Summary:
There are a number of issues with unit tests on Darwin. These patches address the following:
* Unit tests should be passed -arch (-m32/-m64 isn't sufficient)
* Unit tests should be passed ${DARWIN_osx_CFLAGS} because they're being built for OS X
* Test architectures should be filtered based on base system capabilities (i.e. don't try running x86_64h tests on pre-haswell hardware).
Reviewers: bogner, filcab, kubabrecka
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12174
llvm-svn: 245580
Summary:
Currently CMake doesn't build builtins for AArch64 and if one does this anyway
it's likely that at least `__multc3`, `__floatditf` and `__floatunditf` will be
missing. There is actually more builtins to add, but these come from
different libc implementations, thus providing them makes compiler-rt for
AArch64 good enough at least for basic usage.
Builtins implementation were originally taken from FreeBSD project:
* [[ https://reviews.freebsd.org/D2173 | __multc3 ]]
* [[ https://reviews.freebsd.org/D2174 | __floatditf and __floatunditf ]]
Until they have been tested to find mistakes in `__float*` functions.
`__floatditf` was based on `__floatsitf`, which had the same mistakes
(fixed it in r243746).
Version of the builtins in this patch are fixed and complemented with basic
tests. Additionally they were tested via GCC's torture (this is what revealed
these issues).
P.S. Ed (author of FreeBSD patches) asked for feedback on the list some time ago (here [[ http://lists.cs.uiuc.edu/pipermail/llvmdev/2015-March/084064.html | here ]])
and got no response, but it seems to be worth adding these builtins as is and
extracting common part later.
Reviewers: howard.hinnant, t.p.northover, jmolloy, enefaim, rengolin, zatrazz
Subscribers: asl, emaste, samsonov, aemerson, llvm-commits, rengolin
Differential Revision: http://reviews.llvm.org/D11679
llvm-svn: 245296
This reverts commit r245263, and the change wasn't catched by UBsan.
It also reverts: "[ARM] Also disable stable-runtime check on UBsan,
to use generic one" (r245287), as it didn't fix the UBsan builds.
We need to investigate what's going on before continuing, since this
is breaking all ARM RT buildbots for a while.
llvm-svn: 245292
Summary:
This involved various fixes:
- Move a test that uses ulimit to Posix.
- Add a few "REQUIRES: shell" lines to tests using backtick subshell
evaluation.
- The MSVC CRT buffers stdio if the output is a pipe by default. Some
tests need that disabled to avoid interleaving test stdio with asan
output.
- MSVC headers provide _alloca instead of alloca (go figure), so add a
portability macro to the two alloca tests.
- XFAIL tests that rely on accurate symbols, we need to pass more flags
to make that work.
- MSVC's printf implementation of %p uses upper case letters and doesn't
add 0x, so do that manually.
- Accept "SEGV" or "access-violation" reports in crash tests.
Reviewers: samsonov
Subscribers: tberghammer, danalbert, llvm-commits, srhines
Differential Revision: http://reviews.llvm.org/D12019
llvm-svn: 245073
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12018
llvm-svn: 244952
Summary:
The lit internal shell is used by default on Windows, and it does not
support bash variable expansion. Because bash variable expansion
interacts with tokenization, it is prohibitively difficult to make the
existing lit shell do general shell variable expansion.
The most common use of shell variables in the asan tests is to add
options to the default set of options set by lit.cfg. We can avoid the
need for variable expansion with a substitution that expands to 'env
ASAN_OPTIONS=<defaults:>'.
This has the side benefit of shortening the RUN lines, so it seemed
better than implementing limited variable expansion in lit.
Reviewers: samsonov, filcab
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11982
llvm-svn: 244839
Summary:
This is consistent with LLVM and Clang. The lit shell isn't a complete
bash implementation, but its behavior is more easily reproducible. This
fixes some ubsan test failures.
One ubsan test requires a shell currently, so I added "REQUIRES: shell",
and the other doesn't work on Windows because it prints a stack trace
and uses a linker that doesn't support DWARF. We can fix it eventually
through other means.
Reviewers: samsonov, pcc
Subscribers: yaron.keren, filcab, llvm-commits
Differential Revision: http://reviews.llvm.org/D11960
llvm-svn: 244837
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11992
llvm-svn: 244818
Summary: New implementation for dtor sanitizer callback poisons only class members, and emits poisoning callback before base dtor invoked.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11952
Explicit dtor invocation
llvm-svn: 244709
Summary:
llvm-symbolizer understands both PDBs and DWARF, so it's a better bet if
it's available. It prints out the function parameter types and column
numbers, so I needed to churn the expected test output a bit.
This makes most of the llvm-symbolizer subprocessing code
target-independent. Pipes on all platforms use fd_t, and we can use the
portable ReadFromFile / WriteToFile wrappers in symbolizer_sanitizer.cc.
Only the pipe creation and process spawning is Windows-specific.
Please check that the libcdep layering is still correct. I don't know
how to reproduce the build configuration that relies on that.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11791
llvm-svn: 244616
Summary:
Compiler-rt part of http://reviews.llvm.org/D11757
I ended up making UBSan work with both the old version and the new
version of the float_cast_overflow data (instead of just erroring with
the previous version). The old version will try to symbolize its caller.
Now we compile the float_cast_overflow tests without -g, and make sure
we have the source file+line+column.
If you think I'm trying too hard to make sure we can still use both
versions, let me know.
Reviewers: samsonov, rsmith
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11793
llvm-svn: 244567
We will use this for ASan on Windows soon. When the ELF port of LLD
matures, we can add other sanitizer integration tests to make sure they
work with LLD.
llvm-svn: 244549
Summary:
A virtual base class and derived class should only poison their
respective members upon destruction. In particular, trivial members should
be poisoned directly, non-trivial members should be poisoned by their
respective destructors, and references to non-trivial members should be
poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11912
Test case avoids casting to access members
Run configurations to reflect expected runtime failure on assertions.
Simplified access to internal members.
Updated internal member structure of base.
Revised assert in main to verify successful poisoning after dtor.
Verify address of pointer is poisoned.
Fixed assert err.
Cleaned up test by removing extraneous prints, asserts.
llvm-svn: 244521
Offset from vptr to the start of most-derived object can actually
be positive in some virtual base class vtables.
Patch by Stephan Bergmann!
llvm-svn: 244101
This patch enabled TSAN for aarch64 with 39-bit VMA layout. As defined by
tsan_platform.h the layout used is:
0000 4000 00 - 0200 0000 00: main binary
2000 0000 00 - 4000 0000 00: shadow memory
4000 0000 00 - 5000 0000 00: metainfo
5000 0000 00 - 6000 0000 00: -
6000 0000 00 - 6200 0000 00: traces
6200 0000 00 - 7d00 0000 00: -
7d00 0000 00 - 7e00 0000 00: heap
7e00 0000 00 - 7fff ffff ff: modules and main thread stack
Which gives it about 8GB for main binary, 4GB for heap and 8GB for
modules and main thread stack.
Most of tests are passing, with the exception of:
* ignore_lib0, ignore_lib1, ignore_lib3 due a kernel limitation for
no support to make mmap page non-executable.
* longjmp tests due missing specialized assembly routines.
These tests are xfail for now.
The only tsan issue still showing is:
rtl/TsanRtlTest/Posix.ThreadLocalAccesses
Which still required further investigation. The test is disable for
aarch64 for now.
llvm-svn: 244055
This patch enables asan for aarch64/linux. It marks it as 'unstable-release',
since some tests are failing due either kernel missing support of non-executable
pages in mmap or environment instability (infinite loop in juno reference
boards).
It sets decorate_proc_maps test to require stable-release, since the test expects
the shadow memory to not be executable and the support for aarch64 is only
added recently by Linux (da141706aea52c1a9 - 4.0).
It also XFAIL static_tls test for aarch64 linker may omit the __tls_get_addr call
as a TLS optimization.
llvm-svn: 244054
Summary: Simple test case to verify that an instance of a derived class with virtual base is properly poisoned
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11733
modified test to be more concise, and check the local pointer to the destroyed object
revised test to not examine padding- only explicit object members
llvm-svn: 243913
Summary:
This is consistent with binutils and ASan behavior on other platforms,
and makes it easier to use llvm-symbolizer with WinASan. The
--relative-address flag to llvm-symbolizer is also no longer needed.
An RVA is a "relative virtual address", meaning it is the address of
something inside the image minus the base of the mapping at runtime.
A VA in this context is an RVA plus the "preferred base" of the module,
and not a real runtime address. The real runtime address of a symbol
will equal the VA iff the module is loaded at its preferred base at
runtime.
On Windows, the preferred base is stored in the ImageBase field of one
of the PE file header, and this change adds the necessary code to
extract it. On Linux, this offset is typically included in program and
section headers of executables.
ELF shared objects typically use a preferred base of zero, meaning the
smallest p_vaddr field in the program headers is zero. This makes it so
that PIC and PIE module offsets come out looking like RVAs, but they're
actually VAs. The difference between them simply happens to be zero.
Reviewers: samsonov, majnemer
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11681
llvm-svn: 243895
ld.bfd fails to find dependencies of asan runtime library w/o an
extra -rpath-link pointing to usr/lib under the sysroot. Gold does
not have this problem.
llvm-svn: 243802
Summary:
This test is working on other platforms.
Reviewers: samsonov, emaste
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D10415
llvm-svn: 243771
Negative numbers were handled properly initially, but got broken
during addressing review, so none of them did actually work. Issues:
* Wrong negation.
* Wrong exponent calculation.
llvm-svn: 243746
This patch enable DFSan for AArch64 (39-bit VMA). All tests are passing
but:
* test/dfsan/custom.cc
Due an invalid access in dl_iterate_phdr instrumentation (commenting out
this function make the testcase to pass). The test is XFAIL for aarch64
for now.
llvm-svn: 243688
Summary: Verify that running in optimized mode while checking for use-after-dtor errors, does not generate tail call invocation of destructor. This avoids possible error where stack frame for the destructor is eliminated, making tracking down the errors more difficult.
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11614
simplified test cases
updated line numbering on test
renamed test
llvm-svn: 243675
Clang will not define __i686__, even when the target triple is i686,
without -march=i686.
With this patch, the compiler-rt build will successfully detect that
Clang can target i686.
The open_memstream.cc test is a little funny. Before my patch, it
was invoked with "-m32 -m64". To make it work after my -march
change, I had to add '-march=x86-64'.
Differential Revision: http://reviews.llvm.org/D11618
llvm-svn: 243604
Rename getBinaryBasename() to getProcessName() and, on Linux,
read it from /proc/self/cmdline instead of /proc/self/exe. The former
can be modified by the process. The main motivation is Android, where
application processes re-write cmdline to a package name. This lets
us setup per-application ASAN_OPTIONS through include=/some/path/%b.
llvm-svn: 243473
This sets the default ASan flags to abort_on_error=1 on OS X. For unit tests and lit tests we set ASAN_OPTIONS back to abort_on_error=0 before running the tests (to avoid crashing). I added two tests that intentionally don't respect the default ASAN_OPTIONS to test the behavior of an empty ASAN_OPTIONS (on OS X we should crash, on Linux we should exit()).
Differential Revision: http://reviews.llvm.org/D7203
llvm-svn: 243418
We currently version `__asan_init` and when the ABI version doesn't match, the linker gives a `undefined reference to '__asan_init_v5'` message. From this, it might not be obvious that it's actually a version mismatch error. This patch makes the error message much clearer by changing the name of the undefined symbol to be `__asan_version_mismatch_check_xxx` (followed by the version string). We obviously don't want the initializer to be named like that, so it's a separate symbol that is used only for the purpose of version checking.
Reviewed at http://reviews.llvm.org/D11004
llvm-svn: 243004
Summary:
On Windows, thread injection by the kernel or other running processes is
a fairly common occurrence, so ASan should be resilient to it. The
comments on GetCurrentThread() say that it can return null, so we
shouldn't be CHECK failing if it does.
Sending control-C is one way to get the kernel to inject a thread into
your process, so I wrote a test around it.
Reviewers: llvm-commits
Subscribers: samsonov
Differential Revision: http://reviews.llvm.org/D11426
llvm-svn: 242948
include_if_exists=/path/to/sanitizer/options reads flags from the
file if it is present. "%b" in the include file path (for both
variants of the flag) is replaced with the basename of the main
executable.
llvm-svn: 242853
According to man freopen, passing NULL instead of a filename is valid, however the current implementation of the interceptor assumes this parameter is non-NULL. Let's fix that and add a test case.
Differential Revision: http://reviews.llvm.org/D11389
llvm-svn: 242787
signal_segv_handler.cc occasionally fails due to a suspected kernel bug.
Increasing the mapped region size seems to make the test pass reliably.
llvm-svn: 242647
For open_memstream() files, buffer pointer is only valid immediately after
fflush() or fclose(). Fix the fclose() interceptor to unpoison after the
REAL(fclose) call, not before it.
llvm-svn: 242535
When the file is initialized, this patch checks whether the path
specifies a directory. If so, it creates the directory tree before
truncating the file.
Use default.profdata instead of pgo-data for default indexed profile name.
llvm-svn: 241824
Specifically:
- Start using %expect_crash.
- Provide an implementation of __ubsan::getDynamicTypeInfoFromVtable
for the Microsoft C++ ABI. This is all that is needed for CFI
diagnostics; UBSan's -fsanitize=vptr also requires an implementation of
__ubsan::checkDynamicType.
- Build the sanitizer runtimes against the release version of the C
runtime, even in debug builds.
- Accommodate demangling differences in tests.
Differential Revision: http://reviews.llvm.org/D11029
llvm-svn: 241745
Since http://reviews.llvm.org/D10294, ASan test cases now respect default env. options via `ASAN_OPTION=$ASAN_OPTIONS:additional_options=xxx`. This patch adds this to a few test cases where it's still missing.
Differential Revision: http://reviews.llvm.org/D10988
llvm-svn: 241571
On OS X 10.11 (which is currently a public beta), the dynamic linker has been improved so that it doesn't require the use of DYLD_INSERT_LIBRARIES in order for interposition/wrappers to work. This patch adds support of this behavior into ASan – we no longer need to re-exec in case the env. variable is not set.
Reviewed at http://reviews.llvm.org/D10924
llvm-svn: 241487
On OS X, when the main instrumented binary contains a custom section with zero length, ASan will crash (assert failure) early in the initialization.
Reviewed at http://reviews.llvm.org/D10944
llvm-svn: 241474
Specifically:
- Disable int128 tests on Windows, as MSVC cl.exe does not support
int128, so we might not have been able to build the runtime
with int128 support.
- XFAIL the vptr tests as we lack Microsoft ABI support.
- XFAIL enum.cpp as UBSan fails to add the correct instrumentation code
for some reason.
- Modify certain tests that build executables multiple times to use
unique names for each executable. This works around a race condition
observed on Windows.
- Implement IsAccessibleMemoryRange for Windows to fix the last
misaligned.cpp test.
- Introduce a substitution for testing crashes on Windows using
KillTheDoctor.
Differential Revision: http://reviews.llvm.org/D10864
llvm-svn: 241303
POSIX states that "It shall be safe to destroy an initialized condition
variable upon which no threads are currently blocked", and later clarifies
"A condition variable can be destroyed immediately after all the threads
that are blocked on it are awakened) (in examples section). Tsan reported
such destruction as a data race.
Fixes https://llvm.org/bugs/show_bug.cgi?id=23616
Reviewed in http://reviews.llvm.org/D10693
llvm-svn: 241082
The test simulates a sandbox that prevents the program from calling readlink().
ASan is supposed to still be able to print the executable name regardless of that.
llvm-svn: 241072
struct sigaction was not initialized. As the result if SA_RESETHAND is set in sa_flags, then the handler is reset after first invocation leading to crash.
Initialize struct sigaction to zero.
Reviewed in http://reviews.llvm.org/D10803
llvm-svn: 240965
The new suppression type is called "race_top" and is matched only against top frame in report stacks.
This is required for situations when we want to suppress a race in a "thread pool" or "event loop" implementation.
If we simply use "race:ThreadPool::Execute" suppression, that can suppress everything in the program.
Reviewed in http://reviews.llvm.org/D10686
llvm-svn: 240949
We were unsetting DYLD_ROOT_PATH before calling atos on Darwin in order to
address it not working for symbolicating 32 bit binaries. (atos essentiall
tries to respawn as a 32 bit binary and it's disallowed to respawn if
DYLD_ROOT_PATH is set ... ) However, processes rely on having DYLD_ROOT_PATH
set under certain conditions, so this is not the right fix. In particular, this
always crashes when running ASanified process under the debugger in Xcode with
iOS simulator, which is a very important workflow for us to support.
This patch reverts the unsetting of the DYLD_ROOT_PATH. The correct fix to the
misbehavior on 32-bit binaries should happen inside atos.
http://reviews.llvm.org/D10722
llvm-svn: 240724
Previously tsan modelled dup2(oldfd, newfd) as write on newfd.
We hit several cases where the write lead to false positives:
1. Some software dups a closed pipe in place of a socket before closing
the socket (to prevent races actually).
2. Some daemons dup /dev/null in place of stdin/stdout.
On the other hand we have not seen cases when write here catches real bugs.
So model dup2 as read on newfd instead.
llvm-svn: 240687
Summary:
This patch adds basic memory sanitizer support for PPC64. PR23219.
I have further patches ready to enable it in LLVM and Clang, and to fix
most of the many failing tests in check-msan.
Reviewers: kcc, willschm, samsonov, wschmidt, eugenis
Reviewed By: eugenis
Subscribers: wschmidt, llvm-commits
Differential Revision: http://reviews.llvm.org/D10648
llvm-svn: 240623
Summary:
This patch implements step 1 from
https://llvm.org/bugs/show_bug.cgi?id=23539#c10
I'd appreciate if you could test it on Mac OS and verify that parts of UBSan
runtime that reference C++ ABI symbols are properly excluded, and fix ASan/UBSan
builds.
Test Plan: regression test suite
Reviewers: thakis, hans
Subscribers: llvm-commits, zaks.anna, kubabrecka
Differential Revision: http://reviews.llvm.org/D10621
llvm-svn: 240617
Chris Bieneman