A flexible way of describing MSan memory layout details on various
platforms. No significant functional changes, but the memory layout
description that you get at verbosity=1 looks slightly different.
This change includes stronger sanity checks than before.
The goal of this change is to allow more than 2 application memory
ranges for https://code.google.com/p/memory-sanitizer/issues/detail?id=76.
llvm-svn: 227192
The idea is to ensure that the ASan runtime gets initialized early (i.e.
before other initializers/constructors) even when DYLD_INSERT_LIBRARIES
is not used. In that case, the interceptors are not installed (on OS X,
DYLD_INSERT_LIBRARIES is required for interceptors to work), and therefore
ASan gets currently initialized quite late -- from the main executable's
module initializer. The following issues are a consequence of this:
https://code.google.com/p/address-sanitizer/issues/detail?id=363https://code.google.com/p/address-sanitizer/issues/detail?id=357
Both of them are fixed with this patch.
Reviewed at http://reviews.llvm.org/D7117
llvm-svn: 226929
The interceptor of ioctl is using a non-standard prototype:
INTERCEPTOR(int, ioctl, int d, unsigned request, void *arg)
At least on OS X, the request argument should be unsigned long and not
just unsigned, and also instead of the last argument (arg), the function
should be accepting a variable number of arguments, so the prototype
should be:
int ioctl(int fildes, unsigned long request, ...);
We can still keep using `unsigned` internally to save space, because we
know that all possible values of `request` will fit into it.
Reviewed at http://reviews.llvm.org/D7038
llvm-svn: 226926
This patch is a proposed solution for https://code.google.com/p/address-sanitizer/issues/detail?id=375:
When the stacktraces are captured and printed by ASan itself, they are fine, but when the program has already printed the report (or is just printing it), capturing a stacktrace via other means is broken. "Other means" include OS X CrashReporter, debuggers or calling backtrace() within the program. For example calling backtrace() from a sanitizer_set_death_callback function prints a very truncated stacktrace.
Reviewed at http://reviews.llvm.org/D7103
llvm-svn: 226878
By attaching an extra integer tag to heap origins, we are able
to distinguish between uninits
- created by heap allocation,
- created by heap deallocation (i.e. use-after-free),
- created by __msan_allocated_memory call,
- etc.
See https://code.google.com/p/memory-sanitizer/issues/detail?id=35.
llvm-svn: 226821
Fixes 2 issues in origins arising from realloc() calls:
* In the in-place grow case origin for the new memory is not set at all.
* In the copy-realloc case __msan_memcpy is used, which unwinds stack from
inside the MSan runtime. This does not generally work (as we may be built
w/o frame pointers), and produces "bad" stack trace anyway, with several
uninteresting (internal) frames on top.
This change also makes realloc() honor "zeroise" and "poison_in_malloc" flags.
See https://code.google.com/p/memory-sanitizer/issues/detail?id=73.
llvm-svn: 226674
MemoryAccess function consumes ~4K of stack in debug mode,
in significant part due to the unrolled loop.
And gtest gives only 4K of stack to death test
threads, which causes stack overflows in debug mode.
llvm-svn: 226644
aarch64-linux kernel has configurable 39, 42 or 47 bit virtual address
space. Most distros AFAIK use 42-bit VA right now, but there are also
39-bit VA users too. The ppc64 handling can be used for this just fine
and support all the 3 sizes.
There are other issues, like allocator32 not really being able to support
the larger addres spaces, and hardcoded 39-bit address space size in other
macros.
Patch by Jakub Jelinek.
llvm-svn: 226639
glibc recently changed ABI on aarch64-linux:
https://sourceware.org/git/?p=glibc.git;a=commit;h=5c40c3bab2fddaca8cfe12d75944d1fef8adf1a4
Instead of having unsigned short mode; unsigned short __pad1; it now has
unsigned int mode; field in ipc_perm structure.
This patch allows to build against the recent glibc and disables the
ipc_perm.mode verification for older versions of glibc.
I think it shouldn't be a big deal even for older glibcs, I couldn't find
any place which would actually care about the exact mode field, rather than
the whole structure, appart from the CHECK_SIZE_AND_OFFSET macro.
Patch by Jakub Jelinek
llvm-svn: 226637
Use synci implementation of clear_cache for short address ranges.
For long address ranges, make a kernel call.
Differential Revision: http://reviews.llvm.org/D6661
llvm-svn: 226567
TSAN_SHADOW_COUNT is defined to 4 in all environments.
Other values of TSAN_SHADOW_COUNT were never tested and
were broken by recent changes to shadow mapping.
Remove it as there is no reason to fix nor maintain it.
llvm-svn: 226466
InternalAlloc is quite complex and its behavior may depend on the values of
flags. As such, it should not be used while parsing flags.
Sadly, LowLevelAlloc does not support deallocation of memory.
llvm-svn: 226453
Setting the maximum read size in FlagHandlerInclude to 2^15 might be a good
default, but causes the read to fail on systems with a page size larger than
that (ReadFileToBuffer(...) will fail if the maximum allowed size is less than
the value returned by GetPageSizeCached()). For example, on my PPC64/Linux
system, GetPageSizeCached() returns 2^16. In case the page size is larger, use
that instead.
llvm-svn: 226368
Debugging a missing profile is a bit painful right now. We can make
people's lives a bit easier by adding a knob to enable printing a
helpful error message for such failures.
llvm-svn: 226312
The new parser is a lot stricter about syntax, reports unrecognized
flags, and will make it easier to implemented some of the planned features.
llvm-svn: 226169
Use unwind.h to get the declarations for unwinding interfaces. This header is
already provided by clang and gcc, so this adds no additional dependencies for
building the builtins library. It avoids the duplication which may drift over
time though.
llvm-svn: 225990
pc_fd was not initialized to (-1) on some code paths, resulting in the program
erroneously closing stdin when reinitializing coverage.
llvm-svn: 225637
This mirrors r225239 to all the rest sanitizers:
ASan, DFSan, LSan, MSan, TSan, UBSan.
Now the runtime flag type, name, default value and
description is located in the single place in the
.inc file.
llvm-svn: 225327
Summary:
Introduce a single place where we specify flag type, name, default
value, and description. This removes a large amount of boilerplate
and ensures we won't leave flags uninitialized.
Test Plan: regression test suite
Reviewers: kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6851
llvm-svn: 225239
Fix test failures by introducing CommonFlags::CopyFrom() to make sure
compiler doesn't insert memcpy() calls into runtime code.
Original commit message:
Protect CommonFlags singleton by adding const qualifier to
common_flags() accessor. The only ways to modify the flags are
SetCommonFlagsDefaults(), ParseCommonFlagsFromString() and
OverrideCommonFlags() functions, which are only supposed to be
called during initialization.
llvm-svn: 225088
We've got some internal users that either aren't compatible with this or
have found a bug with it. Either way, this is an isolated cleanup and so
I'm reverting it to un-block folks while we investigate. Alexey and
I will be working on fixing everything up so this can be re-committed
soon. Sorry for the noise and any inconvenience.
llvm-svn: 225079
This reverts commit r221445. This change leads to false positives
reports from -fsanitize=vptr. See original commit thread for more
details.
llvm-svn: 224972
The change in r224819 started using internal_unlink in a sanitizer_common unit test. For some reason, internal_unlink is not defined in sanitizer_mac.cc, fixing that.
llvm-svn: 224910
This increases the limit from 4M locations to 16M, reserving
64Mb virtual memory. Chrome has >5M unique coverage locations with coverage=3.
llvm-svn: 224855
This is a re-commit of r224838 + r224839, previously reverted in r224850.
Test failures were likely (still can not reproduce) caused by two lit tests
using the same name for an intermediate build target.
llvm-svn: 224853
The current code leaves the first event in the trace part uninitialized
(from the previous thread). It can cause unpredictable behavior
during stack/mutexset restoration.
Initialize the first event to a fake harmless memory access.
llvm-svn: 224834
This is mostly useful for testing, as the only other way of specifying
activation options (Android system property) is system-wide and affects
concurrently running tests.
llvm-svn: 224824
Summary:
Protect CommonFlags singleton by adding const qualifier to
common_flags() accessor. The only ways to modify the flags are
SetCommonFlagsDefaults(), ParseCommonFlagsFromString() and
OverrideCommonFlags() functions, which are only supposed to be
called during initialization.
Test Plan: regression test suite
Reviewers: kcc, eugenis, glider
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6741
llvm-svn: 224736
As mentioned in
https://code.google.com/p/address-sanitizer/issues/detail?id=365, when the
re-exec that adds the required DYLD_INSERT_LIBRARIES variable fails, ASan
currently continues to run, but things are broken (some memory can be
overwritten, interceptors don't work, ...). This patch aborts if the execv()
fails and prints an error message that DYLD_INSERT_LIBRARIES is required. It
also removes the "alllow_reexec" flag, since using it causes the same issues.
Reviewed at http://reviews.llvm.org/D6752
llvm-svn: 224712
NULL handler
Per
https://developer.apple.com/library/mac/documentation/Performance/Reference/GCD_libdispatch_Ref/index.html,
the dispatch_source_set_cancel_handler() API *can* be called with a NULL
handler. In that case, the libdispatch removes an already existing cancellation
handler, if there was one. ASan's interceptor always creates a new block that
always tries to call the original handler. In case the original block is NULL,
a segmentation fault happens. Let's fix that by not wrapping a NULL-block at
all.
It looks like all the other libdispatch APIs (which we intercept) do *not*
allow NULL. So it's really only the dispatch_source_set_cancel_handler one that
needs this fix.
Reviewed at http://reviews.llvm.org/D6747
llvm-svn: 224711
Add CommonFlags::SetDefaults() and CommonFlags::ParseFromString(),
so that this object can be easily tested. Enforce
that ParseCommonFlagsFromString() and SetCommonFlagsDefaults()
work only with singleton CommonFlags, shared across all sanitizer
runtimes.
llvm-svn: 224617
Now ASan deactivation doesn't modify common or ASan-specific runtime
flags. Flags stay constant after initialization, and "deactivation"
instead stashes initialized runtime state, and deactivates the
runtime. Activation then just restores the original state (possibly,
overriden by some activation flags provided in system property on
Android).
llvm-svn: 224614
Summary:
Reduce the dependency of allocator code on runtime flags. Instead,
pass a bunch of options that configure allocator behavior at
initialization or re-initialization. That would allow us to
cleaner modify allocator behavior during a program execution
when ASan is activated or de-activated.
Test Plan: regression test suite
Reviewers: kcc
Subscribers: llvm-commits, eugenis
Differential Revision: http://reviews.llvm.org/D6711
llvm-svn: 224605
Summary:
Change the way ASan flag parsing is performed at activation: instead
of overwriting all ASan and common flags from the activation string,
ASan will now only override a handful of whitelisted flags.
This is a first step towards making runtime flags immutable after
initialization. I plan to re-factor the activation stragegy to
the following one:
- Parse commandline flags. Override the defaults from compile
definition, env var, etc. Flags are immutable at this point.
- Initiailize the runtime from commandline flags.
- If ASan needs to be started deactivated, stash the runtime
state in "asan_deactivated_flags" and deactivate the runtime.
- When ASan is activated, override "asan_deactivated_flags" with
activation flags, and use it to re-activate the runtime.
Test Plan: regression test suite
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6709
llvm-svn: 224601
clang does not like the definition of builtins. In order to work around this,
we use a SUN CC to redefine the generated name. However, this requires that we
account for the user label prefix. Rather than hard coding that into the file,
rely on the compiler to tell us the information and use the preprocessor to
generate the name as we do in the assembly routines. NFC.
llvm-svn: 224597
signal handler reads sa_sigaction when a concurrent sigaction call can modify it
as the result in could try to call SIG_DFL or a partially overwritten function pointer
llvm-svn: 224530
Summary:
The numbers in /proc/self/statm are in pages, not in fixed 4k units.
This fixes Linux/hard_rss_limit_mb_test.cc on my PowerPC64 box which
has 64k pages.
Reviewers: kcc, willschm
Reviewed By: willschm
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6717
llvm-svn: 224522
tctx==NULL crash observed during deadlock reporting.
There seems to be some bugs in the deadlock detector,
but it is still useful to be more robust during reporting.
llvm-svn: 224508
This commit changes the strategy for building shared ASan runtime
and the way we test it:
- COMPILER_RT_BUILD_SHARED_ASAN CMake option is removed. We now
always build shared ASan runtime (it is the default on Android,
Windows and Mac, and not the default on Linux and FreeBSD).
- Platforms, which use static runtime by default now have
"check-asan-dynamic" testsuite. This testsuite contains instrumented
unit tests, and ASan lit tests, and runs them with shared ASan
runtime. This testsuite is *not* a part of "check-asan" and
*not* a part of "check-all", as adding 1000 more test cases, which
duplicate existing ones is costly. However, you're welcome to
add this command to your buildbot.
llvm-svn: 224470
Evgeniy Stepanov