When AddressSanitizer only a single dynamic alloca and no static allocas, due to an early exit from FunctionStackPoisoner::poisonStack we forget to unpoison the dynamic alloca. This patch fixes that.
Reviewed at http://reviews.llvm.org/D7810
llvm-svn: 230317
Revise the fix to https://code.google.com/p/address-sanitizer/issues/detail?id=178:
always disable strict init-order checking the first time dlopen() is
called: at this point shared library is allowed to access globals
defined in the main executable, as they are guaranteed to be
initialized. Revise the test cases:
* simplify init-order-dlopen.cc test case: make it Linux-specific
(there's no strict init-order checking on other platforms anyway),
and single-threaded.
* reinforce init-order-pthread-create.cc test case: make sure that
init-order checker would produce a false positive unless we
turn it off at the moment we call pthread_create().
llvm-svn: 230288
This makes int_endianness.h work on operating systems for which we
haven't written explicit constructs, as long as GCC or Clang are being
used.
llvm-svn: 230208
Also, __syscall form should be used when one or more of the
parameters is a 64-bit argument to ensure that argument alignment
is correct.
llvm-svn: 230183
This reverts commit r230019, as it was breaking the ARM sanitizer buildbot
and let other errors be introduced since it wasn't fixed/reverted in
time.
llvm-svn: 230179
The gc-test.cc tries underflows of a variable up to -32 bytes, but on i386, the left redzone is not 32 bytes, it’s only 16 bytes and therefore the access to var[-32] is completely off. The reason why this test didn’t fail before is that we’ve been lucky and there was another variable before the var array, which was also instrumented. This fix uses “-32” for 64-bit systems and “-16” for 32-bit.
Reviewed at http://reviews.llvm.org/D7809
llvm-svn: 230172
SuppressionContext is no longer a singleton, shared by all sanitizers,
but a regular class. Each of ASan, LSan, UBSan and TSan now have their
own SuppressionContext, which only parses suppressions specific to
that sanitizer.
"suppressions" flag is moved away from common flags into tool-specific
flags, so the user now may pass
ASAN_OPTIONS=suppressions=asan_supp.txt LSAN_OPIONS=suppressions=lsan_supp.txt
in a single invocation.
llvm-svn: 230026
Summary:
It still gets picked up by ASan, but it also gets picked up by the other
test suites.
Otherwise, some test suites (e.g: UBSan) would complain they had no
dependencies, and wouldn't run.
Reviewers: samsonov, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7740
llvm-svn: 229962
Let each LibIgnore user (for now it's only TSan) manually go
through SuppressionContext and pass ignored library templates to
LibIgnore.
llvm-svn: 229924
If the thread receives a signal concurrently with PTRACE_ATTACH,
we can get notification about the signal before notification about stop.
In such case we need to forward the signal to the thread, otherwise
the signal will be missed (as we do PTRACE_DETACH with arg=0) and
any logic relying on signals will break. After forwarding we need to
continue to wait for stopping, because the thread is not stopped yet.
We do ignore delivery of SIGSTOP, because we want to make stop-the-world
as invisible as possible.
http://reviews.llvm.org/D7723
--This line, and those below, will be ignored--
M lib/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc
M test/tsan/signal_segv_handler.cc
llvm-svn: 229832
This reverts commit r229665. It seems that the AArch64 ASAN tests, that
pass on all our internal machines, doesn't like the public buildbot.
Turning this off until we can investigate the public bot for a better
understanding.
llvm-svn: 229739
Long story short: stop-the-world briefly resets SIGSEGV handler to SIG_DFL.
This breaks programs that handle and continue after SIGSEGV (namely JVM).
See the test and comments for details.
http://reviews.llvm.org/D7722
llvm-svn: 229678
Enabling internal ptrace for mips, which fixes some
ptrace related tests. Along with this fixing some
other failures.
Reviewers: Reviewers: eugenis, kcc, samsonov
Subscribers: dsanders, sagar, lldb-commits
Differential Revision: http://reviews.llvm.org/D7332
llvm-svn: 229656
Provide defaults for TSAN_COLLECT_STATS and TSAN_NO_HISTORY.
Replace #ifdef directives with #if. This fixes a bug introduced
in r229112, where building TSan runtime with -DTSAN_COLLECT_STATS=0
would still enable stats collection and reporting.
llvm-svn: 229581
In general, this is a reasonable warning, except real_pthread_create is
weak and can be null. The existing usage is correct as it the function
is declared with SANITIZER_WEAK, but MSVC can't know that because it is
defined to nothing on Windows.
llvm-svn: 229562
The internal shell is faster and more predictable than any copy of
bash.exe on the user's system.
LLVM and Clang use the internal shell by default, and have an
environment variable to disable it. I don't think compiler-rt needs that
complexity, so I left it out.
llvm-svn: 229560
They autotools build has a number of missing features, supports less
OS, architectures, build configurations, doesn't have any tests and
is hard to support in sync with CMake build.
llvm-svn: 229556
Summary:
LSan can be combined with a parent tool (for now it's only ASan).
Also, we allow LSAN_OPTIONS to override certain common flags. It means
we have to parse LSAN_OPTIONS early enough, before the rest of the
parent tool (including chunks of sanitizer_common) is initialized.
In future, we can use the same approach for UBSan, after we embed it
into ASan runtime in a similar way.
Test Plan: regression test suite
Reviewers: earthdok, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7577
llvm-svn: 229519
In Go mode the background thread is not started (internal_thread_start is empty).
There is no sense in having this code compiled in.
Also removes dependency on sanitizer_linux_libcdep.cc which is good,
ideally Go runtime does not depend on libc at all.
llvm-svn: 229396
mingw gcc complains:
warning: 'err' may be used uninitialized in this function [-Wmaybe-uninitialized]
Printf("Failed to read options from '%s': error %d\n", value, err);
llvm-svn: 229392
Android devices may not support 'adb root', but be rooted with 'su'
binary. This patch makes it possible to install ASAN to such
devices. When --use-su flag is specified, most 'adb ...' commangs are
changed to 'adb su -c "..."'.
Some other notes:
* 'readlink' changed to 'ls -l', since not all devices have readlink
in their firmware.
* removing ASan library step moved to very end, because 'su' may not
run properly without this library until shell will be restarted.
Patch by Dmitry <ripp at yandex-team dot ru>.
llvm-svn: 229368
Revision 229127 introduced a bug:
zero value is not OK for trace headers,
because stack0 needs constructor call.
Instead unmap the unused part of trace after
all ctors have been executed.
llvm-svn: 229263
We are going to use only a small part of the trace with the default
value of history_size. However, the constructor writes to the whole trace.
It writes mostly zeros, so freshly mmaped memory will do.
The only non-zero field if mutex type used for debugging.
Reduces per-goroutine overhead by 8K.
https://code.google.com/p/thread-sanitizer/issues/detail?id=89
llvm-svn: 229127
The ContainsSameAccess optimization substantially reduces pressure
on trace by eliminating duplicate accesses. So now we can reduce
default trace size to reduce per-goroutine memory consumption.
Current default size is 64K events, new -- 32K events.
In either case user can change it with GORACE env var.
Reduces per-goroutine memory consumption from 356K to 226K.
llvm-svn: 229117
and even before that, it was never implemented. Just define it to zero
instead, so compiler-rt can compile on FreeBSD 11 and later.
Differential Revision: http://reviews.llvm.org/D7485
llvm-svn: 228871
Summary:
__ubsan::getFunctionLocation() used to issue a call to symbolizer, and
convert the result (SymbolizedStack) to one of UBSan structures:
SourceLocation, ModuleLocation or MemoryLocation. This:
(1) is inefficient: we do an extra allocation/deallocation to copy data,
while we can instead can just pass SymbolizedStack around (which
contains all the necessary data).
(2) leaks memory: strings stored in SourceLocation/MemoryLocation are
never deallocated, and Filipe Cabecinhas suggests this causes crashes
of UBSan-ified programs in the wild.
Instead, let Location store a pointer to SymbolizedStack object, and
make sure it's properly deallocated when UBSan handler exits.
ModuleLocation is made obsolete by this change, and is deleted.
Test Plan: check-ubsan test suite
Reviewers: rsmith, filcab
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7548
llvm-svn: 228869
We're still using global constructors when not on linux, so this was
causing warnings on Darwin. Reverting for now.
This reverts r228384.
llvm-svn: 228795
Summary:
Make sure we don't print the error report from -fsanitize=function
twice for the same source location, as we do in another UBSan handlers.
Test Plan: check-ubsan test suite
Reviewers: rsmith, pcc
Reviewed By: pcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7524
llvm-svn: 228772
Make sure clear_cache() builtin has an appropriate definition for Linux.
Call syscall(NR_cacheflush, ...).
Differential Revision: http://reviews.llvm.org/D7205
llvm-svn: 228767
We currently skip all "Noinst" unit tests on OS X, which was probably caused when we removed the "allow_reexec" flag. The MaybeReexec function fails to re-execute when the runtime is linked statically, because there is no dylib to use. This patch adds an explicit DisableReexec function that is used from asan_noinst_test.cc and the runtime then doesn't try to re-execute.
Reviewed at http://reviews.llvm.org/D7493
llvm-svn: 228740
getCallerLocation() is expensive as it issues a call to symbolizer.
(In fact, this function has a memory leak at the moment, but this
will be fixed in the nearest future). We should only call it if
we're actually going to print an error report, in particular,
once for every reported source location.
__ubsan_handle_type_mismatch: call getCallerLocation() only if
provided source location is invalid, and only if the report is not
deduplicated.
__ubsan_handle_float_cast_overflow: call getSourceLocation with
correct CallerPC (the one in user code, not in UBSan handler). Source
location for this check is not currently emitted by frontend.
llvm-svn: 228732
Prior to this change we built two identical runtimes, named "powerpc64"
and "powerpc64le", while their actual endianness matched the host
endianness.
llvm-svn: 228650
MaybeReexec() in asan_mac.cc checks for presence of the ASan dylib in DYLD_INSERT_LIBRARIES, and if it is there, it will process this env. var. and remove the dylib from its value, so that spawned children don't have this variable set. However, the current implementation only works when using a canonical absolute path to the dylib, it fails to remove the dylib for example when using @executable_path.
This patch changes the processing of DYLD_INSERT_LIBRARIES to comparing values only based on filenames (ignoring directories).
Reviewed at http://reviews.llvm.org/D7160
llvm-svn: 228392
by manually adding __asan_mz_* to the generated interface functions list.
Declaring these functions in asan_interface_internal.h doesn't work quite well:
their prototypes must match the prototypes of zone functions in malloc/malloc.h,
but some of the types (e.g. malloc_zone_t and size_t) aren't available in
asan_interface_internal.h
llvm-svn: 228290
This reverts commit r227966, which turned ASAN on on AArhc64 and may be the
cause of the bots never finishing the check-all. I'll re-apply once we're
sure that bot can cope with it.
llvm-svn: 228023
Summary: This causes an invalid lvalue error when building for Android.
Reviewers: danalbert
Reviewed By: danalbert
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D7306
llvm-svn: 227907
In both CMake and Makefiles, we are inconsistent about the use of libstdc++ vs. libc++, SDKs and minimum deployment targets for OS X. Let's fix the detection of SDKs, and let's explicitely set that we link against libc++ and mmacosx-version-min is 10.7.
llvm-svn: 227509
asan_symbolize.py isn't needed on Windows, but it's nice if asan has a unified
UI on all platforms. So rather than have asan_symolize.py die on startup due to
it importing modules that don't exist on Windows, let it just echo the input.
llvm-svn: 227326
Make sure "void *ctx" doesn't point to an object which already went out
of scope. This might also fix -Wuninitialized warnings GCC 4.7 produces
while building ASan runtime.
llvm-svn: 227258
If a memory access is unaligned, emit __tsan_unaligned_read/write
callbacks instead of __tsan_read/write.
Required to change semantics of __tsan_unaligned_read/write to not do the user memory.
But since they were unused (other than through __sanitizer_unaligned_load/store) this is fine.
Fixes long standing issue 17:
https://code.google.com/p/thread-sanitizer/issues/detail?id=17
llvm-svn: 227230
These functions are already present in the cc_kext for arm32 and for x86 and
x86_64. It was an oversight that they were not included for arm64.
Based on a patch by Lawrence D'Anna. Thanks!
llvm-svn: 227206
A flexible way of describing MSan memory layout details on various
platforms. No significant functional changes, but the memory layout
description that you get at verbosity=1 looks slightly different.
This change includes stronger sanity checks than before.
The goal of this change is to allow more than 2 application memory
ranges for https://code.google.com/p/memory-sanitizer/issues/detail?id=76.
llvm-svn: 227192
Modifying Darwin/interception-in-shared-lib-test.cc and suppressions-library.cc
to use rpath instead of linking against the full path to the temporary file.
NFC.
llvm-svn: 227161
The idea is to ensure that the ASan runtime gets initialized early (i.e.
before other initializers/constructors) even when DYLD_INSERT_LIBRARIES
is not used. In that case, the interceptors are not installed (on OS X,
DYLD_INSERT_LIBRARIES is required for interceptors to work), and therefore
ASan gets currently initialized quite late -- from the main executable's
module initializer. The following issues are a consequence of this:
https://code.google.com/p/address-sanitizer/issues/detail?id=363https://code.google.com/p/address-sanitizer/issues/detail?id=357
Both of them are fixed with this patch.
Reviewed at http://reviews.llvm.org/D7117
llvm-svn: 226929
The interceptor of ioctl is using a non-standard prototype:
INTERCEPTOR(int, ioctl, int d, unsigned request, void *arg)
At least on OS X, the request argument should be unsigned long and not
just unsigned, and also instead of the last argument (arg), the function
should be accepting a variable number of arguments, so the prototype
should be:
int ioctl(int fildes, unsigned long request, ...);
We can still keep using `unsigned` internally to save space, because we
know that all possible values of `request` will fit into it.
Reviewed at http://reviews.llvm.org/D7038
llvm-svn: 226926
This patch is a proposed solution for https://code.google.com/p/address-sanitizer/issues/detail?id=375:
When the stacktraces are captured and printed by ASan itself, they are fine, but when the program has already printed the report (or is just printing it), capturing a stacktrace via other means is broken. "Other means" include OS X CrashReporter, debuggers or calling backtrace() within the program. For example calling backtrace() from a sanitizer_set_death_callback function prints a very truncated stacktrace.
Reviewed at http://reviews.llvm.org/D7103
llvm-svn: 226878
By attaching an extra integer tag to heap origins, we are able
to distinguish between uninits
- created by heap allocation,
- created by heap deallocation (i.e. use-after-free),
- created by __msan_allocated_memory call,
- etc.
See https://code.google.com/p/memory-sanitizer/issues/detail?id=35.
llvm-svn: 226821
Fixes 2 issues in origins arising from realloc() calls:
* In the in-place grow case origin for the new memory is not set at all.
* In the copy-realloc case __msan_memcpy is used, which unwinds stack from
inside the MSan runtime. This does not generally work (as we may be built
w/o frame pointers), and produces "bad" stack trace anyway, with several
uninteresting (internal) frames on top.
This change also makes realloc() honor "zeroise" and "poison_in_malloc" flags.
See https://code.google.com/p/memory-sanitizer/issues/detail?id=73.
llvm-svn: 226674
Even sleep(1) lead to episodical flakes on some machines.
Use an invisible by tsan barrier to enforce required execution order instead.
This makes the tests deterministic and faster.
llvm-svn: 226659
Previously we always stored 4 bytes of origin at the destination address
even for 8-byte (and longer) stores.
This should fix rare missing, or incorrect, origin stacks in MSan reports.
llvm-svn: 226658
MemoryAccess function consumes ~4K of stack in debug mode,
in significant part due to the unrolled loop.
And gtest gives only 4K of stack to death test
threads, which causes stack overflows in debug mode.
llvm-svn: 226644
aarch64-linux kernel has configurable 39, 42 or 47 bit virtual address
space. Most distros AFAIK use 42-bit VA right now, but there are also
39-bit VA users too. The ppc64 handling can be used for this just fine
and support all the 3 sizes.
There are other issues, like allocator32 not really being able to support
the larger addres spaces, and hardcoded 39-bit address space size in other
macros.
Patch by Jakub Jelinek.
llvm-svn: 226639
glibc recently changed ABI on aarch64-linux:
https://sourceware.org/git/?p=glibc.git;a=commit;h=5c40c3bab2fddaca8cfe12d75944d1fef8adf1a4
Instead of having unsigned short mode; unsigned short __pad1; it now has
unsigned int mode; field in ipc_perm structure.
This patch allows to build against the recent glibc and disables the
ipc_perm.mode verification for older versions of glibc.
I think it shouldn't be a big deal even for older glibcs, I couldn't find
any place which would actually care about the exact mode field, rather than
the whole structure, appart from the CHECK_SIZE_AND_OFFSET macro.
Patch by Jakub Jelinek
llvm-svn: 226637
Use synci implementation of clear_cache for short address ranges.
For long address ranges, make a kernel call.
Differential Revision: http://reviews.llvm.org/D6661
llvm-svn: 226567
TSAN_SHADOW_COUNT is defined to 4 in all environments.
Other values of TSAN_SHADOW_COUNT were never tested and
were broken by recent changes to shadow mapping.
Remove it as there is no reason to fix nor maintain it.
llvm-svn: 226466
InternalAlloc is quite complex and its behavior may depend on the values of
flags. As such, it should not be used while parsing flags.
Sadly, LowLevelAlloc does not support deallocation of memory.
llvm-svn: 226453
Setting the maximum read size in FlagHandlerInclude to 2^15 might be a good
default, but causes the read to fail on systems with a page size larger than
that (ReadFileToBuffer(...) will fail if the maximum allowed size is less than
the value returned by GetPageSizeCached()). For example, on my PPC64/Linux
system, GetPageSizeCached() returns 2^16. In case the page size is larger, use
that instead.
llvm-svn: 226368
Debugging a missing profile is a bit painful right now. We can make
people's lives a bit easier by adding a knob to enable printing a
helpful error message for such failures.
llvm-svn: 226312
This test casts 0x4 to a function pointer and calls it. Unfortunately, the
faulting address may not exactly be 0x4 on PPC64 ELFv1 systems. The LLVM PPC
backend used to always generate the loads "in order", so we'd fault at 0x4
anyway. However, at upcoming change to loosen that ordering, and we'll pick a
different order on some targets. As a result, as explained in the comment, we
need to allow for certain nearby addresses as well.
llvm-svn: 226202
The new parser is a lot stricter about syntax, reports unrecognized
flags, and will make it easier to implemented some of the planned features.
llvm-svn: 226169
Use unwind.h to get the declarations for unwinding interfaces. This header is
already provided by clang and gcc, so this adds no additional dependencies for
building the builtins library. It avoids the duplication which may drift over
time though.
llvm-svn: 225990
pc_fd was not initialized to (-1) on some code paths, resulting in the program
erroneously closing stdin when reinitializing coverage.
llvm-svn: 225637
This mirrors r225239 to all the rest sanitizers:
ASan, DFSan, LSan, MSan, TSan, UBSan.
Now the runtime flag type, name, default value and
description is located in the single place in the
.inc file.
llvm-svn: 225327
Kuba Brecka