Commit Graph

94 Commits

Author SHA1 Message Date
Evgeniy Stepanov 443c034391 [sanitizer] Decorate /proc/self/maps better.
Summary:
Refactor the way /proc/self/maps entries are annotated to support most
(all?) posix platforms, with a special implementation for Android.
Extend the set of decorated Mmap* calls.

Replace shm_open with internal_open("/dev/shm/%s"). Shm_open is
problematic because it calls libc open() which may be intercepted.

Generic implementation has limits (max number of files under /dev/shm is
64K on my machine), which can be conceivably reached when sanitizing
multiple programs at once. Android implemenation is essentially free, and
enabled by default.

The test in sanitizer_common is copied to hwasan and not reused directly
because hwasan fails way too many common tests at the moment.

Reviewers: pcc, vitalybuka

Subscribers: srhines, kubamracek, jfb, llvm-commits, kcc

Differential Revision: https://reviews.llvm.org/D57720

llvm-svn: 353255
2019-02-06 01:14:50 +00:00
Chandler Carruth 2946cd7010 Update the file headers across all of the LLVM projects in the monorepo
to reflect the new license.

We understand that people may be surprised that we're moving the header
entirely to discuss the new license. We checked this carefully with the
Foundation's lawyer and we believe this is the correct approach.

Essentially, all code in the project is now made available by the LLVM
project under our new license, so you will see that the license headers
include that license only. Some of our contributors have contributed
code under our old license, and accordingly, we have retained a copy of
our old license notice in the top-level files in each project and
repository.

llvm-svn: 351636
2019-01-19 08:50:56 +00:00
Evgeniy Stepanov e1caa4ac72 [asan] Support running without /proc
Summary:
This patch lets ASan run when /proc is not accessible (ex. not mounted
yet). It includes a special test-only flag that emulates this condition
in an unpriviledged process.

This only matters on Linux, where /proc is necessary to enumerate
virtual memory mappings.

Reviewers: vitalybuka, pcc, krytarowski

Subscribers: kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D56141

llvm-svn: 350590
2019-01-08 01:07:34 +00:00
Evgeniy Stepanov 3408b497f9 Revert "[asan] Support running without /proc.", +1
Revert r350104 "[asan] Fix build on windows."
Revert r350101 "[asan] Support running without /proc."

These changes break Mac build, too.

llvm-svn: 350112
2018-12-28 01:27:18 +00:00
Evgeniy Stepanov d9df65fd0d [asan] Support running without /proc.
Summary:
This patch lets ASan run when /proc is not accessible (ex. not mounted
yet). It includes a special test-only flag that emulates this condition
in an unpriviledged process.

This only matters on Linux, where /proc is necessary to enumerate
virtual memory mappings.

Reviewers: pcc, vitalybuka

Subscribers: kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D55874

llvm-svn: 350101
2018-12-27 21:31:52 +00:00
Dmitry Vyukov 2ba80d6df6 tsan: align default value of detect_deadlocks flag with actual behavior
I tricked myself into thinking that deadlock detection is off by default in TSan by looking at the default value of the detect_deadlocks flag and outdated docs. (Created a pull request to update docs.)
I even managed to confuse others: https://groups.google.com/forum/#!topic/thread-sanitizer/xYvnAYwtoDk

However, the default value is overwritten in code (TSan_flags.cc:InitializeFlags). The TSan/deadlock tests also rely on this

This changes aligns the default value of the flag with the actual default behavior.

Author: yln (Julian Lettner)
Reviewed in: https://reviews.llvm.org/D55846

llvm-svn: 349609
2018-12-19 09:34:13 +00:00
Douglas Yung 20fa3d2504 Silence a -Wconstant-logical-operand warning.
llvm-svn: 334214
2018-06-07 18:51:47 +00:00
Vitaly Buka 8980449bb6 Mmap interceptor new option, Write Exec runtime detector
Summary:
Following-up the refactoring of mmap interceptors, adding a new common
option to detect PROT_WRITE|PROT_EXEC pages request.

Patch by David CARLIER

Reviewers: vitalybuka, vsk

Reviewed By: vitalybuka

Subscribers: krytarowski, #sanitizers

Differential Revision: https://reviews.llvm.org/D44194

llvm-svn: 328151
2018-03-21 21:25:07 +00:00
Vitaly Buka ec6327bab8 Revert "Mmap interceptor new option, Write Exec runtime detector"
Breaks Android bot.

This reverts commit r327747.

llvm-svn: 327762
2018-03-17 00:31:41 +00:00
Vitaly Buka d2aca7bf89 Mmap interceptor new option, Write Exec runtime detector
Summary: Following-up the refactoring of mmap interceptors, adding a new common option to detect PROT_WRITE|PROT_EXEC pages request.

Patch by David CARLIER

Reviewers: vitalybuka, vsk

Reviewed By: vitalybuka

Subscribers: krytarowski, #sanitizers

Differential Revision: https://reviews.llvm.org/D44194

llvm-svn: 327747
2018-03-16 21:25:09 +00:00
Jonas Devlieghere bf0ed8e9b8 Revert "Mmap interceptor new option, Write Exec runtime detector"
This reverts r327696 because it is failing on GreenDragon.

  http://green.lab.llvm.org/green/job/clang-stage1-configure-RA/43605/
  http://green.lab.llvm.org/green/job/clang-stage1-cmake-RA-expensive/10957/

llvm-svn: 327719
2018-03-16 15:34:09 +00:00
Vitaly Buka 21f1b69862 Mmap interceptor new option, Write Exec runtime detector
Summary: Following-up the refactoring of mmap interceptors, adding a new common option to detect PROT_WRITE|PROT_EXEC pages request.

Patch by David CARLIER

Reviewers: vitalybuka, vsk

Reviewed By: vitalybuka

Subscribers: krytarowski, #sanitizers

Differential Revision: https://reviews.llvm.org/D44194

llvm-svn: 327696
2018-03-16 08:22:18 +00:00
Evgeniy Stepanov 43271b1803 [hwasan] Fix inline instrumentation.
This patch changes hwasan inline instrumentation:

Fixes address untagging for shadow address calculation (use 0xFF instead of 0x00 for the top byte).
Emits brk instruction instead of hlt for the kernel and user space.
Use 0x900 instead of 0x100 for brk immediate (0x100 - 0x800 are unavailable in the kernel).
Fixes and adds appropriate tests.

Patch by Andrey Konovalov.

Differential Revision: https://reviews.llvm.org/D43135

llvm-svn: 325711
2018-02-21 19:52:23 +00:00
Kostya Kortchinsky 298f224194 [sanitizer] Implement NanoTime & MonotonicNanoTime for Windows
Summary:
Implement `MonotonicNanoTime` using `QueryPerformanceCounter`.

This function is used by Scudo & the 64-bit Primary allocator. Implementing it
now means that the release-to-OS mechanism of the Primary will kick in (it
never did since the function returned 0 always), but `ReleaseMemoryPagesToOS` is
still not currently implemented for Windows.

Performance wise, this adds a syscall & a 64-bit division per call to
`MonotonicNanoTime` so the impact might not be negligible, but I don't think
there is a way around it.

Reviewers: rnk, alekseyshl, amccarth

Reviewed By: alekseyshl, amccarth

Subscribers: amccarth, flowerhack, kubamracek, delcypher, llvm-commits, #sanitizers

Differential Revision: https://reviews.llvm.org/D42579

llvm-svn: 324011
2018-02-01 21:38:14 +00:00
Kuba Mracek ceea5466eb [sanitizer] Add 'strip_env' flag to enable/disable removing sanitizer dylib from DYLD_INSERT_LIBRARIES
On macOS, we usually don't require launching the target with DYLD_INSERT_LIBRARIES anymore. However, it is still necessary when running a target that is not instrumented (and e.g. dlopen's an instrument library later). In any case, ASan and TSan currently remove themselves from the DYLD_INSERT_LIBRARIES environment variable to avoid passing it onto children. This works well e.g. when instrumenting a shell. A problem arises when the target is a non-instrumented shim (e.g. "xcrun") that either re-execs or launches a child that is supposed to get DYLD_INSERT_LIBRARIES propagated. To support this mode, this patch introduces 'strip_env' flag that can be used to keep DYLD_INSERT_LIBRARIES untouched.

Differential Revision: https://reviews.llvm.org/D39991

llvm-svn: 319365
2017-11-29 21:42:48 +00:00
Alex Shlyapnikov 9b4e32785a [Sanitizers] Set default allocator_release_to_os_interval_ms to 5 seconds
Summary:
With new release to OS approach (see D38245) it's reasonable to enable
it by default. Setting allocator_release_to_os_interval_ms to 5000 seems
to be a reasonable default (might be tuned later, based on the
feedback).

Also delaying the first release to OS in each bucket for at least
allocator_release_to_os_interval_ms after the first allocation to
prevent just allocated memory to be madvised back to OS and let short
lived processes to avoid release to OS overhead altogether.

Reviewers: cryptoad

Subscribers: kubamracek, llvm-commits, mehdi_amini

Differential Revision: https://reviews.llvm.org/D39318

llvm-svn: 316683
2017-10-26 17:59:24 +00:00
Vitaly Buka ecc44ecdbc [compiler-rt] Move dump_instruction_bytes and dump_registers into sanitizer_common
Summary: Part of https://github.com/google/sanitizers/issues/637

Reviewers: eugenis, alekseyshl

Subscribers: kubamracek, llvm-commits, dberris

Differential Revision: https://reviews.llvm.org/D37766

llvm-svn: 313117
2017-09-13 06:24:59 +00:00
Vitaly Buka 4a2cc96f1f [asan] Fix typo in doc string.
llvm-svn: 305436
2017-06-15 00:31:59 +00:00
Vitaly Buka 7901b47094 [asan] Return allow_user_segv_handler=0 to fix compatibility issues.
Summary:
After r303941 it was not possible to setup ASAN_OPTIONS to have the same
behavior for pre r303941 and post r303941 builds.
Pre r303941 Asan does not accept handle_sigbus=2.
Post r303941 Asan does not accept allow_user_segv_handler.

This fix ignores allow_user_segv_handler=1, but for allow_user_segv_handler=0
it will upgrade flags like handle_sigbus=1 to handle_sigbus=2. So user can set
ASAN_OPTIONS=allow_user_segv_handler=0 and have same behavior on old and new
clang builds (except range from r303941 to this revision).

In future users which need to prevent third party handlers should switch to
handle_sigbus=2 and remove allow_user_segv_handler as soon as suport of older
builds is not needed.

Related bugs:
  https://github.com/google/oss-fuzz/issues/675
  https://bugs.chromium.org/p/chromium/issues/detail?id=731130

Reviewers: eugenis

Subscribers: llvm-commits, kubamracek

Differential Revision: https://reviews.llvm.org/D34227

llvm-svn: 305433
2017-06-15 00:19:13 +00:00
Kostya Serebryany 124c2ae4fa [sanitizer-coverage] nuke more stale code
llvm-svn: 304508
2017-06-02 01:17:04 +00:00
Pierre Gousseau 183d1368f3 [asan] Add strndup/__strndup interceptors.
Recommit of r302781 with Vitaly Buka's fix for non zero terminated strings.

Differential Revision: https://reviews.llvm.org/D31457

llvm-svn: 304399
2017-06-01 09:37:22 +00:00
Vitaly Buka a05da1fca9 [compiler-rt] Replace allow_user_segv_handler=0 with kHandleSignalExclusive
Summary:
allow_user_segv_handler had confusing name did not allow to control behavior for
signals separately.

Reviewers: eugenis, alekseyshl, kcc

Subscribers: llvm-commits, dberris, kubamracek

Differential Revision: https://reviews.llvm.org/D33371

llvm-svn: 303941
2017-05-25 23:42:33 +00:00
Vitaly Buka 40d54d408b [compiler-rt] Make print_module_map description consistent with the rest.
Reviewers: eugenis

Subscribers: llvm-commits, kubamracek

Differential Revision: https://reviews.llvm.org/D33160

llvm-svn: 303892
2017-05-25 18:07:48 +00:00
Vitaly Buka 4974f108ac [compiler-rt] Change default of allow_user_segv_handler to true
Reviewers: eugenis

Subscribers: srhines, kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D32443

llvm-svn: 303842
2017-05-25 06:29:30 +00:00
Vitaly Buka 62882c93c8 Revert "[compiler-rt] Change default of allow_user_segv_handler to true"
Breaks sanitizer-x86_64-linux-fuzzer bot.

This reverts commit r303729.

llvm-svn: 303795
2017-05-24 19:09:24 +00:00
Vitaly Buka 354439a5a1 [compiler-rt] Change default of allow_user_segv_handler to true
Reviewers: eugenis

Subscribers: srhines, kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D32443

llvm-svn: 303729
2017-05-24 07:21:39 +00:00
Vitaly Buka 4eff87c36d Revert "[compiler-rt] Change default of allow_user_segv_handler to true"
Failed libFuzzer tests on Windows.

This reverts commit r303476.

llvm-svn: 303481
2017-05-20 02:09:25 +00:00
Vitaly Buka 99534e8040 [compiler-rt] Change default of allow_user_segv_handler to true
Reviewers: eugenis

Subscribers: srhines, kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D32443

llvm-svn: 303476
2017-05-20 01:04:59 +00:00
Vitaly Buka 8018780d39 [compiler-rt] Switch handle_<signal> flags from bool to enum.
Summary: We are going to make it tri-state and remove allow_user_segv_handler.

Reviewers: eugenis, alekseys, kcc

Subscribers: kubamracek, dberris, llvm-commits

Differential Revision: https://reviews.llvm.org/D33159

llvm-svn: 303464
2017-05-19 22:37:16 +00:00
Daniel Jasper f97310fb7a Revert r302781 and subsequent attempts to disable part of it.
The Msan unit tests are still broken and by this point, I think we
should start over.

llvm-svn: 303339
2017-05-18 09:31:37 +00:00
Pierre Gousseau 0550581070 [asan] Recommit of r301904: Add strndup/__strndup interceptors
Fix undeclared __interceptor_malloc in esan_interceptors.cc
Fix undeclared strnlen on OSX

Differential Revision: https://reviews.llvm.org/D31457

llvm-svn: 302781
2017-05-11 08:53:24 +00:00
Pierre Gousseau 1c5550671d Revert r301904 causing tsan test failure in x86_64-linux-autoconf
llvm-svn: 301909
2017-05-02 10:22:05 +00:00
Pierre Gousseau b7101479a8 [asan] Add strndup/__strndup interceptors if targeting linux.
Differential Revision: https://reviews.llvm.org/D31457

llvm-svn: 301904
2017-05-02 09:01:02 +00:00
Kostya Serebryany 60cff50b27 [sanitizer-coverage] remove more stale code
llvm-svn: 301845
2017-05-01 22:07:12 +00:00
Francis Ricci 4cce35f0ce Enable builds of darwin lsan by default
Summary: Testing and asan leak detection are disabled by default.

Reviewers: kubamracek, kcc

Subscribers: srhines, llvm-commits, mgorny

Differential Revision: https://reviews.llvm.org/D31307

llvm-svn: 299669
2017-04-06 17:41:26 +00:00
Francis Ricci 2aa23e892c Enable leak detection on linux-i686 by default
Summary:
This is already assumed by the test suite, and by
asan_flags.cc.

Reviewers: m.ostapenko, vitalybuka, kubamracek, kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D31462

llvm-svn: 299082
2017-03-30 14:05:46 +00:00
Alex Shlyapnikov 4ab77b9f28 [asan] Add an interceptor for strtok
Summary:
This change addresses https://github.com/google/sanitizers/issues/766. I
tested the change with make check-asan and the newly added test case.

Reviewers: ygribov, kcc, alekseyshl

Subscribers: kubamracek, llvm-commits

Patch by mrigger

Differential Revision: https://reviews.llvm.org/D30384

llvm-svn: 298650
2017-03-23 21:39:52 +00:00
Filipe Cabecinhas f7c7c11312 [asan] Split SIGSEGV / SIGBUS handling so we can handle only one of them and not the other.
Summary: This is useful in some platforms where one of these signals is special.

Reviewers: kubamracek, kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D30783

llvm-svn: 297665
2017-03-13 21:06:41 +00:00
Maxim Ostapenko 651cfe3cfa [lsan] Renable LSan for x86 Linux
The missed clang part was committed at https://reviews.llvm.org/rL293609 thus
we can reenable LSan for x86 Linux.

Differential Revision: https://reviews.llvm.org/D28609

llvm-svn: 293610
2017-01-31 07:15:37 +00:00
Evgeniy Stepanov 0f550c8176 Revert "[lsan] Enable LSan for x86 Linux."
Breaks tests on i686/Linux due to missing clang driver support:
  error: unsupported option '-fsanitize=leak' for target 'i386-unknown-linux-gnu'

llvm-svn: 292844
2017-01-23 22:52:31 +00:00
Maxim Ostapenko 2523faf677 [lsan] Enable LSan for x86 Linux.
People keep asking LSan to be available on 32 bit targets (e.g. https://github.com/google/sanitizers/issues/403)
despite the fact that false negative ratio might be huge (up to 85%). This happens for big real world applications
that may contain random binary data (e.g. browser), but for smaller apps situation is not so terrible and LSan still might be useful.
This patch adds initial support for x86 Linux (disabled by default), ARM32 is in TODO list.
We used this patch (well, ported to GCC) on our 32 bit mobile emulators and it worked pretty fine
thus I'm posting it here to initiate further discussion.

Differential Revision: https://reviews.llvm.org/D28609

llvm-svn: 292775
2017-01-23 08:45:17 +00:00
Kuba Mracek b6c6eaf226 [sanitizer] Add a 'print_module_map' flag which prints modules with UUIDs on Darwin
This patch add a new sanitizer flag, print_module_map, which enables printing a module map when the process exits, or after each report (for TSan). The output format is very similar to what Crash Reporter produces on Darwin (e.g. the format of module UUIDs). This enables users to use the existing symbol servers to offline symbolicate and aggregate reports.

Differential Revision: https://reviews.llvm.org/D27400

llvm-svn: 291277
2017-01-06 20:57:47 +00:00
Evgeniy Stepanov d3305afc75 Return memory to OS right after free (not in the async thread).
Summary:
In order to avoid starting a separate thread to return unused memory to
the system (the thread interferes with process startup on Android,
Zygota waits for all threads to exit before fork, but this thread never
exits), try to return it right after free.

Reviewers: eugenis

Subscribers: cryptoad, filcab, danalbert, kubabrecka, llvm-commits

Patch by Aleksey Shlyapnikov.

Differential Revision: https://reviews.llvm.org/D27003

llvm-svn: 288091
2016-11-29 00:22:50 +00:00
Dmitry Vyukov 8ee6f0c30f tsan: set disable_coredump=0 by default for Go
Go maps shadow memory lazily, so we don't have the huge multi-TB mapping.
Virtual memory consumption is proportional to normal memory usage.
Also in Go core dumps are enabled explicitly with GOTRACEBACK=crash,
if user explicitly requests a core that must be on purpose.

So don't disable core dumps by default.

llvm-svn: 285451
2016-10-28 20:52:22 +00:00
Dmitry Vyukov a2a677c542 sanitizer_common: fix description of disable_coredump flag
s/disable_core/disable_coredump/
Add missing space in text.

llvm-svn: 285401
2016-10-28 14:25:51 +00:00
Kostya Serebryany 7b296aa567 [asan] add heap_profile=1 to asan to periodically print the heap profile. So far this is a very basic heap-profile functionality
llvm-svn: 281546
2016-09-14 22:00:58 +00:00
Kostya Serebryany b72479b84a [asan] first attempt at releasing free-d memory back to the system using madvise. Requires quite some tuning.
llvm-svn: 279887
2016-08-26 23:58:42 +00:00
Evgeniy Stepanov 851378831e [asan] abort_on_error=1 by default on Android.
With this change, the default behavior on error is to call abort()
instead of _exit(). This should help the OS to capture a tombstone of
the error.

RAM usage of the lit test suite goes up because of all the tombstone
gathering, so I'm limiting the parallelism of the test target.
Previously it was based on the number of the CPUs on the host
machine, which is definitely wrong.

llvm-svn: 278308
2016-08-11 00:26:29 +00:00
Mike Aizatsky 04897dcc3d [sanitizers] trace buffer API to use user-allocated buffer.
Subscribers: kubabrecka

Differential Revision: https://reviews.llvm.org/D23186

llvm-svn: 277858
2016-08-05 20:09:42 +00:00
Reid Kleckner 222610bf10 [ASan] Report illegal instruction exceptions in ASan
Summary:
Respect the handle_sigill common flag and handle_segv flags while we're
at it.

We still handle signals/exceptions differently on Unix and Windows. The
installation process is tricky on Windows, and difficult to push down
into sanitizer_common without concerning it with the different
static/dynamic CRT models on Windows.

Reviewers: kcc, etienneb

Subscribers: llvm-commits, kubabrecka

Differential Revision: https://reviews.llvm.org/D23098

llvm-svn: 277621
2016-08-03 18:13:14 +00:00