Summary:
Rather than having to add new "experimental" options each time someone wants to work on bringing a sanitizer to a new platform, this patch makes options for all of them.
The default values for the options are set by the platform checks that would have enabled them, but they can be overridden on or off.
Reviewers: kubabrecka, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14846
llvm-svn: 255170
Summary:
Android doesn't have __libc_malloc and related allocation
functions. As its dynamic linker doesn't use malloc, so
we can use REAL(malloc) to replace __libc_malloc safely.
Reviewers: kcc, eugenis, dvyukov
Subscribers: llvm-commits, tberghammer, danalbert, srhines
Differential Revision: http://reviews.llvm.org/D15297
llvm-svn: 255167
check_memcpy test added in r254959 fails on some configurations due to
memset() calls inserted by Clang. Try harder to avoid them:
* Explicitly use internal_memset() instead of empty braced-initializer.
* Replace "new T()" with "new T", as the former generates zero-initialization
for structs in C++11.
llvm-svn: 255136
This patch provides the assembly support for setjmp/longjmp for use
with the thread sanitizer. This is a big more complicated than for
aarch64, because sibcalls are only legal under our ABIs if the TOC
pointer is unchanged. Since the true setjmp function trashes the TOC
pointer, and we have to leave the stack in a correct state, we emulate
the setjmp function rather than branching to it.
We also need to materialize the TOC for cases where the _setjmp code
is called from libc. This is done differently under the ELFv1 and
ELFv2 ABIs.
llvm-svn: 255059
This patch is by Simone Atzeni with portions by Adhemerval Zanella.
This contains the LLVM patches to enable the thread sanitizer for
PPC64, both big- and little-endian. Two different virtual memory
sizes are supported: Old kernels use a 44-bit address space, while
newer kernels require a 46-bit address space.
There are two companion patches that will be added shortly. There is
a Clang patch to actually turn on the use of the thread sanitizer for
PPC64. There is also a patch that I wrote to provide interceptor
support for setjmp/longjmp on PPC64.
Patch discussion at reviews.llvm.org/D12841.
llvm-svn: 255057
Summary:
It was barely supported for a several years for now, somewhat
rotten and doesn't correspond to the way we build/test TSan runtime
in Clang anymore.
CMake build has proper compile flags, library layout, build
dependencies etc.
Shell scripts that depended on the output of Makefile.old are
either obsolete now (check_cmake.sh), or moved to lit tests
(check_memcpy.sh), or kept as a standalone scripts not suitable
for generic test suite, but invoked on bots (check_analyze.sh).
It is not used on bots anymore: all "interesting" configurations
(gcc/clang as a host compiler; debug/release build types) are now
tested via CMake.
Reviewers: dvyukov, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D15316
llvm-svn: 255032
Another attempt at fixing tsan_invisible_barrier.
Current implementation causes:
https://llvm.org/bugs/show_bug.cgi?id=25643
There were several unsuccessful iterations for this functionality:
Initially it was implemented in user code using REAL(pthread_barrier_wait). But pthread_barrier_wait is not supported on MacOS. Futexes are linux-specific for this matter.
Then we switched to atomics+usleep(10). But usleep produced parasitic "as-if synchronized via sleep" messages in reports which failed some output tests.
Then we switched to atomics+sched_yield. But this produced tons of tsan- visible events, which lead to "failed to restore stack trace" failures.
Move implementation into runtime and use internal_sched_yield in the wait loop.
This way tsan should see no events from the barrier, so not trace overflows and
no "as-if synchronized via sleep" messages.
llvm-svn: 255030
This patch adds release and acquire semantics for dispatch groups, plus a test case.
Differential Revision: http://reviews.llvm.org/D15048
llvm-svn: 255020
Check that TSan runtime doesn't contain compiler-inserted calls
to memset/memmove functions.
In future, we may consider moving this test to test/sanitizer_common,
as we don't want to have compiler-inserted memcpy/memmove calls in
any sanitizer runtime.
llvm-svn: 254955
De-hardcode path to TSan-ified executable: pass it as an input to
the scripts. Fix them so that they don't write to the current
directory. Remove their invocation from Makefile.old: they are
broken there anyway, as check_analyze.sh now matches trunk Clang.
llvm-svn: 254936
This script is superseded by lit test suite integrated into CMake
for quite a while now. It doesn't support many tests, and require
custom hacks for a few other.
llvm-svn: 254932
This option builds TSan runtime with extra debug printfs
and stats collection. This build configuration is developer-only
and should rarely be used, but we need to keep it to make sure
it doesn't bitrot.
llvm-svn: 254818
mac_ignore_invalid_free was helpful when ASan runtime used to intercept
CFAllocator and sometimes corrupted its memory. This behavior had been long
gone, and the flag was unused.
This patch also deletes ReportMacCfReallocUnknown(), which was used by the
CFAllocator realloc() wrapper.
llvm-svn: 254722
On OS X, there are other-than-pthread locking APIs that are used quite extensively - OSSpinLock and os_lock_lock. Let's add interceptors for those.
Differential Revision: http://reviews.llvm.org/D14987
llvm-svn: 254611
In AddressSanitizer, we have the MaybeReexec method to detect when we're running without DYLD_INSERT_LIBRARIES (in which case interceptors don't work) and re-execute with the environment variable set. On OS X 10.11+, this is no longer necessary, but to have ThreadSanitizer supported on older versions of OS X, let's use the same method as well. This patch moves the implementation from `asan/` into `sanitizer_common/`.
Differential Revision: http://reviews.llvm.org/D15123
llvm-svn: 254600
This patch adds release and acquire semantics for libdispatch semaphores and a test case.
Differential Revision: http://reviews.llvm.org/D14992
llvm-svn: 254412
1) There's a few wrongly defined things in tsan_interceptors.cc,
2) a typo in tsan_rtl_amd64.S which calls setjmp instead of sigsetjmp in the interceptor, and
3) on OS X, accessing an mprotected page results in a SIGBUS (and not SIGSEGV).
Differential Revision: http://reviews.llvm.org/D15052
llvm-svn: 254299
On OS X, for weak function (that user can override by providing their own implementation in the main binary), we need extern `"C" SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE NOINLINE`.
Fixes a broken test case on OS X, java_symbolization.cc, which uses a weak function __tsan_symbolize_external.
Differential Revision: http://reviews.llvm.org/D14907
llvm-svn: 254298
Serial queues need extra happens-before between individual tasks executed in the same queue. This patch adds `Acquire(queue)` before the executed task and `Release(queue)` just after it (for serial queues only). Added a test case.
Differential Revision: http://reviews.llvm.org/D15011
llvm-svn: 254229
This patch ports the assembly file tsan_rtl_amd64.S to OS X, where we need several changes:
* Some assembler directives are not available on OS X (.hidden, .type, .size)
* Symbol names need to start with an underscore (added a ASM_TSAN_SYMBOL macro for that).
* To make the interceptors work, we ween to name the function "_wrap_setjmp" (added ASM_TSAN_SYMBOL_INTERCEPTOR for that).
* Calling the original setjmp is done with a simple "jmp _setjmp".
* __sigsetjmp doesn't exist on OS X.
Differential Revision: http://reviews.llvm.org/D14947
llvm-svn: 254228
When a race on file descriptors is detected, `FindThreadByUidLocked()` is called to retrieve ThreadContext with a specific unique_id. However, this ThreadContext might not exist in the thread registry anymore (it may have been recycled), in which case `FindThreadByUidLocked` will cause an assertion failure in `GetThreadLocked`. Adding a test case that reproduces this, producing:
FATAL: ThreadSanitizer CHECK failed: sanitizer_common/sanitizer_thread_registry.h:92 "((tid)) < ((n_contexts_))" (0x34, 0x34)
This patch fixes this by replacing the loop with `FindThreadContextLocked`.
Differential Revision: http://reviews.llvm.org/D14984
llvm-svn: 254223
This patch unify the 39 and 42-bit support for AArch64 by using an external
memory read to check the runtime detected VMA and select the better mapping
and transformation. Although slower, this leads to same instrumented binary
to be independent of the kernel.
Along with this change this patch also fix some 42-bit failures with
ALSR disable by increasing the upper high app memory threshold and also
the 42-bit madvise value for non large page set.
llvm-svn: 254151
We need to intercept libdispatch APIs (dispatch_sync, dispatch_async, etc.) to add synchronization between the code that submits the task and the code that gets executed (possibly on a different thread). This patch adds release+acquire semantics for dispatch_sync, and dispatch_async (plus their "_f" and barrier variants). The synchronization is done on malloc'd contexts (separate for each submitted block/callback). Added tests to show usage of dispatch_sync and dispatch_async, for cases where we expect no warnings and for cases where TSan finds races.
Differential Revision: http://reviews.llvm.org/D14745
llvm-svn: 253982
On OS X, interceptors don't work in unit tests, so calloc() calls the system allocator. We need to use user_calloc() instead.
Differential Revision: http://reviews.llvm.org/D14918
llvm-svn: 253979
This patch fixes the __cxa_guard_acquire, __cxa_guard_release and __cxa_guard_abort interceptors on OS X. They apparently work on Linux just by having the same name, but on OS X, we actually need to use TSAN_INTERCEPTOR.
Differential Revision: http://reviews.llvm.org/D14868
llvm-svn: 253776
We need to call the intercepted version of pthread_detach. Secondly, PTHREAD_CREATE_JOINABLE and PTHREAD_CREATE_DETACHED are not 0 and 1 on OS X, so we need to properly pass these constants and not just a bool.
Differential Revision: http://reviews.llvm.org/D14837
llvm-svn: 253775
The tsan_test_util_posix.cc implementation of mutexes call pthread APIs directly, which on OS X don't end up calling the intercepted versions and we miss the synchronization. This patch changes the unit tests to directly call the intercepted versions. This fixes several test failures on OS X.
Differential Revision: http://reviews.llvm.org/D14835
llvm-svn: 253774
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
(In addition, add sanitizer_common_libcdep.cc to buildgo.sh to avoid
build failures on Linux.)
llvm-svn: 253688
On OS X, this unit test (ThreadSpecificDtors) fails, because the new and delete operators actually call the overridden operators, which end up using TLVs and crash. Since C++'s new and delete is not important in this test, let's just replace them with a local variable. This fixes the test on OS X.
Differential Revision: http://reviews.llvm.org/D14826
llvm-svn: 253583
On OS X, the thread finalization is fragile due to thread-local variables destruction order. I've seen cases where the we destroy the ThreadState too early and subsequent thread-local values' destructors call interceptors again. Let's replace the TLV-based thread finalization method with libpthread hooks. The notification PTHREAD_INTROSPECTION_THREAD_TERMINATE is called *after* all TLVs have been destroyed.
Differential Revision: http://reviews.llvm.org/D14777
llvm-svn: 253560
On OS X, we build a dylib of the TSan runtime, which doesn't necessarily need to contain debugging symbols (and file and line information), so llvm-symbolizer might not be able to find file names for TSan internal frames. FrameIsInternal currently only considers filenames, but we should simply treat all frames within `libclang_rt.tsan_osx_dynamic.dylib` as internal. This patch treats all modules starting with `libclang_rt.tsan_` as internal, because there may be more runtimes for other platforms in the future.
Differential Revision: http://reviews.llvm.org/D14813
llvm-svn: 253559
Reimplement dispatch_once in an interceptor to solve these issues that may produce false positives with TSan on OS X:
1) there is a racy load inside an inlined part of dispatch_once,
2) the fast path in dispatch_once doesn't perform an acquire load, so we don't properly synchronize the initialization and subsequent uses of whatever is initialized,
3) dispatch_once is already used in a lot of already-compiled code, so TSan doesn't see the inlined fast-path.
This patch uses a trick to avoid ever taking the fast path (by never storing ~0 into the predicate), which means the interceptor will always be called even from already-compiled code. Within the interceptor, our own atomic reads and writes are not written into shadow cells, so the race in the inlined part is not reported (because the accesses are only loads).
Differential Revision: http://reviews.llvm.org/D14811
llvm-svn: 253552
Symbolizers can call malloc/realloc/free/..., which we don't want to intercept. This is already implemented on Linux, let's do it for OS X as well.
Differential Revision: http://reviews.llvm.org/D14710
llvm-svn: 253460
This patch adds assembly routines to enable setjmp/longjmp for aarch64
on linux. It fixes:
* test/tsan/longjmp2.cc
* test/tsan/longjmp3.cc
* test/tsan/longjmp4.cc
* test/tsan/signal_longjmp.cc
I also checked with perlbench from specpu2006 (it fails to run
with missing setjmp/longjmp intrumentation).
llvm-svn: 253205
Currently, we crash on finalization of detached threads, because we'll try to clear the ThreadState twice.
Differential Revision: http://reviews.llvm.org/D14644
llvm-svn: 253079
Chris Bieneman