It makes the tests extremely slow due to high latency of the test launcher.
The main reason for -j5 was high memory usage with handle_abort=1, which
is now disabled in the test runner.
llvm-svn: 281409
When running with start_deactivated=1 in ASAN_OPTIONS, heap redzones
are not poisoned until the first instrumented module is loaded. This
can cause false negatives even on memory allocated after activation,
because redzones are normally poisoned only once when a new allocator
region is mapped.
This change attempts to fix it by iterating over all existing
allocator chunks and poisoning their redzones.
llvm-svn: 281364
The same thing is already done on Mac. handle_abort slows down tests
significantly because it triggers tombstone collection on Android;
also, it changes failed test outcome from "not-crash" to "crash" (as
in "bin/not --crash").
This change adds handle_abort=0 to asan options on android (test
only!), and also tweaks android_run.py to semi-correctly pass the
crash/no-crash status to the caller.
llvm-svn: 281075
Summary: Merges back both scariness_score_test.cc files, since the Linux-specific version shouldn't be needed any more.
Reviewers: kcc, eugenis, vitalybuka
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D24347
llvm-svn: 281048
This patch adds a wrapper for call_once, which uses an already-compiled helper __call_once with an atomic release which is invisible to TSan. To avoid false positives, the interceptor performs an explicit atomic release in the callback wrapper.
Differential Revision: https://reviews.llvm.org/D24188
llvm-svn: 280920
Reset the SIGABRT signal handler before calling abort().
Also, change the error message when catching SIGABRT to say "ABRT"
instead of "SEGV".
llvm-svn: 280885
With this patch 10 out of 13 tests are passing.
Following is the list of failing tests:
struct-simple.cpp
workingset-signal-posix.cpp
mmap-shadow-conflict.c
Reviewed by bruening
Differential: D23799
llvm-svn: 280795
Summary:
Only one of the tests in it doesn't work on OS X.
On Windows it seems that everything that is being moved is also
supported.
The abort() test wasn't copied over (original case 22). This is because
it doesn't work on OS X.
Reviewers: kcc, eugenis, vitalybuka
Subscribers: kubabrecka, llvm-commits
llvm-svn: 280469
Another CFG optimisation patch (280364) has broken bad profile tests, and this
is a similar attempt to fix the test without changing the semantics.
llvm-svn: 280373
Commit r280364 has introduced some call-graph optmisations making a profiler
test "fail" due to not expecting the compiler to be "smart", and fold constants
across functions. This commit works around the issue, leaving the origial
semantics intact.
llvm-svn: 280365
The abort() test wasn't copied over (original case 22). This is because
it doesn't work on OS X.
If theres no buildbot problem with this test later today, I will
minimize the Linux version.
llvm-svn: 280361
Summary:
We are going to use store instructions to poison some allocas.
Runtime flag will require branching in instrumented code on every lifetime
intrinsic. We'd like to avoid that.
Reviewers: eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23967
llvm-svn: 279981
My attempt to disable this test on i386 by adding "UNSUPPORTED: i386-apple"
in r279880 wasn't succesful, so I'm using REQUIRES instead.
llvm-svn: 279916
atos currently doesn't work well when loaded from 32-bit binaries, which
was causing some of the bots to fail. Disable this test until we can
come up with a better fix.
llvm-svn: 279880
Depends on D21612 which implements the building blocks for the compiler-rt
implementation of the XRay runtime. We use a naive in-memory log of fixed-size
entries that get written out to a log file when the buffers are full, and when
the thread exits.
This implementation lays some foundations on to allowing for more complex XRay
records to be written to the log in subsequent changes. It also defines the format
that the function call accounting tool in D21987 will start building upon.
Once D21987 lands, we should be able to start defining more tests using that tool
once the function call accounting tool becomes part of the llvm distribution.
Reviewers: echristo, kcc, rnk, eugenis, majnemer, rSerge
Subscribers: sdardis, rSerge, dberris, tberghammer, danalbert, srhines, majnemer, llvm-commits, mehdi_amini
Differential Revision: https://reviews.llvm.org/D21982
llvm-svn: 279805
This should un-break users that have not re-generated their CMake
configs when they ran it when this was defaulted to OFF. Related to
r277975 post-commit review.
llvm-svn: 279802
This patch adds 48-bits VMA support for msan on aarch64. As current
mappings for aarch64, 48-bit VMA also supports PIE executable. The
48-bits segments only cover the usual PIE/default segments plus some
more segments (262144GB total, 0.39% total VMA). Memory avaliability
can be increase by adding multiple application segments like 39 and
42 mapping (some mappings were added on this patch as well).
Tested on 39 and 48-bit VMA kernels on aarch64.
llvm-svn: 279752
and x86_64h-apple.
Mark the test as UNSUPPORTED to fix a bot that is failing.
http://lab.llvm.org:8080/green/job/clang-stage2-configure-Rlto_check
The bot is failing because asan_symbolize.py cannot tell whether the
reported address is from an x86_64 slice or an x86_64h slice by the
length of the address alone, so it ends up passing the wrong arch to
atos.
rdar://problem/27907889
llvm-svn: 279614
Durning standalone builds (which includes runtimes builds) we want to create a target named check-compiler-rt. Additionally we also create check-all if it doesn't already exist as a convienence target that depends on check-compiler-rt.
This allows us to generate a single check target that invokes lit for all test suites in the runtimes projects, while avoiding name collision of check-all and not breaking existing workflows.
llvm-svn: 279334
Summary:
test/builtins/Unit/cpu_model_test.c tests the X86 specific builtin `__builtin_cpu_supports`.
It fails if the clang's default target is not X86.
The proposed patch adds an additional requirement for the X86 target to the test, making lit ignore the test if the target is different.
Reviewers: asbirlea
Subscribers: dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D23633
llvm-svn: 279071
Summary:
[[@LINE-30]] only worked because the resulting 3 matches the first character of
30. With the additional blank lines the resulting 5 no longer matches 30.
Reviewers: eugenis
Subscribers: eugenis, llvm-commits
Differential Revision: https://reviews.llvm.org/D23515
llvm-svn: 278715
These tests were recently enabled and have never worked on this builder.
Three tests were sensitive to line number changes:
test/msan/Linux/obstack.cc
test/msan/chained_origin.cc
test/msan/chained_origin_memcpy.cc
and this sensitivity will be addressed in a follow-up patch. Of these,
obstack.cc's sensitivity to line numbers is unexplained since it already uses
[[@LINE]].
llvm-svn: 278671
Summary: Add a test case for __attribute__((no_sanitize("cfi"))) being effective.
Reviewers: kcc
Subscribers: dberris
Differential Revision: https://reviews.llvm.org/D23425
llvm-svn: 278530
Adding the XFAIL has caused msan to report a different line number in the call
stack (@LINE-3 rather than @LINE-30). The new line number looks more correct
at first glance since it's the line that uses uninitialized memory rather than
the first non-whitespace line of the file but this needs investigating.
llvm-svn: 278516
The mips64el compiler-rt build has recently been enabled. XFAIL the failing
tests to make the buildbot green again.
The two asan tests require the integrated assembler. This will be fixed soon
for Debian mips64el but not for any other mips64el targets since doing so
requires triple-related issues to be fixed..
The msan tests are largely failing because caused by a kernel update (a patch
has already been posted for this).
I'm not sure why the dfsan test fails yet.
llvm-svn: 278504
With this change, the default behavior on error is to call abort()
instead of _exit(). This should help the OS to capture a tombstone of
the error.
RAM usage of the lit test suite goes up because of all the tombstone
gathering, so I'm limiting the parallelism of the test target.
Previously it was based on the number of the CPUs on the host
machine, which is definitely wrong.
llvm-svn: 278308
The API is intended to be used by user to do fine
grained (per-region) control of profile dumping.
Differential Revision: http://reviews.llvm.org/D23106
llvm-svn: 278092
Summary:
Adds a new, generic, resizing hashtable data structure for use by esan
tools. No existing sanitizer hashtable is suitable for the use case for
most esan tools: we need non-fixed-size tables, parameterized keys and
payloads, and write access to payloads. The new hashtable uses either
simple internal or external mutex locking and supports custom hash and
comparision operators. The focus is on functionality, not performance, to
catalyze creation of a variety of tools. We can optimize the more
successful tools later.
Adds tests of the data structure.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D22681
llvm-svn: 278024
Summary:
We also add one test (and the XRay testing infrastructure) to exercise
the patching and unpatching code. This uses the XRay API exported
through the headers as well, installing a custom log handler.
Depends on D23101 for the updated emitted code alignment for the
return/entry sleds.
Reviewers: rSerge, echristo, rnk
Subscribers: tberghammer, danalbert, srhines, mehdi_amini, llvm-commits
Differential Revision: https://reviews.llvm.org/D23154
llvm-svn: 277971
Go back to intercepting kernel32!RaiseException, and only go for
ntdll!RtlRaiseException if that fails. Fixes throw_and_catch.cc test.
Work around an issue in LLVM's win64 epilogues. We end up with an
epilogue that looks like this, and it drives the Win64 unwinder crazy
until stack overflow:
call ill_cc!__asan_handle_no_return
xor eax,eax
add rsp,40h // epilogue starts
pop rbp // CSR
ud2 // Trap here
ret // Ret?
nop word ptr [rax+rax]
sub rsp,28h // Next function
Will file a PR soon.
llvm-svn: 277874
Summary:
Often, a code will call multiple virtual methods of a given object.
If they go in a linear block, it should be possible to check vtable
before the first call, then store vtable pointer and reuse it for
the second vcall without any additional checks.
This is expected to have a positive performance impact on a hot
path in Blink, see https://crbug.com/634139.
Reviewers: kcc
Differential Revision: https://reviews.llvm.org/D23151
llvm-svn: 277795
Since the directory is empty on Darwin, disable the inclusion and avoid
the warning below. Exclude on Android as well to match the behavior from
lib/interception/tests/CMakeLists.txt
lit.py:
/Users/buildslave/jenkins/sharedspace/clang-R_master@2/llvm/utils/lit/lit/discovery.py:224:
warning: input
'/Users/buildslave/jenkins/sharedspace/clang-R_master@2/clang-build/Build/tools/clang/runtime/compiler-rt-bins/test/interception/Unit'
contained no tests
This fixes the above warning in some of public bots, like
http://lab.llvm.org:8080/green/job/clang-stage2-configure-Rlto_check/8686
Differential Revision: https://reviews.llvm.org/D23128
rdar://problem/27581108
llvm-svn: 277692
Summary:
-lowertypetests-bitsets-level controls which kinds of bitsets
are generated, as introduced in r277556. This change adds tests
to compiler-rt.
Reviewers: kcc
Differential Revision: https://reviews.llvm.org/D23103
llvm-svn: 277632
Summary:
Respect the handle_sigill common flag and handle_segv flags while we're
at it.
We still handle signals/exceptions differently on Unix and Windows. The
installation process is tricky on Windows, and difficult to push down
into sanitizer_common without concerning it with the different
static/dynamic CRT models on Windows.
Reviewers: kcc, etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23098
llvm-svn: 277621
Summary:
Currently, the Scudo Hardened Allocator only gets its flags via the SCUDO_OPTIONS environment variable.
With this patch, we offer the opportunity for programs to define their own options via __scudo_default_options() which behaves like __asan_default_options() (weak symbol).
A relevant test has been added as well, and the documentation updated accordingly.
I also used this patch as an opportunity to rename a few variables to comply with the LLVM naming scheme, and replaced a use of Report with dieWithMessage for consistency (and to avoid a callback).
Reviewers: llvm-commits, kcc
Differential Revision: https://reviews.llvm.org/D23018
llvm-svn: 277536
Summary:
On my install of Windows 10, RaiseException is a tail call to
kernelbase!RaiseException. Obviously, we fail to intercept that.
Instead, try hooking at the ntdll!RtlRaiseException layer. It is
unlikely that this layer will contain control flow.
Intercepting at this level requires adding a decoding for
'LEA ESP, [ESP + 0xXXXXXXXX]', which is a really obscure way to write
'SUB ESP, 0xXXXXXXXX' that avoids clobbering EFLAGS.
Reviewers: etienneb
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23046
llvm-svn: 277518
We no longer assign ids to unregistered threads. We don't have any stack
trace for thread creation for these worker threads, so this shouldn't
affect report quality much.
llvm-svn: 277514
Summary:
On Windows 10, this gets called after TLS has been torn down from NTDLL,
and we crash attempting to return fake_tsd. This interceptor isn't
needed after r242948 anyway, so let's remove it. The ASan runtime can
now tolerate unregistered threads calling __asan_handle_no_return.
Reviewers: vitalybuka, etienneb
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23044
llvm-svn: 277478
The system implementation of OSAtomicTestAndClear returns the original bit, but the TSan interceptor has a bug which always returns zero from the function. This patch fixes this and adds a test.
Differential Revision: https://reviews.llvm.org/D23061
llvm-svn: 277461
On Darwin, there are some apps that rely on realloc(nullptr, 0) returning a valid pointer. TSan currently returns nullptr in this case, let's fix it to avoid breaking binary compatibility.
Differential Revision: https://reviews.llvm.org/D22800
llvm-svn: 277458
When we run halt_on_error-torture.cc with 10 threads and 20 iterations with halt_on_error=false:suppress_equal_pcs=false, we write 200 reports to 10.txt file and sometimes have collisions.
We have CHECK-COLLISION check that greps 'AddressSanitizer: nested bug in the same thread, aborting' message in 10.txt, but it doesn't contain this line.
If I don't redirect stderr > 10.txt 'AddressSanitizer: nested bug in the same thread, aborting' is printed to my screen as expected.
Same happens for halt_on_error_suppress_equal_pcs.cc and halt_on_error-torture.cc. This happens because of kernel bug: https://lkml.org/lkml/2014/2/17/324
Furtunately, we can fix these tests by implicitly setting O_APPEND for opened files (use >> instead of > for stderr redirection).
Differential Revision: https://reviews.llvm.org/D22921
llvm-svn: 277324
Summary:
Test where broken because of missing lifetime markers for temps and
because of aggressive optimization which removed markers in some cases.
PR27453
Reviewers: eugenis, kcc
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D22894
llvm-svn: 277074
Summary:
The unittests recently added were not running when executing 'check-all'.
Tests are stable on every archictetures and we can now turn them on.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22695
llvm-svn: 276881
When we delay signals we can deliver them when the signal
is blocked. This can be surprising to the program.
Intercept signal blocking functions merely to process
pending signals. As the result, at worst we will delay
a signal till return from the signal blocking function.
llvm-svn: 276876
Add a %stdcxx11 lit substitution for -std=c++11. Windows defaults to
-std=c++14 when VS 2015 is used because the STL requires it. Harcoding
-std=c++11 in the ASan tests actually downgrades the C++ standard level,
leading to test failures.
Relax a FileCheck pattern in use-after-scope-types.cc.
Disable the sanitizer_common OOM tests. They fail on bots with low swap,
and cause other concurrently running tests to OOM.
llvm-svn: 276454
The OOM test should really only run on 32-bits, since it's hard to OOM
on x64.
The operator_array_new_with_dtor_left_oob tests need to account for the
larger array cookie on x64 (8 bytes instead of 4).
Use -std=c++14 in use-after-scope-capture.cc to avoid errors in the MSVC
2015 STL on Windows. The default there is C++14 anyway.
llvm-svn: 276332
Summary:
This patch is fixing running interception unittests for memcpy/memmove on
windows 64.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22641
llvm-svn: 276324
Summary:
These unittests are not running on windows because they are using incorrect commands.
They were not failing on 32-bits because there is a requirement: asan-64-bits.
```
$ "nm" "C:\src\llvm\ninja64\projects\compiler-rt\test\asan\X86_64WindowsConfig\TestCases\Output\no_asan_gen_globals.c.tmp.exe"
# command stderr:
'nm': command not found
error: command failed with exit status: 127
```
```
$ "rm" "-rf" "C:\src\llvm\ninja64\projects\compiler-rt\test\asan\X86_64WindowsConfig\TestCases\Output/coverage-tracing"
$ "mkdir" "C:\src\llvm\ninja64\projects\compiler-rt\test\asan\X86_64WindowsConfig\TestCases\Output/coverage-tracing"
$ "A=x"
# command stderr:
'A=x': command not found
error: command failed with exit status: 127
```
```
$ "DIR=C:\src\llvm\ninja64\projects\compiler-rt\test\asan\X86_64WindowsConfig\TestCases\Output/coverage-order-pcs"
# command stderr:
'DIR=C:\\src\\llvm\\ninja64\\projects\\compiler-rt\\test\\asan\\X86_64WindowsConfig\\TestCases\\Output/coverage-order-pcs': command not found
error: command failed with exit status: 127
```
Reviewers: rnk
Subscribers: tberghammer, llvm-commits, danalbert, wang0109, srhines, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22612
llvm-svn: 276290
Summary:
This is an other tentative to fix:
https://reviews.llvm.org/D22588
It's less clever, but should work.
Turn out there is not an easy way to write a portable print
for a pointer in lowercase without the prefix 0x.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22606
llvm-svn: 276286
Summary:
By adding the initialisation of the symbolisation library (DbgHelp)
we are swapping the order in which both warnings are produced.
We can't use CHECK-NEXT as the dbghelp warning is multiline.
Reviewers: rnk
Subscribers: kubabrecka, llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22586
llvm-svn: 276228
Summary:
The printf is not working correctly on 64-bit MSVC.
The portable way to print "size_t" is to use "%zx" (size_t in hexa).
Reviewers: rnk
Subscribers: kubabrecka, llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22588
llvm-svn: 276179
Summary:
This test is allocating a 1gig chunk to make shadow allocation failed,
but on 64-bits architecture the test is working.
Reviewers: rnk
Subscribers: kubabrecka, llvm-commits, wang0109, chrisha
Differential Revision: https://reviews.llvm.org/D22553
llvm-svn: 276122
Summary: This flag could be used to disable check in runtime.
Subscribers: kubabrecka
Differential Revision: https://reviews.llvm.org/D22495
llvm-svn: 276004
Summary:
Avoid mismatch between imports/exports for 32-bit and 64-bits version.
The test is running grep over macros to detect which functions are
intercepted. Unfortunately, exception handlers differ in 32-bit and
64-bit.
This patch is removing the exception handlers from the test.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22484
llvm-svn: 275982
Adds a new esan public interface routine __esan_get_sample_count() and uses
it to ensure that tests of sampling receive the minimum number of samples.
llvm-svn: 275948
It seems in some situations we have clashes on very first error so test only prints "nested bug in the same thread, aborting" rather than "use-after-poison", so remove corresponding " RUN: FileCheck %s < 10.txt" line.
Also, the two last " RUN: FileCheck --check-prefix=CHECK-COLLISION %s < 1.txt || FileCheck --check-prefix=CHECK-NO-COLLISION %s < 1.txt" look wrong, they should check 10.txt. Fix these lines too.
Differential Revision: https://reviews.llvm.org/D22309
llvm-svn: 275539
Summary:
Both test have the same command-line.
The second test is missing the /GS-.
Keep in mind that /GS is on by default.
Reviewers: rnk
Subscribers: llvm-commits, wang0109, kubabrecka, chrisha
Differential Revision: https://reviews.llvm.org/D22339
llvm-svn: 275491
Summary:
This aims to add support for __cpu_model and address Bug 25510. It uses
the code from lib/Support/Host.cpp for cpu detection, and creates
__cpu_model with that info.
Tested on OSX and built on Linux as well (though libgcc is the default).
The use of "asm" required -std=gnu99, hence the cmake change. Corrections
on better addressing this are welcome.
Previously reverted, up for review again to iron out outstanding issues.
Reviewers: llvm-commits, joerg, echristo, mehdi_amini
Subscribers: mehdi_amini
Differential Revision: http://reviews.llvm.org/D22181
llvm-svn: 275484
Summary:
When test was added we had no -fsanitize-address-use-after-scope in clang
so we had to use -mllvm -asan-use-after-scope=1.
Reviewers: eugenis
Subscribers: kubabrecka
Differential Revision: https://reviews.llvm.org/D22382
llvm-svn: 275475
Summary:
This patch is a refactoring of the way cmake 'targets' are grouped.
It won't affect non-UI cmake-generators.
Clang/LLVM are using a structured way to group targets which ease
navigation through Visual Studio UI. The Compiler-RT projects
differ from the way Clang/LLVM are grouping targets.
This patch doesn't contain behavior changes.
Reviewers: kubabrecka, rnk
Subscribers: wang0109, llvm-commits, kubabrecka, chrisha
Differential Revision: http://reviews.llvm.org/D21952
llvm-svn: 275111
This patch adds interceptors for dispatch_io_*, dispatch_read and dispatch_write functions. This avoids false positives when using GCD IO. Adding several test cases.
Differential Revision: http://reviews.llvm.org/D21889
llvm-svn: 275071
These test in this change are objc++, but are built using %clang, not %clangxx.
The reason this works is the driver has been adding -lc++ for sanitizer enabled
builds. By making these tests use %clangxx, they no longer depend on the driver
linking to c++. Doing so will allow us to prevent overlinking of libc++ for
applications.
llvm-svn: 274989
Summary:
Adds a new public interface routine __esan_report() which can be used to
request profiling results prior to abnormal termination (e.g., for a server
process killed by its parent where the normal exit does not allow for
normal result reporting).
Implements this for the working-set tool. The cache frag tool is left
unimplemented as it requires missing iteration capabilities.
Adds a new test.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D22098
llvm-svn: 274964
Summary:
This aims to add support for __cpu_model and address Bug 25510. It uses
the code from lib/Support/Host.cpp for cpu detection, and creates
__cpu_model with that info.
Tested on OSX, it builts successfully, but the current version does
*not* resolve Bug 25510. The __cpu_model symbol is present in the
library but it only gets loaded with -all_load. This patch will not land
until this issue is clarified.
Built on Linux as well (though libgcc is the default). The use of "asm"
required -std=gnu99, hence the cmake change. Corrections on better
addressing this are welcome.
Note: See additional comments on D20988 (committed as r271921).
Reviewers: llvm-commits, joerg, echristo, mehdi_amini
Subscribers: mehdi_amini
Differential revision: http://reviews.llvm.org/D21033
llvm-svn: 274873
This patch adds synchronization between the creation of the GCD data object and destructor’s execution. It’s far from perfect, because ideally we’d want to synchronize the destruction of the last reference (via dispatch_release) and the destructor’s execution, but intercepting objc_release is problematic.
Differential Revision: http://reviews.llvm.org/D21990
llvm-svn: 274749
Summary:
Adds interception of sigprocmask and pthread_sigmask to esan so that the
working set tool can prevent SIGSEGV from being blocked. A blocked SIGSEGV
results in crashes due to our lazy shadow page allocation scheme.
Adds new sanitizer helper functions internal_sigemptyset and
internal_sigismember.
Adds a test to workingset-signal-posix.cpp.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D22063
llvm-svn: 274672
We already have interceptors for dispatch_source API (e.g. dispatch_source_set_event_handler), but they currently only handle submission synchronization. We also need to synchronize based on the target queue (serial, concurrent), in other words, we need to use dispatch_callback_wrap. This patch implements that.
Differential Revision: http://reviews.llvm.org/D21999
llvm-svn: 274619
In the patch that introduced support for GCD barrier blocks, I removed releasing a group when leaving it (in dispatch_group_leave). However, this is necessary to synchronize leaving a group and a notification callback (dispatch_group_notify). Adding this back, simplifying dispatch_group_notify_f and adding a test case.
Differential Revision: http://reviews.llvm.org/D21927
llvm-svn: 274549
Because we use SCOPED_TSAN_INTERCEPTOR in the dispatch_once interceptor, the original dispatch_once can also be sometimes called (when ignores are enabled or when thr->is_inited is false). However the original dispatch_once function doesn’t expect to find “2” in the storage and it will spin forever (but we use “2” to indicate that the initialization is already done, so no waiting is necessary). This patch makes sure we never call the original dispatch_once.
Differential Revision: http://reviews.llvm.org/D21976
llvm-svn: 274548
The dispatch_group_async interceptor actually extends the lifetime of the executed block. This means the destructor of the block (and captured variables) is called *after* dispatch_group_leave, which changes the semantics of dispatch_group_async. This patch fixes that.
Differential Revision: http://reviews.llvm.org/D21816
llvm-svn: 274117
Adding support for GCD barrier blocks in concurrent queues. This uses two sync object in the same way as read-write locks do. This also simplifies the use of dispatch groups (the notifications act as barrier blocks).
Differential Revision: http://reviews.llvm.org/D21604
llvm-svn: 273893
See the bug report at https://github.com/google/sanitizers/issues/691. When a dynamic alloca has a constant size, ASan instrumentation will treat it as a regular dynamic alloca (insert calls to poison and unpoison), but the backend will turn it into a regular stack variable. The poisoning/unpoisoning is then broken. This patch will treat such allocas as static.
Differential Revision: http://reviews.llvm.org/D21509
llvm-svn: 273889
There is a "well-known" TSan false positive when using C++ weak_ptr/shared_ptr and code in destructors, e.g. described at <https://llvm.org/bugs/show_bug.cgi?id=22324>. The "standard" solution is to build and use a TSan-instrumented version of libcxx, which is not trivial for end-users. This patch tries a different approach (on OS X): It adds an interceptor for the specific function in libc++.dylib, which implements the atomic operation that needs to be visible to TSan.
Differential Revision: http://reviews.llvm.org/D21609
llvm-svn: 273806
This test is flaky. Specifically, on some Mac configurations we see the
__sanitizer_ptr_cmp as the 0th frame. Let's relax it to not require that
f is in frame #0.
61396==ERROR: AddressSanitizer: invalid-pointer-pair: 0x01e00510 0x01e004d0
0 0x18f5a3 in __sanitizer_ptr_cmp ... libclang_rt.asan_osx_dynamic.dylib+0xaf5a3)
1 0xdd924 in f(char, char*, char*) ... invalid-pointer-pairs.cc:14:14
Differential Revision: http://reviews.llvm.org/D21588
llvm-svn: 273475
This test case checks that globals from all object files are being registered
after they've been linked together. It also checks that globals from libraries
loaded at runtime are registered.
llvm-svn: 273464
This patch adds the __sanitizer_start_switch_fiber and
__sanitizer_finish_switch_fiber methods inspired from what can be found here
2ea64dd249 .
These methods are needed when the compiled software needs to implement
coroutines, fibers or the like. Without a way to annotate them, when the program
jumps to a stack that is not the thread stack, __asan_handle_no_return shows a
warning about that, and the fake stack mechanism may free fake frames that are
still in use.
Author: blastrock (Philippe Daouadi)
Reviewed in http://reviews.llvm.org/D20913
llvm-svn: 273260
Dstaddr may contain uninitialized padding at the end (common
implementations accept larger addrlen and ignore the extra bytes).
Also, depending on the socket state, dstaddr argument may be ignored.
llvm-svn: 273205
Summary:
Adds the struct field size array in the struct StructInfo.
Prints struct field size info in the report.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, bruening, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21342
llvm-svn: 272988
Summary:
Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.
Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with an instrumented tcmalloc or other allocator compiled with esan.
Adds a test that emulates an instrumented allocator.
Reviewers: aizatsky
Subscribers: vitalybuka, tberghammer, zhaoqin, danalbert, kcc, srhines, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21083
llvm-svn: 272676
Summary:
Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.
Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with an instrumented tcmalloc or other allocator compiled with esan.
Adds a test that emulates an instrumented allocator.
Reviewers: aizatsky
Subscribers: vitalybuka, tberghammer, zhaoqin, danalbert, kcc, srhines, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21083
llvm-svn: 272591
Summary:
Adds a version of sigaction that uses a raw system call, to avoid circular
dependencies and support calling sigaction prior to setting up
interceptors. The new sigaction relies on an assembly sigreturn routine
for its restorer, which is Linux x86_64-only for now.
Uses the new sigaction to initialize the working set tool's shadow fault
handler prior to libc interceptor being set up. This is required to
support instrumentation invoked during interceptor setup, which happens
with an instrumented tcmalloc or other allocator compiled with esan.
Adds a test that emulates an instrumented allocator.
Reviewers: aizatsky
Subscribers: vitalybuka, tberghammer, zhaoqin, danalbert, kcc, srhines, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21083
llvm-svn: 272553
Test that __llvm_profile_set_filename invoked in
main program is 'visible' to shared lib (overriding
shared libary's profile path set on command line)
llvm-svn: 272375
Summary:
Adds the struct field offset array in the struct StructInfo.
Prints struct size and field offset info in the report.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, bruening, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D21191
llvm-svn: 272363
Summary:
This is an initial implementation of a Hardened Allocator based on Sanitizer Common's CombinedAllocator.
It aims at mitigating heap based vulnerabilities by adding several features to the base allocator, while staying relatively fast.
The following were implemented:
- additional consistency checks on the allocation function parameters and on the heap chunks;
- use of checksum protected chunk header, to detect corruption;
- randomness to the allocator base;
- delayed freelist (quarantine), to mitigate use after free and overall determinism.
Additional mitigations are in the works.
Reviewers: eugenis, aizatsky, pcc, krasin, vitalybuka, glider, dvyukov, kcc
Subscribers: kubabrecka, filcab, llvm-commits
Differential Revision: http://reviews.llvm.org/D20084
llvm-svn: 271968
Somehow, in r271049, ASan lit tests and unit tests were removed from “check-all”. Doesn’t seem intentional, let’s fix it.
Differential Revision: http://reviews.llvm.org/D21017
llvm-svn: 271905
(Part-1 merging API is in profile runtime)
This patch implements a portable file opening API
with exclusive access for the process. In-process
profile merge requires profile file update to be
atomic/fully sychronized.
llvm-svn: 271864
fixing tis test. There are different configurations running, and they
have subtly different backtraces. I didn't notice that the configs
changed and so I kept occilating between the two.
Now I've looked at two different configs at the same time, and so this
should be much more likely to work.
llvm-svn: 271786
available along side the leak checking, so use the REQUIRES for that.
Also, use %run as other tests do when launching the built binary.
This fixes check-asan for me on Linux and looks like it should fix the
linux sanitizer bots as well.
llvm-svn: 271785
of lines provided with the filecheck output from the previous run. I'll
probably give up after this and get someone with a Windows build to help
me out.
llvm-svn: 271784
Summary:
Computes the struct field access variation based on each field access
count.
Adds a flag to control the report thresholds.
Updates struct-simple.cpp with variance report output.
Reviewers: aizatsky
Subscribers: kubabrecka, zhaoqin, llvm-commits, eugenis, vitalybuka, kcc, bruening
Differential Revision: http://reviews.llvm.org/D20914
llvm-svn: 271734
Summary:
Adds a new option -snapshot_step controlling the frequency distribution for
an 8-level series of samples using each bit of each shadow byte.
Implements accumulation from each level to the next higher level at the
specified frequency.
Adds storage of the 8 series of samples using CircularBuffer instances.
Fixes an error in the circular buffer data structure where a static
object's destructor will be called too early.
Prints the results out at the end in a simple manner to give us something
to start with.
Updates the workingset-samples test to test the new feature.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20833
llvm-svn: 271683
Summary:
Adds support for creating a separate thread for performing "sideline"
actions on a periodic basis via an itimer. A new class SidelineThread
implements this feature, exposing a sampling callback to the caller.
Adds initial usage of sideline sampling to the working set tool. For now
it simply prints the usage at each snapshot at verbosity level 1. Adds a
test of this behavior. Adds a new option -record_snapshots to control
whether we sample and a new option -sample_freq to control the periodicity
of the sampling.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20751
llvm-svn: 271682
The new annotation was added a while ago, but was not actually used.
Use the annotation to detect linker-initialized mutexes instead
of the broken IsGlobalVar which has both false positives and false
negatives. Remove IsGlobalVar mess.
llvm-svn: 271663
Summary:
Adds the call needed to cache the binary name to support the sanitizer
option log_exe_name for usable log file results when running multiple
applications. Adds a test.
Reviewers: aizatsky
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20747
llvm-svn: 271586
Currently the added test produces false race reports with glibc 2.19,
because DLTS memory is reused by pthread under the hood.
Use the DTLS machinery to intercept new DTLS ranges.
__tls_get_addr known to cause issues for tsan in the past,
so write the interceptor more carefully.
Reviewed in http://reviews.llvm.org/D20927
llvm-svn: 271568
Summary:
Adds StructInfo to CacheFragInfo to match the LLVM's EfficiencySanitizer
structs.
Uses StructHashMap to keep track of the struct info used by the app.
Adds registerStructInfo/unregisterStructInfo to add/remove struct infos
to/from StructHashMap.
updates test struct-simple.cpp with more C structs.
Reviewers: aizatsky, filcab
Subscribers: filcab, zhaoqin, llvm-commits, eugenis, vitalybuka, kcc, bruening, kubabrecka
Differential Revision: http://reviews.llvm.org/D20590
llvm-svn: 271564
Summary:
This CL adds a weak check for a Vtable prefix: for a well-formed
Vtable, we require the prefix to be within [-1<<20; 1<<20].
Practically, this solves most of the known cases when UBSan segfaults
without providing any useful diagnostics.
Reviewers: pcc
Subscribers: kubabrecka
Differential Revision: http://reviews.llvm.org/D19750
llvm-svn: 271560
Make sure inline virtual function's address is properly recorded and
dumped in raw profile so that value profiling does not loss tracking.
(Second part of the test will be enabled after the lowering bug is fixed
in LLVM)
llvm-svn: 271528
Summary:
Adds a new class, CircularBuffer, for holding a wrap-around fixed-size
sequence of a primitive data type. This will be used initially by the
working set tool.
Adds a unit test for CircularBuffer, including infrastructure support to
include esan headers and to link with the esan library by pretending to
want the working set tool.
Reviewers: aizatsky, filcab
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20579
llvm-svn: 271286
Summary:
Adds iteration of all application memory in an efficient manner using
shadow faults. Shadow memory starts out inaccessible and we mark it
writable one page at a time on each fault when the instrumentation touches
it. This allows iteration over just the mapped shadow memory, saving
significant time.
Adds a process-end iteration and pretty-printing of the final result.
Adds a new test and updates the existing tests.
Reviewers: aizatsky, filcab
Subscribers: vitalybuka, zhaoqin, kcc, eugenis, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20578
llvm-svn: 271277
Summary:
In preparation for fault-based shadow memory iteration, we add support for
our own signal handler by adding app signal handler interception as well as
chaining for SIGSEGV. This is done in a simple manner: we do not honor the
app's alternate stack nor any sigaction flags for SIGSEGV.
Adds a new test of transparency in app signal handling.
Reviewers: aizatsky
Subscribers: filcab, kubabrecka, vitalybuka, zhaoqin, kcc, eugenis, llvm-commits
Differential Revision: http://reviews.llvm.org/D20577
llvm-svn: 271272
Summary:
Adds detection of large stack size rlimits (over 1 TB or unlimited), which
results in an mmap location that our shadow mapping does not support. We
re-exec the application in this situation. Adds a test of this behavior.
Adds general detection of mmap regions outside of our app regions. In the
future we want to try to adaptively handle these but for now we abort.
Moves the existing Linux-specific mmap code into a platform-specific file
where the new rlimit code lives.
Reviewers: eugenis
Subscribers: vitalybuka, zhaoqin, kcc, aizatsky, llvm-commits, kubabrecka
Differential Revision: http://reviews.llvm.org/D20745
llvm-svn: 271079
It's fixing compilation errors. The runtime is not yet working.
Missing features:
OverrideFunction for x64
an equiv function for inline asm (atomic_compare_exchange_strong)
shadow memory offset needs to be adjusted
RoundUpToInstrBoundary for x64
They will be implemented by subsequent patches.
Patch by Wei Wang.
Differential revision: http://reviews.llvm.org/D20455
llvm-svn: 271049
Fixes an esan workingset-memset test failure by switching to malloc to
avoid a shadow mapping issue with mmap in certain situations that will be
fully fixed separately.
llvm-svn: 270949
Summary:
Adds the base runtime library for the working set tool.
Adds slowpath code for updating the shadow memory.
To be added in the future:
+ Scan memory and report the total size.
+ Take samples for intermediate values.
Reviewers: aizatsky
Subscribers: kubabrecka, vitalybuka, zhaoqin, kcc, eugenis, llvm-commits
Differential Revision: http://reviews.llvm.org/D20485
llvm-svn: 270650
Summary: Adds a new test struct-simple.cpp for testing the
cache-fragmentation tool with a multi-compilation-unit application.
Patch by Qin Zhao.
Reviewers: bruening
Subscribers: kubabrecka, kcc, vitalybuka, eugenis, aizatsky, llvm-commits, zhaoqin
Differential Revision: http://reviews.llvm.org/D20599
llvm-svn: 270631
Evgeniy Stepanov