Meta shadow is compressing and we don't flush it,
so it makes sense to mark it as NOHUGEPAGE to not over-allocate memory.
On one program it reduces memory consumption from 5GB to 2.5GB.
llvm-svn: 240028
This change makes cmake fail to even run on Darwin with errors
evaluating "$<TARGET_OBJECTS:RTInterception.x86_64>".
This reverts r239955
llvm-svn: 239985
This patch adds runtime support for the Safe Stack protection to compiler-rt
(see http://reviews.llvm.org/D6094 for the detailed description of the
Safe Stack).
This patch is our implementation of the safe stack on top of compiler-rt. The
patch adds basic runtime support for the safe stack to compiler-rt that
manages unsafe stack allocation/deallocation for each thread.
Original patch by Volodymyr Kuznetsov and others at the Dependable Systems
Lab at EPFL; updates and upstreaming by myself.
Differential Revision: http://reviews.llvm.org/D6096
llvm-svn: 239763
Summary:
This commit adds symbolize_vs_style=false to every instance of
ASAN_OPTIONS in the asan tests and sets
ASAN_OPTIONS=symbolize_vs_style=false in lit, for tests which don't set
it.
This way we don't need to make the tests be able to deal with both
symbolize styles.
This is the first patch in the series. I will eventually submit for the
other sanitizers too.
We need this change (or another way to deal with the different outputs) in
order to be able to default to symbolize_vs_style=true on some platforms.
Adding to this change, I'm also adding "env " before any command line
which sets environment variables. That way the test works on other host
shells, like we have if the host is running Windows.
Reviewers: samsonov, kcc, rnk
Subscribers: tberghammer, llvm-commits
Differential Revision: http://reviews.llvm.org/D10294
llvm-svn: 239754
Like we do for the various __*tf* tests, check that long double is the
128bit type we expect directly in the header. The latter is now used by
unrelated tests (__*hf* since r237161), and those tests will break for
no reason if uint128_t doesn't exist, and long double isn't fp128.
llvm-svn: 239630
Summary:
This change takes darwin-specific goop that was scattered around CMakeLists files and spread between add_compiler_rt_object_library and add_compiler_rt_darwin_object_library and moves it all under add_compiler_rt_object_library.
The goal of this is to try to push platform handling as low in the utility functions as possible.
Reviewers: rnk, samsonov
Reviewed By: rnk, samsonov
Subscribers: rnk, rsmith, llvm-commits
Differential Revision: http://reviews.llvm.org/D10250
llvm-svn: 239498
lib/Target/AArch64/AArch64FrameLowering.cpp:370: virtual void llvm::AArch64FrameLowering::emitPrologue(llvm::MachineFunction&, llvm::MachineBasicBlock&) const: Assertion `!(NeedsRealignment && NumBytes==0) && "NumBytes should never be 0 when realignment is needed"' failed.
llvm-svn: 239352
/code/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux.cc:971:8: error: address of function 'dl_iterate_phdr' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
if (!dl_iterate_phdr)
~^~~~~~~~~~~~~~~
/code/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_linux.cc:971:8: note: prefix with the address-of operator to silence this warning
if (!dl_iterate_phdr)
^
&
llvm-svn: 239321
Summary:
With this patch, we have a flag to toggle displaying source locations in
the regular style:
file:line:column
or Visual Studio style:
file(line,column)
This way, they get picked up on the Visual Studio output window and one
can double-click them to get to that file location.
Reviewers: samsonov, rnk
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D10113
llvm-svn: 239000
Summary:
This way, if they're set when running ninja check-ubsan (or another
sanitizer), they get cleared before we start invoking the programs.
Reviewers: samsonov, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D10229
llvm-svn: 238991
This is done by creating a named shared memory region, unlinking it
and setting up a private (i.e. copy-on-write) mapping of that instead
of a regular anonymous mapping. I've experimented with regular
(sparse) files, but they can not be scaled to the size of MSan shadow
mapping, at least on Linux/X86_64 and ext3 fs.
Controlled by a common flag, decorate_proc_maps, disabled by default.
This patch has a few shortcomings:
* not all mappings are annotated, especially in TSan.
* our handling of memset() of shadow via mmap() puts small anonymous
mappings inside larger named mappings, which looks ugly and can, in
theory, hit the mapping number limit.
llvm-svn: 238621
Also, sized-delete with size_t == unsigned int.
These guys appear when building for Android with gnu-stl.
Fixes a number of ASan tests in that particular configuration.
llvm-svn: 238484
Python may not be /usr/bin/python on some systems. For example, on
FreeBSD it will be /usr/local/bin/python.
Reviewers: samsonov
Differential Revision: http://reviews.llvm.org/D9914
llvm-svn: 238428
CMake pre-3.1 has a bug where a shared library depending on a custom_target
does not really depend on it.
This commit implements a hilariously ugly workaround for this problem, see
code comments for more details.
llvm-svn: 238367
Fix 2 bugs in memory mapping setup:
- the invalid region at offset 0 was not protected because mmap at
address 0 fails with EPERM on most Linux systems. We did not
notice this because the check condition was flipped: the code was
checking that mprotect has failed. And the test that was supposed
to catch this was weakened by the mitigations in the mmap
interceptor.
- when running without origins, the origin shadow range was left
unprotected.
The new test ensures that mmap w/o MAP_FIXED always returns valid
application addresses.
llvm-svn: 238109
Windows does not use AAPCS, but rather AAPCS-VFP, and thus the functions which
are assumed to be AAPCS will cause invalid argument setup. Ensure that the
functions are marked as AAPCS.
llvm-svn: 238056
This reverts part of r237808.
The CMP0057 warnings came from an old development build of CMake that
nobody else has. We don't need the cruft.
llvm-svn: 237819
Fix a trivial instance of CMP0054 that came up on llvmdev.
The other warnings were CMP0057, which is about using the same file as a
MAIN_DEPENDENCY multiple times. The old behavior hasn't been a problem
yet, so I silenced the warning and filed PR23595 to document the issue
if someone cares.
llvm-svn: 237808
Without the --target flag, clang uses the mips64 triple which selects the n64 abi. We need to add --target=mips-linux-gnu, so that clang can select the correct abi for mips32r2.
Reviewers: dsanders, kcc, samsonov
Subscribers: llvm-commits, mohit.bhakkad, jaydeep
Differential Revision: http://reviews.llvm.org/D9249
llvm-svn: 237675
Current code tries to find the dynamic TLS header to the left of the
TLS block without checking that it's not a static TLS allocation.
llvm-svn: 237495
Follow-up to r237161; seems like we can't use aliases, but we
can do better than duplicating the bodies, especially when that
body, after inlining, isn't as small as it looks.
Better approaches welcome. Perhaps the best thing is just to have
an #ifndef __APPLE__ over the GNUEABI names, since they're not used
there.
llvm-svn: 237323
Mostly uninteresting, except:
- in __extendXfYf2, when checking if the number is normal, the old
code relied on the unsignedness of src_rep_t, which is a problem
when sizeof(src_rep_t) < sizeof(int): the result gets promoted to
int, the signedness of which breaks the comparison.
I added an explicit cast; it shouldn't affect other types.
- we can't pass __fp16, so src_t and src_rep_t are the same.
- the gnu_*_ieee symbols are simply duplicated definitions, as aliases
are problematic on mach-o (where only weak aliases are supported;
that's not what we want).
Differential Revision: http://reviews.llvm.org/D9693
llvm-svn: 237161
Mark longjmp tests as XFAIL because longjmp assembly for mips is not yet implemented.
Reviewers: dsanders, dvyukov, samsonov
Subscribers: llvm-commits, mohit.bhakkad, jaydeep
Differential Revision: http://reviews.llvm.org/D9526
llvm-svn: 236847
This test was failing on mips because mips addresses are 40-bit long.
Using regex for address solves this issue.
Reviewers: dsanders, kcc, samsonov
Subscribers: llvm-commits, mohit.bhakkad, jaydeep
Differential Revision: http://reviews.llvm.org/D9516
llvm-svn: 236844
Talking to John and Doug, we concluded that these functions from
stdatomic really do belong here in compiler-rt rather than in libc,
since the compiler owns stdatomic.h and these need to refer to
clang-specific builtins. Nonetheless, I've only added these on darwin
for now - other platforms should probably do the same unless their
libc does implement these functions.
llvm-svn: 236805
Summary:
Add a weak hook to be called from dfsan's custom memcmp.
The primary user will be lib/Fuzzer.
If this works well we'll add more hooks (strcmp, etc).
Test Plan: Will be covered by lib/Fuzzer tests.
Reviewers: pcc
Reviewed By: pcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9541
llvm-svn: 236679
dl_iterate_phdr is somewhat broken in L (see the code for details).
We add runtime OS version detection and fallback to /proc/maps on L or earlier.
This fixes a number of ASan tests on L.
llvm-svn: 236628
Symbol for pc used in ucontext->uc_mcontext was wrong.
Reviewers: dsanders, kcc, samsonov
Subscribers: llvm-commits, mohit.bhakkad, jaydeep
Differential Revision: http://reviews.llvm.org/D9246
llvm-svn: 236572
They are not part of check-all :(
This change adds sized-delete operators to the version list, and disables the
hack that excluded versioned symbols from the dynamic list - this is not an
issue in this case.
llvm-svn: 236559
Summary:
The spec for these functions says that they should return 0 in this case but
this regressed in r234148. That revision essentially delegates the conversion
to the hardware, but that has different behavior on different platforms (e.g.
it is wrong on x86).
Also fix a typo in the name of __fixunsdfti
Test Plan: The existing unit tests now pass
Reviewers: joerg, howard.hinnant
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9305
llvm-svn: 236319
Fix a couple of new tests that were reverted because they were causing
intermittent test failures since they were writing the same default
"default.profraw" file. Fixed by creating a unique directory and
running tests in that directory.
Patch by Teresa Johnson. Thanks!
llvm-svn: 236168
* Remove __ubsan_default_options, so that test would work on Darwin
* Fix unintentional undefined behavior in the code (missing return)
* Build the test with -fno-sanitize-recover to distinguish expected
failures and expected passes by return code.
llvm-svn: 236152
This partially reverts commit r236056, as the two tests were using the same
names and, when executed in parallel, were having intermittent failures.
llvm-svn: 236101
the profile output from the command line via -fprofile-instr-generate=<path>,
where the specified output path/file will be overridden by the
LLVM_PROFILE_FILE environment variable.
Several changes are made to the runtime to support this:
Add a new interface __llvm_profile_override_default_filename that will
set the profile output filename, but allows LLVM_PROFILE_FILE to override.
This is the interface used by the new option.
Refactor the pid-expansion done for LLVM_PROFILE_FILE into a separate
routine that can be shared by the various filename setting routines
(so that the filename from the option can also use the "%p" syntax).
Move the truncation into setFilename, and only truncate if there is a
new filename specified (to maintain support for appending to the same
profile file in the case of multiple shared objects built with profiling).
Move the handling for a NULL filename passed to __llvm_profile_set_filename and
__llvm_profile_override_default_filename into the new setFilenamePossiblyWithPid
routine. This now correctly resets the output file to default.profraw
instead of NULL.
The handling for a null LLVM_PROFILE_FILE (which should not reset) is done
by caller setFilenameFromEnvironment.
Patch by Teresa Johnson.
llvm-svn: 236055
We incorrectly replaced shadow slots
when the new value is not stronger than the old one.
The bug can lead to false negatives.
The bug was detected by Go race test suite:
https://github.com/golang/go/issues/10589
llvm-svn: 236008
Embed UBSan runtime into TSan and MSan runtimes in the same as we do
in ASan. Extend UBSan test suite to also run tests for these
combinations.
llvm-svn: 235954
For now tsan_cxx and msan_cxx contain only operator new/delete
replacements. In the future, when we add support for running UBSan+TSan
and UBSan+MSan, they will also contain bits ubsan_cxx runtime.
llvm-svn: 235928
Summary:
During the review of http://reviews.llvm.org/D9199 where I had originally
changed the debug_mapping.cc test to accept hexadecimal values, we realized
that SHADOW_SCALE and SHADOW_GRANULARITY ought to be printed as decimal values.
This patch makes that change.
This patch also adds a '0x' prefix to the SHADOW_OFFSET to make it clear that
it is hexadecimal while the other two are decimal.
Reviewers: kcc, timurrrr, samsonov
Reviewed By: timurrrr, samsonov
Subscribers: samsonov, llvm-commits, sagar
Differential Revision: http://reviews.llvm.org/D9224
llvm-svn: 235798
Summary:
Add an interface function which can be used to periodically trigger
leak detection in a long-running process.
NB: The meaning of the kIgnored tag has been changed to allow easy clean-up
between subsequent leak checks. Previously, this tag was applied to explicitly
ignored (i.e. with __lsan_disable() or __lsan_ignore_object()) chunks *and* any
chunks only reachable from those. With this change, it's only applied to
explicitly ignored chunks.
Reviewers: samsonov
Reviewed By: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9159
llvm-svn: 235728
Summary:
This makes their local declarations match their definitions for ARM targets,
where they have a different calling convention.
This really only affects functions that use floating point types (since the
runtime functions use soft-float, and some targets may default to hard-float)
but it seemed good to make it uniform and do the int-only ones too.
Differential Revision: http://reviews.llvm.org/D9062
llvm-svn: 235722
Summary:
On ppc64le Fedora 21, getpwnam_r("no-such-user", ...) returns ENOENT
instead of 0. Tolerate this in the test case.
Reviewers: eugenis
Reviewed By: eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9233
llvm-svn: 235654
Summary:
Previously the CHECK directive for SHADOW_SCALE only matched decimal digits
causing it to match '7' on x86_64 instead of the whole value.
This fixes a failure on mips-linux-gnu targets where the leading digit is 'a'.
Reviewers: kcc, sagar, timurrrr
Reviewed By: timurrrr
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D9199
llvm-svn: 235594
float-cast-overflow handler doesn't have source location provided by the
compiler, but we still have *some* source location if we have a
symbolizer.
llvm-svn: 235567
Summary:
ubsan was correctly catching the undefined behaviour but lit's shell was
failing the test anyway because the exit code was non-zero as a result of the
undefined behaviour.
This fixes the test on a mips-linux-gnu target.
Reviewers: samsonov
Reviewed By: samsonov
Subscribers: samsonov, llvm-commits, rsmith, sagar
Differential Revision: http://reviews.llvm.org/D9155
llvm-svn: 235518
Summary:
This will allow us to enable it on the buildbot (and then enable a
sanitizer buildbot).
The problem is that gcc for Mips does not accept -m32/-m64 like clang does.
We therefore need to use the nearest equivalent -mips32r2/-mips64r2. We must
also specify -mabi=64 in the -mips64r2 case since gcc's default ABI has
traditionally been N32 whereas clang's is N64.
Reviewers: sagar
Reviewed By: sagar
Subscribers: llvm-commits, samsonov, kcc, mohit.bhakkad, Anand.Takale, sagar
Differential Revision: http://reviews.llvm.org/D8892
llvm-svn: 235299
Fixes https://llvm.org/bugs/show_bug.cgi?id=23235
If pthread_create is followed by pthread_detach,
the new thread may not acquire synchronize with
the parent thread.
llvm-svn: 235293
As with the other sanitizers, it is desirable to allow ubsan's output to be
redirected to somewhere other than stderr (and into per-process log files).
llvm-svn: 235277
Summary:
When running the compiler-rt testsuite on FreeBSD (it didn't matter which version), I always got the same error result:
FAILED: cd /home/dim/obj/llvm-234092-trunk-freebsd10-amd64-ninja-rel-1/projects/compiler-rt/lib && LLVM_CHECKOUT=/home/dim/src/llvm/trunk SILENT=1 TMPDIR= PYTHON_EXECUTABLE=/usr/local/bin/python2.7 COMPILER_RT=/home/dim/src/llvm/trunk/projects/compiler-rt /home/dim/src/llvm/trunk/projects/compiler-rt/lib/sanitizer_common/scripts/check_lint.sh
The following differences between the implemented custom wrappers and the tests have been found:
--- /tmp/tmp.vPFEefvclf 2015-04-04 17:11:44.996734563 +0200
+++ /tmp/tmp.NbIuvjxKEe 2015-04-04 17:11:45.044734647 +0200
@@ -1,52 +0,0 @@
-calloc
-clock_gettime
-ctime_r
-dfsan_set_write_callback
-dl_iterate_phdr
-dlopen
-fgets
-fstat
-get_current_dir_name
-getcwd
-gethostname
-getpwuid_r
-getrlimit
-getrusage
-gettimeofday
-inet_pton
-localtime_r
-memchr
-memcmp
-memcpy
-memset
-nanosleep
-poll
-pread
-pthread_create
-read
-sched_getaffinity
-select
-sigaction
-sigemptyset
-snprintf
-socketpair
-sprintf
-stat
-strcasecmp
-strchr
-strcmp
-strcpy
-strdup
-strlen
-strncasecmp
-strncmp
-strncpy
-strrchr
-strstr
-strtod
-strtol
-strtoll
-strtoul
-strtoull
-time
-write
After some investigation, it turns out to be due to the regex used for search test_ symbols in lib/dfsan/scripts/check_customer_wrappers.sh:
grep -E "^\\s*test_.*\(\);" ${DFSAN_CUSTOM_TESTS}
This uses \s to search for whitespace at start of line, but support for \s was only introduced in GNU grep v2.5.4-112-gf979ca0, while both FreeBSD and OSX only have grep 2.5.1 (the last version released under GPLv2).
I propose to change \s into [[:space:]], which is the more portable notation.
Test Plan: Run regression tests, and see that they work now. :)
Reviewers: pcc, samsonov, emaste
Reviewed By: emaste
Subscribers: llvm-commits, emaste
Differential Revision: http://reviews.llvm.org/D8832
llvm-svn: 234704
The two subclasses of Symbolizer now only define two virtual functions, PlatformDemangle and PlatformPrepareForSandboxing. Let's make these non-virtual and directly defined by individual platforms.
Reviewed at http://reviews.llvm.org/D8912
llvm-svn: 234690
The patch is generated using clang-tidy misc-use-override check.
This command was used:
tools/clang/tools/extra/clang-tidy/tool/run-clang-tidy.py \
-checks='-*,misc-use-override' -header-filter='llvm|clang' -j=32 -fix \
-format
llvm-svn: 234680
On Windows, we have to know if a memory to be protected is mapped or not.
On POSIX, Mprotect was semantically different from mprotect most people know.
llvm-svn: 234602
Moving the implementation of several functions from sanitizer_symbolizer.cc into sanitizer_symbolizer_libcdep.cc.
Reviewed at http://reviews.llvm.org/D8858
llvm-svn: 234472
This patch is related to Issue 346: moar string interceptors: strstr, strcasestr, strcspn, strpbrk
As was suggested in original review http://reviews.llvm.org/D6056 a new "strict_string_checks" run-time flag introduced.
The flag support applied for existing common, asan, msan and tsan interceptors. New asan tests added.
Change by Maria Guseva reviewed in http://reviews.llvm.org/D7123
llvm-svn: 234187
This adds hard-float implementation for the following builtins:
* __fixdfdi()
* __fixsfdi()
* __fixunsdfdi()
* __fixunssfdi()
The soft-float implementation does never raise floating point
exceptions, which doesn't allow clients to detect floating point
conversion errors.
I must mention that I had to refer to libgcc's implementation to
write these functions.
Related unit-tests of compiler-rt passed with these changes.
Patch was somewhat out-dated, so was updated locally without any
functional changes.
Differential Revision: http://reviews.llvm.org/D5376
llvm-svn: 234148
MetaMap::ResetRange/FreeRange rounds the range up to at least kMetaShadowSize.
This is requried for e.g. free(malloc(0)). However, munmap returns EINVAL
and do not unmap any memory when length arguments is equal to 0.
So don't free meta shadow in this case as well.
llvm-svn: 234145
This avoids crashing or corrupting data if multiple concurrent
processes write to the same .gcda file. This is hard to test, since
the previous behaviour was a data race that often worked out, and it
ignores errors in flock to fall back to the old racy behaviour so that
it won't degrade the behaviour on filesystems that don't support
flock.
llvm-svn: 234036
Summary:
Change the way we use ASan and UBSan together. Instead of keeping two
separate runtimes (libclang_rt.asan and libclang_rt.ubsan), embed UBSan
into ASan and get rid of libclang_rt.ubsan. If UBSan is not supported on
a platform, all UBSan sources are just compiled into dummy empty object
files. UBSan initialization code (e.g. flag parsing) is directly called
from ASan initialization, so we are able to enforce correct
initialization order.
This mirrors the approach we already use for ASan+LSan. This change
doesn't modify the way we use standalone UBSan.
Test Plan: regression test suite
Reviewers: kubabrecka, zaks.anna, rsmith, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D8646
llvm-svn: 233861
This CL:
- moves PrepareForSandboxing() to sanitizer_posix_libcdep.cc
- fixes the coverage tests to use flag substitutions defined in r233802 and not rely on hardcoded shared library names
- moves those tests to TestCases/Posix so that they can be executed on Darwin
llvm-svn: 233828
r233802 has moved the tests above to Posix/ and introduced %ld_flags_rpath_so and %ld_flags_rpath_exe,
which haven't been defined for FreeBSD.
We expect the flags to be the same on Linux and FreeBSD. If there's another reason for the tests to fail on FreeBSD,
they'll need to be disabled.
llvm-svn: 233822
One test case is updated to allow for differences between power and other architectures in behavior when returning from main in certain instances
http://reviews.llvm.org/D8743
llvm-svn: 233813
Also make suppressions-library.cc use the same flags to avoid warnings about unused -rpath flags.
The same substitutions will be used to make coverage tests work on both Linux and Darwin without duplicating the code.
llvm-svn: 233802
It was happening when we looked up a PC for a module that was dlopen'ed/dlclose'd
after the last time we fetched the list of modules
Reviewed at http://reviews.llvm.org/D8618
llvm-svn: 233257
For OS X builds, both Make and CMake, let's be very explicit about using
libc++ and libc++abi with:
1) -stdlib=libc++ in CFLAGS and LDFLAGS for all platforms
2) -lc++ in LDFLAGS for all platforms
3) switch from -undefined dynamic_lookup to -lc++abi for UBSan in
Makefile-based builds
Reviewed at http://reviews.llvm.org/D8617
llvm-svn: 233215
On OS X 10.9 /usr/bin/atos prints the following warning upon invocation:
--
Warning: /usr/bin/atos is moving and will be removed from a future OS X release.
It is now available in the Xcode developer tools to be invoked via: `xcrun atos`
To silence this warning, pass the '-d' command-line flag to this tool.
--
AtosSymbolizer treats the warning as the symbolization result for the first PC passed to the symbolizer. As a result, for each of the following PCs the file:line info for the previous PC is printed, e.g.:
==97926==ERROR: AddressSanitizer: attempting double-free on 0x60200000dfb0 in thread T0:
==97926==Using atos at user-specified path: /usr/bin/atos
==97926==Using dladdr symbolizer.
#0 0x1007407e0 in -- (+0x427e0)
#1 0x1006f6f25 in wrap_free asan_malloc_mac.cc:114
#2 0x7fff916e05fc in main atos-symbolizer.cc:17
#3 0x0 (<unknown module>)
Unfortunately atos doesn't accept the -d switch on OSX versions other than 10.9, thus we have to check for the OSX version.
llvm-svn: 233180
This change caused test failures on darwin, and the followup which was
meant to fix those caused compiler-rt to start failing to link.
Reverting to get the build working again.
This reverts r233071 and r233036.
llvm-svn: 233097
Summary:
Switch to shared library for UBSan. Add support for building
UBSan on OSX and iossim by cargo-culting ASan build rules.
Test Plan: regression test suite
Reviewers: zaks.anna, kubabrecka
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D8473
llvm-svn: 233036
Get rid of "libclang_rt.san" library that used to contain
sanitizer_common pieces required by UBSan if it's used in a standalone
mode. Instead, build two variants of UBSan runtime: "ubsan" and
"ubsan_standalone" (same for "ubsan_cxx" and "ubsan_standalone_cxx").
Later "ubsan" and "ubsan_cxx" libraries will go away, as they will
embedded it into corresponding ASan runtimes.
llvm-svn: 233011
On OS X, dladdr() provides mangled names only, so we need need to demangle in
DlAddrSymbolizer::SymbolizePC.
Reviewed at http://reviews.llvm.org/D8291
llvm-svn: 232910
This patch changes the symbolizer chain on OS X (which currently only uses 1
symbolizer at most) to use this behavior:
* By default, use LLVMSymbolizer -> DlAddrSymbolizer.
* If the llvm-symbolizer binary is not found, use AtosSymbolizer
-> DlAddrSymbolizer.
* If the user specifies ASAN_SYMBOLIZER_PATH=.../atos, then use AtosSymbolizer
-> DlAddrSymbolizer.
* If neither llvm-symbolizer or atos is found, or external symbolication is
disabled with ASAN_SYMBOLIZER_PATH="", use DlAddrSymbolizer.
Reviewed at http://reviews.llvm.org/D8285
llvm-svn: 232908
This test started passing without warning, so in theory, we shouldn't mark
is as XPASS, but the buildbots are red and there's been an uncaught regression
meanwhile. Since it's passing on {ARM,Thumb2} x {NEON,VFPv3}, I'll risk future
failures for the benefit of getting the bots green again.
llvm-svn: 232642
Make sure SUMMARY is always reported unless print_summary flag is set to
false, even if symbolizer is unavailable or report stack trace is empty.
If file/line info for PC can't be evaluated, print module name/offset
like we do in stack trace.
llvm-svn: 232567
The experiments can be used to evaluate potential optimizations that remove
instrumentation (assess false negatives). Instead of completely removing
some instrumentation, you set Exp to a non-zero value (mask of optimization
experiments that want to remove instrumentation of this instruction).
If Exp is non-zero, this pass will emit special calls into runtime
(e.g. __asan_report_exp_load1 instead of __asan_report_load1). These calls
make runtime terminate the program in a special way (with a different
exit status). Then you run the new compiler on a buggy corpus, collect
the special terminations (ideally, you don't see them at all -- no false
negatives) and make the decision on the optimization.
The exact reaction to experiments in runtime is not implemented in this patch.
It will be defined and implemented in a subsequent patch.
http://reviews.llvm.org/D8198
llvm-svn: 232501
Passing MSVC-style cflags to the gcc-style clang driver will almost
always end badly. Just translate a couple of simple flags used by the
base CMake cflags like /D, /U, and /O.
llvm-svn: 232219
Munmap interceptor did not reset meta shadow for the range,
and __tsan_java_move crashed because it encountered
non-zero meta shadow for the destination.
llvm-svn: 232029
They are currently still *not* used, "llvm-symbolizer" is still the default symbolizer on OS X.
Reviewed at http://reviews.llvm.org/D6588
llvm-svn: 232026
80bit Intel/PPC long double is excluded due to lacking support
for the abstraction. Consistently provide saturation logic.
Extend to long double on 128bit IEEE extended platforms.
Initial patch with test cases from GuanHong Liu.
Reviewed by Steve Canon.
Differential Revision: http://reviews.llvm.org/D2804
llvm-svn: 231965
1. /proc/self/smaps may be bigger than 1 << 14. On my machine, it is
26KB.
2. The read system call may return a partially filled buffer. We need
to check the return value from read.
Patch by H.J. Lu
llvm-svn: 231502
Long story short: stop-the-world briefly resets SIGSEGV handler to SIG_DFL.
This breaks programs that handle and continue after SIGSEGV (namely JVM).
See the test and comments for details.
This is reincarnation of reverted r229678 (http://reviews.llvm.org/D7722).
Changed:
- execute TracerThreadDieCallback only on tracer thread
- reset global data in TracerThreadSignalHandler/TracerThreadDieCallback
- handle EINTR from waitpid
Add 3 new test:
- SIGSEGV during leak checking
- StopTheWorld operation during signal storm from an external process
- StopTheWorld operation when the program generates and handles SIGSEGVs
http://reviews.llvm.org/D8032
llvm-svn: 231367
It broke down at some point, and all tests with
REQUIRES: asan-(32|64)-bits
line stopped being executed. Restore the intended behavior.
llvm-svn: 231325
Introduce -mllvm -sanitizer-coverage-8bit-counters=1
which adds imprecise thread-unfriendly 8-bit coverage counters.
The run-time library maps these 8-bit counters to 8-bit bitsets in the same way
AFL (http://lcamtuf.coredump.cx/afl/technical_details.txt) does:
counter values are divided into 8 ranges and based on the counter
value one of the bits in the bitset is set.
The AFL ranges are used here: 1, 2, 3, 4-7, 8-15, 16-31, 32-127, 128+.
These counters provide a search heuristic for single-threaded
coverage-guided fuzzers, we do not expect them to be useful for other purposes.
Depending on the value of -fsanitize-coverage=[123] flag,
these counters will be added to the function entry blocks (=1),
every basic block (=2), or every edge (=3).
Use these counters as an optional search heuristic in the Fuzzer library.
Add a test where this heuristic is critical.
llvm-svn: 231166
The problem is that without SA_RESTORER flag, kernel ignores the handler. So tracer actually did not setup any handler.
Add SA_RESTORER flag when setting up handlers.
Add a test that causes SIGSEGV in stoptheworld callback.
Move SignalContext from asan to sanitizer_common to print better diagnostics about signal in the tracer thread.
http://reviews.llvm.org/D8005
llvm-svn: 230978
The SDK is insufficient to really build much. The builtins can be built
standalone now which is what the stub SDK was meant to permit. Remove the
unnecessary files.
llvm-svn: 230869
On OS X, if you don't have a full Xcode installation, but just the Command Line Tools package, xcrun and xcodebuild don't return a valid SDK root path. In these cases, let's use "/" as the SDK root (which is where the headers and libraries are installed).
Reviewed at http://reviews.llvm.org/D7641
llvm-svn: 230847
The syscall function itself is declared in <unistd.h>
Compiling compiler-rt with -Werror-implicit-function-declaration will
cause a build failure. This change fixes it.
Differential Revision: http://reviews.llvm.org/D7949
llvm-svn: 230838
The ASanified executable could be launched from different locations. When we
cannot find the suppression file relative to the current directory, try to
see if the specified path is relative to the location of the executable.
llvm-svn: 230723
Wrap the StopTheWorld call in a dl_iterate_phdr() callback. This ensures that no
other threads are holding the libdl lock, and we can safely reenter it in the
tracer thread.
llvm-svn: 230631
This rule works like check-cfi, but fails if the tests are unsupported.
This is useful to run on bots if we want to be sure that the tests aren't
silently being skipped.
llvm-svn: 230536
Sorry, SVN had some weird problems so I had to revert and reapply the patch
locally a couple of times and didn't notice I've added file contents to the same
file....
llvm-svn: 230505
Sanitizers work on ancient kernels and were depending on types existing.
When those types were removed, the sanitizer build broke. See bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59009 for more information.
This patch fixes it by isolating the need for those types only when the
feature is actually needed, thus allowing one to compile the kernel with
or without that change, irrespective of its version.
Patch by Christophe Lyon.
llvm-svn: 230324
The buildbot failed to build with
error: variable ‘enable_fp’ set but not used [-Werror=unused-but-set-variable]
let's add a `(void)enable_fp;`.
llvm-svn: 230323
In debug mode (COMPILER_RT_DEBUG=On), we still build with -fomit-frame-pointer and wrap_ioctl doesn't set up a proper stack frame. In release mode it does, because ioctl_common_pre gets inlined into wrap_ioctl and it uses the COMMON_INTERCEPTOR_READ_RANGE macro which in the end calls GET_CURRENT_FRAME and that forces the compiler to generate a stack frame for the function.
Not having a proper stack frame breaks the unwinder. This patch forces to generate a frame pointer (via ENABLE_FRAME_POINTER macro).
Reviewed at http://reviews.llvm.org/D7815
llvm-svn: 230318
When AddressSanitizer only a single dynamic alloca and no static allocas, due to an early exit from FunctionStackPoisoner::poisonStack we forget to unpoison the dynamic alloca. This patch fixes that.
Reviewed at http://reviews.llvm.org/D7810
llvm-svn: 230317
Revise the fix to https://code.google.com/p/address-sanitizer/issues/detail?id=178:
always disable strict init-order checking the first time dlopen() is
called: at this point shared library is allowed to access globals
defined in the main executable, as they are guaranteed to be
initialized. Revise the test cases:
* simplify init-order-dlopen.cc test case: make it Linux-specific
(there's no strict init-order checking on other platforms anyway),
and single-threaded.
* reinforce init-order-pthread-create.cc test case: make sure that
init-order checker would produce a false positive unless we
turn it off at the moment we call pthread_create().
llvm-svn: 230288
This makes int_endianness.h work on operating systems for which we
haven't written explicit constructs, as long as GCC or Clang are being
used.
llvm-svn: 230208
Also, __syscall form should be used when one or more of the
parameters is a 64-bit argument to ensure that argument alignment
is correct.
llvm-svn: 230183
This reverts commit r230019, as it was breaking the ARM sanitizer buildbot
and let other errors be introduced since it wasn't fixed/reverted in
time.
llvm-svn: 230179
The gc-test.cc tries underflows of a variable up to -32 bytes, but on i386, the left redzone is not 32 bytes, it’s only 16 bytes and therefore the access to var[-32] is completely off. The reason why this test didn’t fail before is that we’ve been lucky and there was another variable before the var array, which was also instrumented. This fix uses “-32” for 64-bit systems and “-16” for 32-bit.
Reviewed at http://reviews.llvm.org/D7809
llvm-svn: 230172
SuppressionContext is no longer a singleton, shared by all sanitizers,
but a regular class. Each of ASan, LSan, UBSan and TSan now have their
own SuppressionContext, which only parses suppressions specific to
that sanitizer.
"suppressions" flag is moved away from common flags into tool-specific
flags, so the user now may pass
ASAN_OPTIONS=suppressions=asan_supp.txt LSAN_OPIONS=suppressions=lsan_supp.txt
in a single invocation.
llvm-svn: 230026
Summary:
It still gets picked up by ASan, but it also gets picked up by the other
test suites.
Otherwise, some test suites (e.g: UBSan) would complain they had no
dependencies, and wouldn't run.
Reviewers: samsonov, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7740
llvm-svn: 229962
Let each LibIgnore user (for now it's only TSan) manually go
through SuppressionContext and pass ignored library templates to
LibIgnore.
llvm-svn: 229924
If the thread receives a signal concurrently with PTRACE_ATTACH,
we can get notification about the signal before notification about stop.
In such case we need to forward the signal to the thread, otherwise
the signal will be missed (as we do PTRACE_DETACH with arg=0) and
any logic relying on signals will break. After forwarding we need to
continue to wait for stopping, because the thread is not stopped yet.
We do ignore delivery of SIGSTOP, because we want to make stop-the-world
as invisible as possible.
http://reviews.llvm.org/D7723
--This line, and those below, will be ignored--
M lib/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc
M test/tsan/signal_segv_handler.cc
llvm-svn: 229832
This reverts commit r229665. It seems that the AArch64 ASAN tests, that
pass on all our internal machines, doesn't like the public buildbot.
Turning this off until we can investigate the public bot for a better
understanding.
llvm-svn: 229739
Long story short: stop-the-world briefly resets SIGSEGV handler to SIG_DFL.
This breaks programs that handle and continue after SIGSEGV (namely JVM).
See the test and comments for details.
http://reviews.llvm.org/D7722
llvm-svn: 229678
Enabling internal ptrace for mips, which fixes some
ptrace related tests. Along with this fixing some
other failures.
Reviewers: Reviewers: eugenis, kcc, samsonov
Subscribers: dsanders, sagar, lldb-commits
Differential Revision: http://reviews.llvm.org/D7332
llvm-svn: 229656
Provide defaults for TSAN_COLLECT_STATS and TSAN_NO_HISTORY.
Replace #ifdef directives with #if. This fixes a bug introduced
in r229112, where building TSan runtime with -DTSAN_COLLECT_STATS=0
would still enable stats collection and reporting.
llvm-svn: 229581
In general, this is a reasonable warning, except real_pthread_create is
weak and can be null. The existing usage is correct as it the function
is declared with SANITIZER_WEAK, but MSVC can't know that because it is
defined to nothing on Windows.
llvm-svn: 229562
The internal shell is faster and more predictable than any copy of
bash.exe on the user's system.
LLVM and Clang use the internal shell by default, and have an
environment variable to disable it. I don't think compiler-rt needs that
complexity, so I left it out.
llvm-svn: 229560
They autotools build has a number of missing features, supports less
OS, architectures, build configurations, doesn't have any tests and
is hard to support in sync with CMake build.
llvm-svn: 229556
Summary:
LSan can be combined with a parent tool (for now it's only ASan).
Also, we allow LSAN_OPTIONS to override certain common flags. It means
we have to parse LSAN_OPTIONS early enough, before the rest of the
parent tool (including chunks of sanitizer_common) is initialized.
In future, we can use the same approach for UBSan, after we embed it
into ASan runtime in a similar way.
Test Plan: regression test suite
Reviewers: earthdok, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7577
llvm-svn: 229519
In Go mode the background thread is not started (internal_thread_start is empty).
There is no sense in having this code compiled in.
Also removes dependency on sanitizer_linux_libcdep.cc which is good,
ideally Go runtime does not depend on libc at all.
llvm-svn: 229396
mingw gcc complains:
warning: 'err' may be used uninitialized in this function [-Wmaybe-uninitialized]
Printf("Failed to read options from '%s': error %d\n", value, err);
llvm-svn: 229392
Android devices may not support 'adb root', but be rooted with 'su'
binary. This patch makes it possible to install ASAN to such
devices. When --use-su flag is specified, most 'adb ...' commangs are
changed to 'adb su -c "..."'.
Some other notes:
* 'readlink' changed to 'ls -l', since not all devices have readlink
in their firmware.
* removing ASan library step moved to very end, because 'su' may not
run properly without this library until shell will be restarted.
Patch by Dmitry <ripp at yandex-team dot ru>.
llvm-svn: 229368
Revision 229127 introduced a bug:
zero value is not OK for trace headers,
because stack0 needs constructor call.
Instead unmap the unused part of trace after
all ctors have been executed.
llvm-svn: 229263
We are going to use only a small part of the trace with the default
value of history_size. However, the constructor writes to the whole trace.
It writes mostly zeros, so freshly mmaped memory will do.
The only non-zero field if mutex type used for debugging.
Reduces per-goroutine overhead by 8K.
https://code.google.com/p/thread-sanitizer/issues/detail?id=89
llvm-svn: 229127
The ContainsSameAccess optimization substantially reduces pressure
on trace by eliminating duplicate accesses. So now we can reduce
default trace size to reduce per-goroutine memory consumption.
Current default size is 64K events, new -- 32K events.
In either case user can change it with GORACE env var.
Reduces per-goroutine memory consumption from 356K to 226K.
llvm-svn: 229117
and even before that, it was never implemented. Just define it to zero
instead, so compiler-rt can compile on FreeBSD 11 and later.
Differential Revision: http://reviews.llvm.org/D7485
llvm-svn: 228871
Summary:
__ubsan::getFunctionLocation() used to issue a call to symbolizer, and
convert the result (SymbolizedStack) to one of UBSan structures:
SourceLocation, ModuleLocation or MemoryLocation. This:
(1) is inefficient: we do an extra allocation/deallocation to copy data,
while we can instead can just pass SymbolizedStack around (which
contains all the necessary data).
(2) leaks memory: strings stored in SourceLocation/MemoryLocation are
never deallocated, and Filipe Cabecinhas suggests this causes crashes
of UBSan-ified programs in the wild.
Instead, let Location store a pointer to SymbolizedStack object, and
make sure it's properly deallocated when UBSan handler exits.
ModuleLocation is made obsolete by this change, and is deleted.
Test Plan: check-ubsan test suite
Reviewers: rsmith, filcab
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7548
llvm-svn: 228869
We're still using global constructors when not on linux, so this was
causing warnings on Darwin. Reverting for now.
This reverts r228384.
llvm-svn: 228795
Summary:
Make sure we don't print the error report from -fsanitize=function
twice for the same source location, as we do in another UBSan handlers.
Test Plan: check-ubsan test suite
Reviewers: rsmith, pcc
Reviewed By: pcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7524
llvm-svn: 228772
Make sure clear_cache() builtin has an appropriate definition for Linux.
Call syscall(NR_cacheflush, ...).
Differential Revision: http://reviews.llvm.org/D7205
llvm-svn: 228767
We currently skip all "Noinst" unit tests on OS X, which was probably caused when we removed the "allow_reexec" flag. The MaybeReexec function fails to re-execute when the runtime is linked statically, because there is no dylib to use. This patch adds an explicit DisableReexec function that is used from asan_noinst_test.cc and the runtime then doesn't try to re-execute.
Reviewed at http://reviews.llvm.org/D7493
llvm-svn: 228740
getCallerLocation() is expensive as it issues a call to symbolizer.
(In fact, this function has a memory leak at the moment, but this
will be fixed in the nearest future). We should only call it if
we're actually going to print an error report, in particular,
once for every reported source location.
__ubsan_handle_type_mismatch: call getCallerLocation() only if
provided source location is invalid, and only if the report is not
deduplicated.
__ubsan_handle_float_cast_overflow: call getSourceLocation with
correct CallerPC (the one in user code, not in UBSan handler). Source
location for this check is not currently emitted by frontend.
llvm-svn: 228732
Prior to this change we built two identical runtimes, named "powerpc64"
and "powerpc64le", while their actual endianness matched the host
endianness.
llvm-svn: 228650
MaybeReexec() in asan_mac.cc checks for presence of the ASan dylib in DYLD_INSERT_LIBRARIES, and if it is there, it will process this env. var. and remove the dylib from its value, so that spawned children don't have this variable set. However, the current implementation only works when using a canonical absolute path to the dylib, it fails to remove the dylib for example when using @executable_path.
This patch changes the processing of DYLD_INSERT_LIBRARIES to comparing values only based on filenames (ignoring directories).
Reviewed at http://reviews.llvm.org/D7160
llvm-svn: 228392
by manually adding __asan_mz_* to the generated interface functions list.
Declaring these functions in asan_interface_internal.h doesn't work quite well:
their prototypes must match the prototypes of zone functions in malloc/malloc.h,
but some of the types (e.g. malloc_zone_t and size_t) aren't available in
asan_interface_internal.h
llvm-svn: 228290
This reverts commit r227966, which turned ASAN on on AArhc64 and may be the
cause of the bots never finishing the check-all. I'll re-apply once we're
sure that bot can cope with it.
llvm-svn: 228023
Summary: This causes an invalid lvalue error when building for Android.
Reviewers: danalbert
Reviewed By: danalbert
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7306
llvm-svn: 227907
In both CMake and Makefiles, we are inconsistent about the use of libstdc++ vs. libc++, SDKs and minimum deployment targets for OS X. Let's fix the detection of SDKs, and let's explicitely set that we link against libc++ and mmacosx-version-min is 10.7.
llvm-svn: 227509
Dmitry Vyukov