When running with start_deactivated=1 in ASAN_OPTIONS, heap redzones
are not poisoned until the first instrumented module is loaded. This
can cause false negatives even on memory allocated after activation,
because redzones are normally poisoned only once when a new allocator
region is mapped.
This change attempts to fix it by iterating over all existing
allocator chunks and poisoning their redzones.
llvm-svn: 281364
Summary:
Added a macro to enumerate the (error name, error member name) pairs. This way,
when adding an error, we only need to add the pair to one place (plus add its
implementation, or course).
Reviewers: kcc, samsonov
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23875
llvm-svn: 281237
Summary: As mentioned in D24394, I'm moving tid to ErrorBase, since basically all errors need it.
Also mentioned in the same review are other cleanups like adding const
to BufferedStackTrace and make sure constructor orders are consistent.
Reviewers: vitalybuka, kcc, eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D24455
llvm-svn: 281236
Summary:
This is important information when we want to describe errors, and should be
part of these descriptions. Otherwise, we need to know the access size when
printing/emitting the description.
Reviewers: kcc, eugenis, vitalybuka
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D24387
llvm-svn: 281093
Summary:
This is useful for inclusion in the Error* structures, to describe an
arbitrary address.
Remove the old struct since it's used only once. This removes one level of
indirection, and moves all *AddressDescription to be one of the recently
introduced structures.
This merges differential revisions: D24131 and D24132
Reviewers: kcc, eugenis, vitalybuka
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D24131
llvm-svn: 281090
r280885 added a testcase for handle_abort, which is broken on macOS, let’s add this support into sanitizer_mac.cc.
Differential Revision: https://reviews.llvm.org/D24344
llvm-svn: 280945
This patch adds a wrapper for call_once, which uses an already-compiled helper __call_once with an atomic release which is invisible to TSan. To avoid false positives, the interceptor performs an explicit atomic release in the callback wrapper.
Differential Revision: https://reviews.llvm.org/D24188
llvm-svn: 280920
Reset the SIGABRT signal handler before calling abort().
Also, change the error message when catching SIGABRT to say "ABRT"
instead of "SEGV".
llvm-svn: 280885
On Linux ARM, the syscall will take 3 arguments (start, end, flags). Ensure
that we do not pass garbage to the flags, which can cause the cacheflush call to
fail, and therefore cause an abort at runtime.
llvm-svn: 280877
Android-specific code in GetCurrentThread() does not handle the situation when there is no
ThreadContext for the current thread. This happens if the current thread is requested before the
main thread is added to the registry. 64-bit allocator does that to record map/unmap stats during
initialization.
llvm-svn: 280876
Normally, syslog() uses argv[0] for the log tag; bionic, however,
would crash in syslog() before libc constructor unless the log
tag is explicitly set with openlog().
llvm-svn: 280875
Summary:
A few small changes required to permit building the sanitizers
with Clang instead of only with MSVC.
Reviewers: compnerd, beanz, rnk
Subscribers: beanz, timurrrr, kubabrecka, dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D24092
llvm-svn: 280863
Since r279664 this test causes frequent failures of test runs for ppc64le and
occasional failures for ppc64be which makes buildbot results unreliable. If
the underlying problem is fixed it can be re-enabled.
llvm-svn: 280823
With this patch 10 out of 13 tests are passing.
Following is the list of failing tests:
struct-simple.cpp
workingset-signal-posix.cpp
mmap-shadow-conflict.c
Reviewed by bruening
Differential: D23799
llvm-svn: 280795
When optimizing, GCC optimizes away aggressively unused static globals.
The __asan_before_dynamic_init/__asan_after_dynamic_init calls are placed
in static constructor earlier while the registration of the globals is done
later in the compilation process. If all the globals with
dynamic initialization are optimized away from some particular TU in between
those two, libasan can fail on an assertion that dynamic_init_globals is
empty.
While I'm going to commit a GCC change which will remove the
__asan_before_dynamic_init/__asan_after_dynamic_init in many cases when this
happens (basically if the optimizers can prove there are no memory
references in between the two calls), there are still testcases where such
pair of calls is left, e.g. for
struct S { S () { asm volatile ("" : : : "memory"); } };
static S c;
int
main ()
{
return 0;
}
with -O2 -fsanitize=address and ASAN_OPTIONS=check_initialization_order=true
this still fails the assertion. Trying to avoid this problem on the
compiler side would decrease code quality I'm afraid, whether it is making
sure for -fsanitize=address we keep around at least one dynamically
initialized global if the
__asan_before_dynamic_init/__asan_after_dynamic_init pair has been emitted,
or adding some artificial global which would be used as the condition for
those calls etc.
So, can the assertion be instead just removed, this really shouldn't slow
down the calls measurably (for __asan_before_dynamic_init it is even
cheaper) and the assertion doesn't check something worthwhile anyway (it is
sufficient if there is a single dynamically initialized global in any other
TU to make it happy).
Details in http://gcc.gnu.org/PR77396
Author: Jakub Jelinek
llvm-svn: 280657
The atomic builtin source is problematic when cross-compiling builtins because it requires a variable and sometimes large set of system headers. This option allows users to optionally prevent it from being built.
llvm-svn: 280416
Summary:
@kcc: I know you've accepted the other revision, but since this is a
non-trivial change, I'm updating it to show why D24029 would help.
This commit sets up the infrastructure to use reified error
descriptions, and moves ReportStackOverflow to the new system.
After we convert all the errors, we'll be able to simplify ScopedInErrorReport
and remove the older debugging mechanism which had some errors partly reified
in some way. We'll be able to maintain the external API.
ScopedInErrorReport will be able to track one of the reified errors at a time.
The purpose of this is so we have its destructor actually print the error and
possibly interface with the debugger (will depend on the platform, of course).
Reviewers: kcc, samsonov, timurrrr
Subscribers: kcc, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D24030
llvm-svn: 280111
Summary:
This is needed so we can use it for D23672 on VS2013, since this VS
version doesn't support unrestricted unions, and doesn't allow us to
uses an object without a trivial default constructor inside a union.
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D24029
llvm-svn: 280110
Summary:
We are going to use store instructions to poison some allocas.
Runtime flag will require branching in instrumented code on every lifetime
intrinsic. We'd like to avoid that.
Reviewers: eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23967
llvm-svn: 279981
Summary:
This commit sets up the infrastructure to use reified error
descriptions, and moves ReportStackOverflow to the new system.
After we convert all the errors, we'll be able to simplify ScopedInErrorReport
and remove the older debugging mechanism which had some errors partly reified
in some way. We'll be able to maintain the external API.
ScopedInErrorReport will be able to track one of the reified errors at a time.
The purpose of this is so we have its destructor actually print the error and
possibly interface with the debugger (will depend on the platform, of course).
Reviewers: kcc, samsonov, timurrrr
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23672
llvm-svn: 279931
This patch builds on LLVM r279776.
In this patch I've done some cleanup and abstracted three common steps runtime components have in their CMakeLists files, and added a fourth.
The three steps I abstract are:
(1) Add a top-level target (i.e asan, msan, ...)
(2) Set the target properties for sorting files in IDE generators
(3) Make the compiler-rt target depend on the top-level target
The new step is to check if a command named "runtime_register_component" is defined, and to call it with the component name.
The runtime_register_component command is defined in llvm/runtimes/CMakeLists.txt, and presently just adds the component to a list of sub-components, which later gets used to generate target mappings.
With this patch a new workflow for runtimes builds is supported. The new workflow when building runtimes from the LLVM runtimes directory is:
> cmake [...]
> ninja runtimes-configure
> ninja asan
The "runtimes-configure" target builds all the dependencies for configuring the runtimes projects, and runs CMake on the runtimes projects. Running the runtimes CMake generates a list of targets to bind into the top-level CMake so subsequent build invocations will have access to some of Compiler-RT's targets through the top-level build.
Note: This patch does exclude some top-level targets from compiler-rt libraries because they either don't install files (sanitizer_common), or don't have a cooresponding `check` target (stats).
llvm-svn: 279863
Summary:
This commit sets up the infrastructure to use reified error
descriptions, and moves ReportStackOverflow to the new system.
After we convert all the errors, we'll be able to simplify ScopedInErrorReport
and remove the older debugging mechanism which had some errors partly reified
in some way. We'll be able to maintain the external API.
ScopedInErrorReport will be able to track one of the reified errors at a time.
The purpose of this is so we have its destructor actually print the error and
possibly interface with the debugger (will depend on the platform, of course).
Reviewers: kcc, samsonov, timurrrr
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23672
llvm-svn: 279862
Summary: This will allow for the sanitizers to be used when c++ abi is unavailable.
Reviewers: samsonov, beanz, pcc, rnk
Subscribers: llvm-commits, kubabrecka, compnerd, dberris
Differential Revision: https://reviews.llvm.org/D23376
llvm-svn: 279816
Depends on D21612 which implements the building blocks for the compiler-rt
implementation of the XRay runtime. We use a naive in-memory log of fixed-size
entries that get written out to a log file when the buffers are full, and when
the thread exits.
This implementation lays some foundations on to allowing for more complex XRay
records to be written to the log in subsequent changes. It also defines the format
that the function call accounting tool in D21987 will start building upon.
Once D21987 lands, we should be able to start defining more tests using that tool
once the function call accounting tool becomes part of the llvm distribution.
Reviewers: echristo, kcc, rnk, eugenis, majnemer, rSerge
Subscribers: sdardis, rSerge, dberris, tberghammer, danalbert, srhines, majnemer, llvm-commits, mehdi_amini
Differential Revision: https://reviews.llvm.org/D21982
llvm-svn: 279805
This patch adds 48-bits VMA support for msan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable.
Tested on 39 and 48-bit VMA kernels on aarch64.
llvm-svn: 279753
This patch adds 48-bits VMA support for msan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable. The
48-bits segments only cover the usual PIE/default segments plus some
more segments (262144GB total, 0.39% total VMA). Memory avaliability
can be increase by adding multiple application segments like 39 and
42 mapping (some mappings were added on this patch as well).
Tested on 39 and 48-bit VMA kernels on aarch64.
llvm-svn: 279752
Summary:
Since we can now build the builtins without a full toolchain these files should no longer be needed.
This is the last vestige of autoconf!
Reviewers: compnerd, iains, jroelofs
Subscribers: dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D23777
llvm-svn: 279539
Summary:
This does not actually fixes the test.
AddressSanitizer::OOB_char behavior is inconsistent but it somehow usually
works. On arm it runs more iterations than expected. And adding a new test with AddressSanitizerInterface prefix, even empty, somehow breaks OOB_char test.
So I will rename my test to make the bot green and will continue to investigate the test.
Reviewers: krasin
Subscribers: aemerson, rengolin, kubabrecka, llvm-commits, samparker
Differential Revision: https://reviews.llvm.org/D23790
llvm-svn: 279501
Summary: This fixes the omission of -fPIC when building the builtins.
Reviewers: compnerd, beanz
Subscribers: dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D23729
llvm-svn: 279469
Summary:
On apple targets, when SANITIZER_CAN_USE_CXXABI is false,
the ubsan cxxabi sources aren't built, since they're unused.
Do this on non-apple targets as well.
This fixes errors when linking sanitizers if c++ abi is
unavailable.
Reviewers: pcc, kubabrecka, beanz
Subscribers: rnk, llvm-commits, kubabrecka, compnerd, dberris
Differential Revision: https://reviews.llvm.org/D23638
llvm-svn: 279467
Introduce a new CMake option `COMPILER_RT_SANITIZERS_TO_BUILD` which takes
either a special token `all` (default) which will preserve the current behaviour
or a CMake list of sanitizers to build. It will still perform the normal checks
if the sanitizer is requested. It only permits a further means to exclude a
particular sanitizer. This gives finer grained control than
`COMPILER_RT_BUILD_SANITIZERS` which only gives an all or nothing control.
llvm-svn: 279253
Summary:
The Print() members might take optional access_size and bug_type
parameters to still be able to provide the same information
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23658
llvm-svn: 279237
When compiler-rt's CMake is not directly invoked, it will currently not call
project() and thus ASM will not be enabled.
We also don't need to put the .S files through the C compiler then.
Differential Revision: https://reviews.llvm.org/D23656
llvm-svn: 279215
Summary:
We are poisoning small allocas using store instruction from instrumented code.
For larger allocas we'd like to insert function calls instead of multiple stores.
PR27453
Reviewers: kcc, eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23616
llvm-svn: 279019
Summary: This value is never used.
Reviewers: kcc, eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23631
llvm-svn: 279010
Summary:
Replacement for part of D23518
This deals with global variable addresses.
(This commit is written on top of D23605, but can be applied by itself)
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23607
llvm-svn: 278959
Summary:
Replacement for part of D23518
This deals with stack addresses.
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23605
llvm-svn: 278958
Summary:
Replacement for part of D23518
This deals with heap addresses, and renames DescribeHeapAddress.
Requires D23520, which moves code around to make it accessible in asan_describers.cc (and still accessible in asan_report.cc if needed).
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23569
llvm-svn: 278917
Summary: This will allow for the sanitizers to be used when c++ abi is unavailable.
Reviewers: samsonov, beanz, pcc, rnk
Subscribers: llvm-commits, kubabrecka, compnerd, dberris
Differential Revision: https://reviews.llvm.org/D23376
llvm-svn: 278848
Clang added warning that taking the address of a packed struct member
possibly yields an unaligned pointer. This case is benign because
the pointer gets casted to an uptr and not used for unaligned accesses.
Add an intermediate cast to char* until this warning is improved (see
also https://reviews.llvm.org/D20561)
llvm-svn: 278835
Summary:
Replacement for part of D23518
Code refactoring to allow us to move some more DescribeAddressIf* functions to work by getting the structured information, and then printing it.
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23520
llvm-svn: 278820
Summary: This will allow for the sanitizers to be used when c++ abi is unavailable.
Reviewers: samsonov, beanz, pcc, rnk
Subscribers: llvm-commits, kubabrecka, compnerd, dberris
Differential Revision: https://reviews.llvm.org/D23376
llvm-svn: 278772
Summary: This will allow for the sanitizers to be used when c++ abi is unavailable.
Reviewers: samsonov, beanz, pcc, rnk
Subscribers: llvm-commits, kubabrecka, compnerd, dberris
Differential Revision: https://reviews.llvm.org/D23376
llvm-svn: 278764
Summary:
Replacement for part of D23518
This is the first patch to start reifying information about errors. It deals only with reifying shadow address-related information.
It will allow us to generate structures with all the relevant information for a given error so a debugger can get to them or they can be included in a core dump.
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23519
llvm-svn: 278718
This fixes a long-standing TODO by implementing a compiler check for supporting the _Atomic keyword. If the _Atomic keyword is supported by the compiler we should include it in the builtin library sources.
llvm-svn: 278454
With this change, the default behavior on error is to call abort()
instead of _exit(). This should help the OS to capture a tombstone of
the error.
RAM usage of the lit test suite goes up because of all the tombstone
gathering, so I'm limiting the parallelism of the test target.
Previously it was based on the number of the CPUs on the host
machine, which is definitely wrong.
llvm-svn: 278308
Current AArch64 {sig}{set,long}jmp interposing requires accessing glibc
private __pointer_chk_guard to get process xor mask to demangled the
internal {sig}jmp_buf function pointers.
It causes some packing issues, as described in gcc PR#71042 [1], and is
is not a godd practice to rely on a private glibc namespace (since ABI is
not meant to be stable).
This patch fixes it by changing how libtsan obtains the guarded pointer
value: at initialization a specific routine issues a setjmp call and
using the mangled function pointer and the original value derive the
random guarded pointer.
Checked on aarch64 39-bit VMA.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71042
llvm-svn: 278292
Summary:
While cross-compiling, a custom nm program may be required. This will also allow for the
use of llvm-nm if desired.
Reviewers: samsonov, beanz, compnerd, eugenis
Subscribers: kubabrecka, dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D23278
llvm-svn: 278187
The API is intended to be used by user to do fine
grained (per-region) control of profile dumping.
Differential Revision: http://reviews.llvm.org/D23106
llvm-svn: 278092
Summary:
Adds a new, generic, resizing hashtable data structure for use by esan
tools. No existing sanitizer hashtable is suitable for the use case for
most esan tools: we need non-fixed-size tables, parameterized keys and
payloads, and write access to payloads. The new hashtable uses either
simple internal or external mutex locking and supports custom hash and
comparision operators. The focus is on functionality, not performance, to
catalyze creation of a variety of tools. We can optimize the more
successful tools later.
Adds tests of the data structure.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D22681
llvm-svn: 278024
Summary:
We also add one test (and the XRay testing infrastructure) to exercise
the patching and unpatching code. This uses the XRay API exported
through the headers as well, installing a custom log handler.
Depends on D23101 for the updated emitted code alignment for the
return/entry sleds.
Reviewers: rSerge, echristo, rnk
Subscribers: tberghammer, danalbert, srhines, mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D23154
llvm-svn: 277971
Go back to intercepting kernel32!RaiseException, and only go for
ntdll!RtlRaiseException if that fails. Fixes throw_and_catch.cc test.
Work around an issue in LLVM's win64 epilogues. We end up with an
epilogue that looks like this, and it drives the Win64 unwinder crazy
until stack overflow:
call ill_cc!__asan_handle_no_return
xor eax,eax
add rsp,40h // epilogue starts
pop rbp // CSR
ud2 // Trap here
ret // Ret?
nop word ptr [rax+rax]
sub rsp,28h // Next function
Will file a PR soon.
llvm-svn: 277874
MSVC doesn't have an exact equivalent for __builtin_frame_address, but
_AddressOfReturnAddress() + sizeof(void*) should be equivalent for all
frames build with -fno-omit-frame-pointer.
llvm-svn: 277826
These are meant to only be included on certain targets. This only disables it
for Windows ARM for now. Ideally these would be conditionally included as
appropriate.
llvm-svn: 277777
Our Report implementation calls OutputDebugString, which calls
RtlRaiseException, which can re-enter back into the ASan runtime and
cause a hang.
Don't treat this special debugger-only exception code as a noreturn
event, since the stack won't really unwind all the way.
llvm-svn: 277763
Summary:
The sanitizer allocators can works with a dynamic address space
(i.e. specified with ~0ULL).
Unfortunately, the code was broken on GetMetadata and GetChunkIdx.
The current patch is moving the Win64 memory test to a dynamic
address space. There is a migration to move every concept to a
dynamic address space on windows.
To have a better coverage, the unittest are now testing
dynamic address space on other platforms too.
Reviewers: rnk, kcc
Subscribers: kubabrecka, dberris, llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23170
llvm-svn: 277745
We now stash and restore the xmm registers in the trampolines so that
log handlers don't need to worry about clobbering these registers.
In response to comments in D21612.
Reviewers: rSerge, eugenis, echristo, rnk
Subscribers: mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D23051
llvm-svn: 277683
Summary:
Respect the handle_sigill common flag and handle_segv flags while we're
at it.
We still handle signals/exceptions differently on Unix and Windows. The
installation process is tricky on Windows, and difficult to push down
into sanitizer_common without concerning it with the different
static/dynamic CRT models on Windows.
Reviewers: kcc, etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23098
llvm-svn: 277621
Summary:
This patch is fixing a broken unittest which make the win64 bot failing.
The bug was introduce here:
https://reviews.llvm.org/D23046
The interception code is not the same in 32-bit and in 64-bit.
The added unittest can only be patched on 32-bits.
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23099
llvm-svn: 277560
In r235779, Timur bumped the buffer size up to 1<<27, or about 134
million coverage points, presumably to handle Chrome. We allocate two
arrays of uptrs with this size, and this reliably exhausts all available
address space on 32-bit Windows (2 allocations of 512MB) when ASan is
also enabled.
Let's reduce the buffer size for now to stabilize the test suite. We can
re-evaluate the approach later when we've brought the Chrome ASan
builders back to life.
Kostya said that Mike reduced the number of instrumented coverage points
that LLVM emits by half since Timur made this change, so reducing this
array size should also be safe.
With this change, the 32-bit ASan tests reliably pass for me on Windows
10.
llvm-svn: 277558
Summary:
Currently, the Scudo Hardened Allocator only gets its flags via the SCUDO_OPTIONS environment variable.
With this patch, we offer the opportunity for programs to define their own options via __scudo_default_options() which behaves like __asan_default_options() (weak symbol).
A relevant test has been added as well, and the documentation updated accordingly.
I also used this patch as an opportunity to rename a few variables to comply with the LLVM naming scheme, and replaced a use of Report with dieWithMessage for consistency (and to avoid a callback).
Reviewers: llvm-commits, kcc
Differential Revision: https://reviews.llvm.org/D23018
llvm-svn: 277536
Summary:
These instructions where not supported on my win7 computer.
They were happening on strstr when building chrome unittests with asan.
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D23081
llvm-svn: 277519
Summary:
On my install of Windows 10, RaiseException is a tail call to
kernelbase!RaiseException. Obviously, we fail to intercept that.
Instead, try hooking at the ntdll!RtlRaiseException layer. It is
unlikely that this layer will contain control flow.
Intercepting at this level requires adding a decoding for
'LEA ESP, [ESP + 0xXXXXXXXX]', which is a really obscure way to write
'SUB ESP, 0xXXXXXXXX' that avoids clobbering EFLAGS.
Reviewers: etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23046
llvm-svn: 277518
Summary:
On Windows 10, this gets called after TLS has been torn down from NTDLL,
and we crash attempting to return fake_tsd. This interceptor isn't
needed after r242948 anyway, so let's remove it. The ASan runtime can
now tolerate unregistered threads calling __asan_handle_no_return.
Reviewers: vitalybuka, etienneb
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23044
llvm-svn: 277478
The system implementation of OSAtomicTestAndClear returns the original bit, but the TSan interceptor has a bug which always returns zero from the function. This patch fixes this and adds a test.
Differential Revision: https://reviews.llvm.org/D23061
llvm-svn: 277461
On Darwin, there are some apps that rely on realloc(nullptr, 0) returning a valid pointer. TSan currently returns nullptr in this case, let's fix it to avoid breaking binary compatibility.
Differential Revision: https://reviews.llvm.org/D22800
llvm-svn: 277458
We were getting warnings about how 'uint32_t*' is different from
'unsigned long*' even though they are effectively the same on Windows.
llvm-svn: 277363
Summary:
Due to a QoI issuse in FreeBSD's libcxxrt-based demangler, one sanitizer
symbolizer test consistently appears to fail:
Value of: DemangleSwiftAndCXX("foo")
Actual: "float"
Expected: "foo"
This is because libcxxrt's __cxa_demangle() incorrectly demangles the "foo"
identifier to "float". It should return an error instead.
For now, XFAIL this particular test for FreeBSD, until we can fix libcxxrt
properly (which might take some time to coordinate with upstream).
Reviewers: rnk, zaks.anna, emaste
Subscribers: emaste, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23001
llvm-svn: 277297
Summary:
On windows, an export can be redirected to an other DLL.
This patch is adding the required support to the internal
GetProcAddress implementation.
This case was encountered by instrumenting chromium (win 64-bits)
using this GN configuration:
```
is_component_build = true
is_debug = false
enable_nacl = false
is_clang = true
is_asan = true
clang_base_path = "d:\src\llvm\ninja64"
clang_use_chrome_plugins = false
clang_version = "4.0.0"
```
The operating system is win7 (x64).
Visual Studio: 2015 Professional
Reviewers: rnk
Subscribers: llvm-commits, chrisha
Differential Revision: https://reviews.llvm.org/D22880
llvm-svn: 277294
This patch adds 48-bits VMA support for tsan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable. This
limits the mapping mechanism because the PIE address bits
(usually 0aaaaXXXXXXXX) makes it harder to create a mask/xor value
to include all memory regions. I think it is possible to create a
large application VAM range by either dropping PIE support or tune
current range.
It also changes slight the way addresses are packed in SyncVar structure:
previously it assumes x86_64 as the maximum VMA range. Since ID is 14 bits
wide, shifting 48 bits should be ok.
Tested on x86_64, ppc64le and aarch64 (39 and 48 bits VMA).
llvm-svn: 277137
This addresses some comments from D21612, which contains the following changes:
- Update __xray_patch() and __xray_unpatch() API documentation to not imply asynchrony.
- Introduce a scope cleanup mechanism to make sure we can roll-back changes to the XRayPatching global atomic.
- Introduce a few more comments for potential extension points for other platforms (for the implementation details of patching and un-patching).
Reviewers: eugenis, rnk, kcc, echristo, majnemer
Subscribers: llvm-commits, mehdi_amini
Differential Revision: https://reviews.llvm.org/D22911
llvm-svn: 277124
Summary:
This patch is re-introducing the code to fix the
dynamic hooking on windows and to fix a compiler
warning on Apple.
Related patches:
* https://reviews.llvm.org/D22641
* https://reviews.llvm.org/D22610
* https://reviews.llvm.org/rL276311
* https://reviews.llvm.org/rL276490
Both architecture are using different techniques to
hook on library functions (memchr, strcpy,...).
On Apple, the function is not dynamically hooked and
the symbol always points to a valid function
(i.e. can't be null). The REAL macro returns the
symbol.
On windows, the function is dynamically patch and the
REAL(...) function may or may not be null. It depend
on whether or not the function was hooked correctly.
Also, on windows memcpy and memmove are the same.
```
#if !defined(__APPLE__)
[...]
# define REAL(x) __interception::PTR_TO_REAL(x)
# define ASSIGN_REAL(dst, src) REAL(dst) = REAL(src)
[...]
#else // __APPLE__
[...]
# define REAL(x) x
# define ASSIGN_REAL(x, y)
[...]
#endif // __APPLE__
Reviewers: rnk
Subscribers: kcc, hans, kubabrecka, llvm-commits, bruno, chrisha
Differential Revision: https://reviews.llvm.org/D22758
llvm-svn: 276885
When we delay signals we can deliver them when the signal
is blocked. This can be surprising to the program.
Intercept signal blocking functions merely to process
pending signals. As the result, at worst we will delay
a signal till return from the signal blocking function.
llvm-svn: 276876
The kernel on Nexus 5X returns error_code in ucontext which has
correct FSR_WRITE flag, but empty (zero) abort type field. Removing
the checks means that we will report all SEGVs as READ on very old
kernels, but will properly distinguish READ vs WRITE on moderately
old ones.
llvm-svn: 276803
This test attempts to allocate 100 512MB aligned pages of memory. This
is implemented in the usual way by allocating size + alignment bytes and
aligning the result. As a result, this test allocates 51.2GB of memory.
Windows allocates swap for all memory allocated, and our bots do not
have this much swap available.
Avoid the failure by using a more reasonable alignment, like 16MB, as we
do on 32-bit.
llvm-svn: 276779
This reverts commit r276333.
As I commented in the review (https://reviews.llvm.org/D22415), this change isn't needed because CMAKE_C_FLAGS is implicitly added by CMake to the command line for all C source files.
With this patch enabled CMAKE_C_FLAGS is duplicated on all C sources, and applied to ASM sources, which is not ideal.
I sent an email about this to llvm-commits on the commit thread. I suspect the problem the patch author was actually seeing is that CMAKE_C_FLAGS isn't applied to ASM files, and the builtins library has quite a few of those. The correct solution there is to specify CMAKE_ASM_FLAGS with whatever flags need to be passed to the compiler when compiling ASM files.
If there are other problems with flag propagation, please let me know.
llvm-svn: 276683
sanitizer_common_interceptors.inc:667:12: warning: address of function 'memchr' will always evaluate to 'true' [-Wpointer-bool-conversion]
if (REAL(memchr)) {
~~ ^~~~~~
llvm-svn: 276539
Add a %stdcxx11 lit substitution for -std=c++11. Windows defaults to
-std=c++14 when VS 2015 is used because the STL requires it. Harcoding
-std=c++11 in the ASan tests actually downgrades the C++ standard level,
leading to test failures.
Relax a FileCheck pattern in use-after-scope-types.cc.
Disable the sanitizer_common OOM tests. They fail on bots with low swap,
and cause other concurrently running tests to OOM.
llvm-svn: 276454
Summary:
Some instructions can only be copied if the relative offset is adjusted.
This patch adds support for two common instruction.
It's quite common to have a indirect load in the prologue
(loading the security cookie).
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22647
llvm-svn: 276336
Summary:
This patch fixes cross-architecture compilation,
by allowing flags like -target and --sysroot to be set for
architecture testing and compilation.
Reviewers: tberghammer, srhines, danalbert, beanz, compnerd
Subscribers: tberghammer, llvm-commits, danalbert
Differential Revision: https://reviews.llvm.org/D22415
llvm-svn: 276333
Summary:
This patch is fixing running interception unittests for memcpy/memmove on
windows 64.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22641
llvm-svn: 276324
Make kStderrFd a macro to avoid dynamic initialization of the
report_file global. This actually causes a crash at runtime, because
ASan initializes before static initializers run.
Remove an unused variable in asan_win.cc.
llvm-svn: 276314
Summary:
The memcpy and memmove functions are the same on windows.
The overlap detection logic is incorrect.
printf-1 test:
```
stdin>:2:114: note: possible intended match here
==877412==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x0000002bf2a8,0x0000002bf2ad) and [0x0000002bf2a9, 0x0000002bf2ae) overlap
``` ^
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22610
llvm-svn: 276299
Summary:
This is a fixed-up version of D21612, to address failure identified post-commit.
Original commit description:
This patch implements the initialisation and patching routines for the XRay runtime, along with the necessary trampolines for function entry/exit handling. For now we only define the basic hooks for allowing an implementation to define a handler that gets run on function entry/exit. We expose a minimal API for controlling the behaviour of the runtime (patching, cleanup, and setting the handler to invoke when instrumenting).
Fixes include:
- Gating XRay build to only Linux x86_64 and with the right dependencies in case it is the only library being built
- Including <cstddef> to fix std::size_t issue
Reviewers: kcc, rnk, echristo
Subscribers: mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D22611
llvm-svn: 276251
Summary:
By adding the initialisation of the symbolisation library (DbgHelp)
we are swapping the order in which both warnings are produced.
We can't use CHECK-NEXT as the dbghelp warning is multiline.
Reviewers: rnk
Subscribers: kubabrecka, llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22586
llvm-svn: 276228
and also the follow-up "[xray] Only build xray on Linux for now"
Two build errors were reported on the llvm-commits list:
[ 88%] Building CXX object lib/xray/CMakeFiles/clang_rt.xray-x86_64.dir/xray_flags.cc.o
/mnt/b/sanitizer-buildbot1/sanitizer-x86_64-linux/build/llvm/projects/compiler-rt/lib/xray/xray_init.cc:23:10: fatal error: 'llvm/Support/ELF.h' file not found
#include "llvm/Support/ELF.h"
^
and
In file included from /w/src/llvm.org/projects/compiler-rt/lib/xray/xray_interface.cc:16:
/w/src/llvm.org/projects/compiler-rt/lib/xray/xray_interface_internal.h:36:8: error:
no type named 'size_t' in namespace 'std'
std::size_t Entries;
~~~~~^
llvm-svn: 276186
Should fix the Windows buildbots, and maybe some other non-Linux Unix
bots too.
XRay currently depends on sanitizer_common, so associate it with the
"build sanitizers" option and remove the option for separately
controlling the XRay build.
llvm-svn: 276124
Summary:
This patch implements the initialisation and patching routines for the XRay runtime, along with the necessary trampolines for function entry/exit handling. For now we only define the basic hooks for allowing an implementation to define a handler that gets run on function entry/exit. We expose a minimal API for controlling the behaviour of the runtime (patching, cleanup, and setting the handler to invoke when instrumenting).
Depends on D19904
Reviewers: echristo, kcc, rnk
Subscribers: rnk, mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D21612
llvm-svn: 276117
Currently fails as:
gotsan.cc: In function 'void* __sanitizer::__libc_memalign(__sanitizer::uptr, __sanitizer::uptr)':
gotsan.cc:6194:50: error: 'posix_memalign' was not declared in this scope
uptr error = posix_memalign(&p, alignment, size);
Windows does not provide posix_memalign.
llvm-svn: 276107
Summary: This flag could be used to disable check in runtime.
Subscribers: kubabrecka
Differential Revision: https://reviews.llvm.org/D22495
llvm-svn: 276004
Adds a new esan public interface routine __esan_get_sample_count() and uses
it to ensure that tests of sampling receive the minimum number of samples.
llvm-svn: 275948
Fixes an esan sideline thread CHECK that failed to account for the sideline
thread reaching its code before the internal_clone() return value was
assigned in the parent.
llvm-svn: 275946
Summary:
Indirect load are relative offset from RIP.
The current trampoline implementation is incorrectly
copying these instructions which make some unittests
crashing.
This patch is not fixing the unittests but it's fixing
the crashes. The functions are no longer hooked.
Patches will come soon to fix these unittests.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22410
llvm-svn: 275892
Summary:
The trampoline allocation limits the memory scanning to 1 gig.
There is an unittest that is allocating a large object which make
it impossible to the trampoline allocator to find a free spot.
see shadow_mapping_failures:
```
char bigchunk[1 << 30];
```
This patch is not fixing the unittest but it's fixing it's infinite
loop behavior.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22471
llvm-svn: 275887
This patch adds 48-bits VMA support for asan on aarch64. The current
47-bit mask is not suffice since on aarch64 kernel with 48-bit vma
(default on ubuntu 16.04) the process may use full VMA range as:
[...]
ffffa39a7000-ffffa39a8000 r--p 00000000 00:00 0 [vvar]
ffffa39a8000-ffffa39a9000 r-xp 00000000 00:00 0 [vdso]
ffffa39a9000-ffffa39aa000 r--p 0001c000 08:02 13631554 /lib/aarch64-linux-gnu/ld-2.23.so
ffffa39aa000-ffffa39ac000 rw-p 0001d000 08:02 13631554 /lib/aarch64-linux-gnu/ld-2.23.so
ffffc2227000-ffffc2248000 rw-p 00000000 00:00 0 [stack]
llvm-svn: 275792
Summary:
This is adding the appropriate suport for exception handling for
64-bits ASAN on windows.
Reviewers: rnk
Subscribers: kubabrecka, llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22395
llvm-svn: 275585
Summary:
Indirect load are relative offset from RIP.
The current trampoline implementation is incorrectly
copying these instructions which make some unittests
crashing.
This patch is not fixing the unittests but it's fixing
the crashes. The functions are no longer hooked.
Patches will come soon to fix these unittests.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22410
llvm-svn: 275584
c:\lipo\work\asan\b_llvm>c:\lipo\work\asan\b_llvm\projects\compiler-rt\test\asan\X86_64WindowsConfig\TestCases\Output\null_deref.cc.tmp
=================================================================
==5488==ERROR: AddressSanitizer: access-violation on unknown address 0x000000000028 (pc 0x7ff701f91067 bp 0x000c8cf8fbf0 sp 0x000c8cf8fbb0 T0)
==5488==The signal is caused by a READ memory access.
==5488==Hint: address points to the zero page.
#0 0x7ff701f91066 in NullDeref(int *) C:\lipo\work\asan\llvm\projects\compiler-rt\test\asan\TestCases\null_deref.cc:15:10
#1 0x8a0388830a67 (<unknown module>)
The reason was symbols was not initilized. In fact, it was first inited
with a call to stack.Print(), which calls
WinSymbolizerTool::SymbolizePC, then InitializeDbgHelpIfNeeded().
Since the StackWalk was performed before the stack.Print(), stack frames
where not gathered correctly.
There should be a better place to initialize symbols. For now, this
patch makes the test happy.
Patch by Wei Wang
Differential Revision: https://reviews.llvm.org/D22410
llvm-svn: 275580
There is not enough padding in front of memchr(), and, the first 6 bytes
contains a branch instruction. Basically the current interception will
not work on memchr().
It was disabled before, but was missing the part to disable it for
INTERCEPT_LIBRARY_FUNCTION.
Patch by Wei Wang
Differential Revision: https://reviews.llvm.org/D22371
llvm-svn: 275494
Summary:
These patterns are encounter when using instrumented DLL.
Without this patch, asan lit test are crashing when trying to hook
on RaiseException function.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22340
llvm-svn: 275489
Summary:
The function wcslen is incorrectly hooked on windows 64-bits.
The interception library is not able to hook without breaking the code.
The function is too small and the interception must be done with
trampoline-hooking which turned out to be incorrect on a small
loop (first few instructions have a backedge).
Reviewers: rnk
Subscribers: wang0109, chrisha, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D22363
llvm-svn: 275488
Summary:
This aims to add support for __cpu_model and address Bug 25510. It uses
the code from lib/Support/Host.cpp for cpu detection, and creates
__cpu_model with that info.
Tested on OSX and built on Linux as well (though libgcc is the default).
The use of "asm" required -std=gnu99, hence the cmake change. Corrections
on better addressing this are welcome.
Previously reverted, up for review again to iron out outstanding issues.
Reviewers: llvm-commits, joerg, echristo, mehdi_amini
Subscribers: mehdi_amini
Differential Revision: http://reviews.llvm.org/D22181
llvm-svn: 275484
Use unified syntax for builtins/arm/aeabi_mem*.S.
This makes these files consistent with the others.
This fixes a problem on the linker, which can fail with the message
"relocation truncated to fit: R_ARM_THM_JUMP11 against symbol"
Patch by Kor Nielsen.
llvm-svn: 275264
The thread registry test was failing to allocate 25 threads with stack
size 134MB, which is pretty reasonable.
Also print the error code in our pthread wrappers in case this happens
again.
llvm-svn: 275209
mov edi,edi is _not_ NOP in 64-bit, use 66,90h instead.
This bug was causing interception unittest to crash on
Windows64 (windows 8 and windows 10).
Credits to etienneb for finding the root cause.
Patch by: Wei Wang
Differential Revision: http://reviews.llvm.org/D22274
llvm-svn: 275207
Summary:
The unittest is not working on windows. The "regexp.h" is not available and
gtest-port won't support regexp with operator '|'.
The test wasn't failing on 32-bits because of this check:
```
if (SANITIZER_WORDSIZE != 64 || ASAN_AVOID_EXPENSIVE_TESTS) return;
```
```
[ RUN ] AddressSanitizer.HugeMallocTest
C:/src/llvm/llvm/utils/unittest/googletest\src/gtest-port.cc(272): error: Failed
Syntax error at index 30 in simple regular expression "is located 1 bytes to the left|AddressSanitizer failed to allocate": '|' is unsupported.
C:/src/llvm/llvm/projects/compiler-rt/lib/asan/tests/asan_test.cc(308): error: Death test: Ident((char*)malloc(n_megs << 20))[-1] = 0
Result: died but not with expected error.
Expected: is located 1 bytes to the left|AddressSanitizer failed to allocate
```
See gtest-port.h:
```
#elif GTEST_OS_WINDOWS
// <regex.h> is not available on Windows. Use our own simple regex
// implementation instead.
# define GTEST_USES_SIMPLE_RE 1
```
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: http://reviews.llvm.org/D22257
llvm-svn: 275181
Summary:
Many CRT (64-bits) functions contains a "hint-nop". The current padding
detection is not able to recognize the 10-bytes padding and the HotPatch
hooking technique cannot be used.
Other patterns may be discover and may be added later.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: http://reviews.llvm.org/D22258
llvm-svn: 275180
Summary:
This is a cleanup and refactoring of the interception code on windows
Enhancement:
* Adding the support for 64-bits code
* Adding several hooking technique:
* Detour
* JumpRedirect
* HotPatch
* Trampoline
* Adding a trampoline memory pool (64-bits) and release the allocated memory in unittests
Cleanup:
* Adding unittests for 64-bits hooking techniques
* Enhancing the RoundUpInstruction by sharing common decoder
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: http://reviews.llvm.org/D22111
llvm-svn: 275123
Summary:
This patch is a refactoring of the way cmake 'targets' are grouped.
It won't affect non-UI cmake-generators.
Clang/LLVM are using a structured way to group targets which ease
navigation through Visual Studio UI. The Compiler-RT projects
differ from the way Clang/LLVM are grouping targets.
This patch doesn't contain behavior changes.
Reviewers: kubabrecka, rnk
Subscribers: wang0109, llvm-commits, kubabrecka, chrisha
Differential Revision: http://reviews.llvm.org/D21952
llvm-svn: 275111
Memory will be committed on demand when exception happens while accessing
shadow memeory region.
Patch by: Wei Wang
Differential Revision: http://reviews.llvm.org/D21942
llvm-svn: 275107
[asan] Fix unittest Asan-x86_64-inline-Test crashing on Windows64
REAL(memcpy) was used in several places in Asan, while REAL(memmove) was not used.
This CL chooses to patch memcpy() first, solving the crash for unittest.
The crash looks like this:
projects\compiler-rt\lib\asan\tests\default\Asan-x86_64-inline-Test.exe
=================================================================
==22680==ERROR: AddressSanitizer: access-violation on unknown address 0x000000000000 (pc 0x000000000000 bp 0x0029d555f590 sp 0x0029d555f438 T0)
==22680==Hint: pc points to the zero page.
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: access-violation (<unknown module>)
==22680==ABORTING
Patch by: Wei Wang
Differential Revision: http://reviews.llvm.org/D22232
llvm-svn: 275098
This patch adds interceptors for dispatch_io_*, dispatch_read and dispatch_write functions. This avoids false positives when using GCD IO. Adding several test cases.
Differential Revision: http://reviews.llvm.org/D21889
llvm-svn: 275071
Summary:
Adds a new public interface routine __esan_report() which can be used to
request profiling results prior to abnormal termination (e.g., for a server
process killed by its parent where the normal exit does not allow for
normal result reporting).
Implements this for the working-set tool. The cache frag tool is left
unimplemented as it requires missing iteration capabilities.
Adds a new test.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D22098
llvm-svn: 274964
Summary:
This aims to add support for __cpu_model and address Bug 25510. It uses
the code from lib/Support/Host.cpp for cpu detection, and creates
__cpu_model with that info.
Tested on OSX, it builts successfully, but the current version does
*not* resolve Bug 25510. The __cpu_model symbol is present in the
library but it only gets loaded with -all_load. This patch will not land
until this issue is clarified.
Built on Linux as well (though libgcc is the default). The use of "asm"
required -std=gnu99, hence the cmake change. Corrections on better
addressing this are welcome.
Note: See additional comments on D20988 (committed as r271921).
Reviewers: llvm-commits, joerg, echristo, mehdi_amini
Subscribers: mehdi_amini
Differential revision: http://reviews.llvm.org/D21033
llvm-svn: 274873
Evgeniy Stepanov