Summary:
Operator new interceptors behavior is now controlled by their nothrow
property as well as by allocator_may_return_null flag value:
- allocator_may_return_null=* + new() - die on allocation error
- allocator_may_return_null=0 + new(nothrow) - die on allocation error
- allocator_may_return_null=1 + new(nothrow) - return null
Ideally new() should throw std::bad_alloc exception, but that is not
trivial to achieve, hence TODO.
Reviewers: eugenis
Subscribers: kubamracek, llvm-commits
Differential Revision: https://reviews.llvm.org/D34731
llvm-svn: 306604
GNU version of strerror_r returns a result pointer that doesn't match the input
buffer. The result pointer is in fact a pointer to some internal storage.
TSAN was recording a write to this location, which was incorrect.
Fixed https://github.com/google/sanitizers/issues/696
llvm-svn: 304858
{M, T, E}San have fread and fwrite interceptors, let's move them to sanitizer_common to enable ASan checks as well.
Differential Revision: https://reviews.llvm.org/D31456
llvm-svn: 299061
Summary: The CHECK failed when the name is __interceptor_wcsncpy
Reviewers: bkramer, eugenis
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D30975
llvm-svn: 297828
Summary: For platforms which support slow unwinder only, we restrict the store context size to 1, basically only storing the current pc. We do this because the slow unwinder which is based on libunwind is not async signal safe and causes random freezes in forking applications as well as in signal handlers.
Reviewed by eugenis.
Differential: D23107
llvm-svn: 289027
Summary: Old bash release (3.2) on SLES11 chokes on new redirection shortcut.
Patch by Brian Cain.
Reviewers: eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D27443
llvm-svn: 288854
The Clang driver on macOS decides the deployment target based on various things, like your host OS version, the SDK version and some environment variables, which makes lit tests pass or fail based on your environment. Let's make sure we run all lit tests with `-mmacosx-version-min=${SANITIZER_MIN_OSX_VERSION}` (10.9 unless overriden).
Differential Revision: https://reviews.llvm.org/D26929
llvm-svn: 288186
Changed the kernel sigaction structure in test syscalls_sigaction.cc for MIPS according to the structure defined in kernel.
Reviewed by eugenis.
Differential: https://reviews.llvm.org/D25814
llvm-svn: 286583
This patch adds 48-bits VMA support for msan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable. The
48-bits segments only cover the usual PIE/default segments plus some
more segments (262144GB total, 0.39% total VMA). Memory avaliability
can be increase by adding multiple application segments like 39 and
42 mapping (some mappings were added on this patch as well).
Tested on 39 and 48-bit VMA kernels on aarch64.
llvm-svn: 279752
Summary:
[[@LINE-30]] only worked because the resulting 3 matches the first character of
30. With the additional blank lines the resulting 5 no longer matches 30.
Reviewers: eugenis
Subscribers: eugenis, llvm-commits
Differential Revision: https://reviews.llvm.org/D23515
llvm-svn: 278715
These tests were recently enabled and have never worked on this builder.
Three tests were sensitive to line number changes:
test/msan/Linux/obstack.cc
test/msan/chained_origin.cc
test/msan/chained_origin_memcpy.cc
and this sensitivity will be addressed in a follow-up patch. Of these,
obstack.cc's sensitivity to line numbers is unexplained since it already uses
[[@LINE]].
llvm-svn: 278671
Adding the XFAIL has caused msan to report a different line number in the call
stack (@LINE-3 rather than @LINE-30). The new line number looks more correct
at first glance since it's the line that uses uninitialized memory rather than
the first non-whitespace line of the file but this needs investigating.
llvm-svn: 278516
The mips64el compiler-rt build has recently been enabled. XFAIL the failing
tests to make the buildbot green again.
The two asan tests require the integrated assembler. This will be fixed soon
for Debian mips64el but not for any other mips64el targets since doing so
requires triple-related issues to be fixed..
The msan tests are largely failing because caused by a kernel update (a patch
has already been posted for this).
I'm not sure why the dfsan test fails yet.
llvm-svn: 278504
Summary:
This patch is a refactoring of the way cmake 'targets' are grouped.
It won't affect non-UI cmake-generators.
Clang/LLVM are using a structured way to group targets which ease
navigation through Visual Studio UI. The Compiler-RT projects
differ from the way Clang/LLVM are grouping targets.
This patch doesn't contain behavior changes.
Reviewers: kubabrecka, rnk
Subscribers: wang0109, llvm-commits, kubabrecka, chrisha
Differential Revision: http://reviews.llvm.org/D21952
llvm-svn: 275111
Dstaddr may contain uninitialized padding at the end (common
implementations accept larger addrlen and ignore the extra bytes).
Also, depending on the socket state, dstaddr argument may be ignored.
llvm-svn: 273205
This fixes fails in test/msan/dlerror.cc - when real dlerror calls strcmp,
our strcmp interceptor now skips poison checking, since it's called in
interceptor context. Strictly speaking, only the dlerror change is
necessary to fix the fail, but let's also change the other two just in case.
Differential Revision: http://reviews.llvm.org/D19499
llvm-svn: 267486
At the moment almost every lit.site.cfg.in contains two lines comment:
## Autogenerated by LLVM/Clang configuration.
# Do not edit!
The patch adds variable LIT_SITE_CFG_IN_HEADER, that is replaced from
configure_lit_site_cfg with the note and some useful information.
llvm-svn: 266520
Summary: This is an initial setup in order to move some additional tests from Linux onto Posix.
I also moved decorate_proc_maps onto the Linux directory
Finally added msan's definition for "stable-runtime".
Only a test requires it, and its commit message (r248014) seems to imply
that AArch64 is problematic with MSan.
Reviewers: samsonov, rengolin, t.p.northover, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D17928
llvm-svn: 263142
Summary: As per the test the 4th element of both arrays are not initialized and hence will contain garbage values. Memcmp returns the difference between the garbage values of the 4th element which will be different on every run of the test. And since the return value of memcmp is returned from main, we are getting random exit code every time.
Reviewers: kcc, eugenis
Subscribers: mohit.bhakkad, jaydeep, llvm-commits
Differential: http://reviews.llvm.org/D17534
llvm-svn: 261739
Test cases definitely should not care about the complete set of architectures
supported by compiler-rt - they should only care about current
architecture that the test suite was configured for.
Introduce new lit feature to reflect this, and convert tests to use it.
llvm-svn: 261603
There's no obvious reason it should fail in this way but it's the only change
on the blamelist. I suspect stale lit*.cfg's from previous builds.
llvm-svn: 260672
The lit test-suite containing the unit tests needs to be explicitly specified
as an argument to lit.py since it is no longer discovered when the other tests
are run (because they are one directory deeper).
dfsan, lsan, and sanitizer_common don't show the same problem.
llvm-svn: 260669
Summary:
Previously, the tests only ran for the 64-bit equivalent of the default target
(see -m64).
Given the supported architecture list only contains 64-bit targets, this happens
to work out the same as the supported targets in most cases but may matter for
X86_64/X86_64h on Darwin.
For other targets, the practical effect is that the test names contain the
architecture. This resolves some confusion when msan tests fail since their
name no longer implies that they are trying to test the default target.
Reviewers: samsonov
Subscribers: tberghammer, danalbert, srhines, llvm-commits
Differential Revision: http://reviews.llvm.org/D16855
llvm-svn: 260230
This patch removes the requirement on stable-runtime on insertvalue_origin.cc
testcase, added due a instrumentation failure on aarch64-linux. This is fixed
on llvm code by r257375.
llvm-svn: 257479
Now with variadic support for msan on aarch6 there is no need for
XFAIL signal_stress_test anymore. Also to garantee aligned stores
for the FP/SIMD arguments enforce the '__msan_va_arg_tls' alignment
to sizeof the SIMD register (16).
llvm-svn: 255496
Summary:
dlopen(NULL, ...) is intended to give you back a handle to the
executable for use with dlsym. Casting it to link_map and using it with
ForEachMappedRegion results in a crash.
We also shouldn't unpoison the globals of a DSO that is already in
memory. This ensures that we don't do it for the executable, but in
general, MSan may have false negatives if the DSO is already loaded.
Reviewers: eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14795
llvm-svn: 253530
This is an implementation of
https://github.com/google/sanitizers/issues/579
It has a number of advantages over the current mapping:
* Works for non-PIE executables.
* Does not require ASLR; as a consequence, debugging MSan programs in
gdb no longer requires "set disable-randomization off".
* Supports linux kernels >=4.1.2.
* The code is marginally faster and smaller.
This is an ABI break. We never really promised ABI stability, but
this patch includes a courtesy escape hatch: a compile-time macro
that reverts back to the old mapping layout.
llvm-svn: 249754
This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:
00 0000 0000 - 40 0000 0000: invalid
40 0000 0000 - 43 0000 0000: shadow
43 0000 0000 - 46 0000 0000: origin
46 0000 0000 - 55 0000 0000: invalid
55 0000 0000 - 56 0000 0000: app (low)
56 0000 0000 - 70 0000 0000: invalid
70 0000 0000 - 80 0000 0000: app (high)
And for 42-bit VMA:
000 0000 0000 - 100 0000 0000: invalid
100 0000 0000 - 11b 0000 0000: shadow
11b 0000 0000 - 120 0000 0000: invalid
120 0000 0000 - 13b 0000 0000: origin
13b 0000 0000 - 2aa 0000 0000: invalid
2aa 0000 0000 - 2ab 0000 0000: app (low)
2ab 0000 0000 - 3f0 0000 0000: invalid
3f0 0000 0000 - 400 0000 0000: app (high)
Most of tests are passing with exception of:
* Linux/mallinfo.cc
* chained_origin_limits.cc
* dlerror.cc
* param_tls_limit.cc
* signal_stress_test.cc
* nonnull-arg.cpp
The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'. So a function prototype that
aims to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects is an unused variable and generate wrong code.
The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).
The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.
Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.
All the failures are XFAIL for aarch64 for now.
llvm-svn: 247809
test/msan/dtor-trivial.cpp. Runtime testing for poisoning
vtable pointer in dtor.
Summary: Runtime testing for vtable ptr poisoning in dtor.
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12713
Clean test case & comments.
Update tests for vptr poisoning order.
Simplify test to rely upon globals.
Assertions verify that vtable still accessible from dtors.
Testing linear inheritance and multiple inheritance for vtable poisoning.
Macros for testing expected failing functions.
Rename macros.
Removed xfail, modified FileCheck commands, to expect test to crash.
llvm-svn: 247763
Summary:
When destructor for a class is not declared, no destructor
is emitted, and members are not poisoned. Test case exhibits this
current bug in use-after-dtor implementation (detailed in
https://github.com/google/sanitizers/issues/596).
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12617
Rename test files.
llvm-svn: 247091
Summary: Verify that all members are poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12023
Test virtual functions and virtual bases poisoning proper size.
Runtime testing of destroying diamond inheritance.
Explicit testing for 0 optimizations.
Simplify test to only test interesting values.
Test poisoning on multiple inheritance with nontrivial and trivial members.
Removed unnecessary header.
Testing (anonymous/)bit fields.
Revised object instantiation in test to avoid undefined behavior.
llvm-svn: 246817
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12018
llvm-svn: 244952
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11992
llvm-svn: 244818
Summary: New implementation for dtor sanitizer callback poisons only class members, and emits poisoning callback before base dtor invoked.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11952
Explicit dtor invocation
llvm-svn: 244709
Summary:
A virtual base class and derived class should only poison their
respective members upon destruction. In particular, trivial members should
be poisoned directly, non-trivial members should be poisoned by their
respective destructors, and references to non-trivial members should be
poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11912
Test case avoids casting to access members
Run configurations to reflect expected runtime failure on assertions.
Simplified access to internal members.
Updated internal member structure of base.
Revised assert in main to verify successful poisoning after dtor.
Verify address of pointer is poisoned.
Fixed assert err.
Cleaned up test by removing extraneous prints, asserts.
llvm-svn: 244521
Summary: Simple test case to verify that an instance of a derived class with virtual base is properly poisoned
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11733
modified test to be more concise, and check the local pointer to the destroyed object
revised test to not examine padding- only explicit object members
llvm-svn: 243913
Summary: Verify that running in optimized mode while checking for use-after-dtor errors, does not generate tail call invocation of destructor. This avoids possible error where stack frame for the destructor is eliminated, making tracking down the errors more difficult.
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11614
simplified test cases
updated line numbering on test
renamed test
llvm-svn: 243675
Alex Shlyapnikov