still accessible from dtors.

Testing linear inheritance and multiple inheritance for vtable poisoning.

Macros for testing expected failing functions.

Rename macros.

Removed xfail, modified FileCheck commands, to expect test to crash.

llvm-svn: 247763
2015-09-16 00:41:28 +00:00
Alexey Samsonov f23dee5408 [ASan] Add test for .preinit_array/.init_array/.fini_array sections.
llvm-svn: 247737
2015-09-15 23:06:17 +00:00
Peter Collingbourne dcba38a78b ubsan: Also disable vptr validation on powerpc64le.
llvm-svn: 247499
2015-09-12 05:24:44 +00:00