Summary:
dlopen(NULL, ...) is intended to give you back a handle to the
executable for use with dlsym. Casting it to link_map and using it with
ForEachMappedRegion results in a crash.
We also shouldn't unpoison the globals of a DSO that is already in
memory. This ensures that we don't do it for the executable, but in
general, MSan may have false negatives if the DSO is already loaded.
Reviewers: eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14795
llvm-svn: 253530
1. Added missing public API decl in InstrProfiling.h
2. Clang formatting fix
3. Added more comments for new VP code
4. refactor the VP allocation code to make it more readable.
llvm-svn: 253508
This change adds extends the data structures and adds in the routines
for handling runtime calls for value profiling. The profile data format
is modified and the version number is incremented.
llvm-svn: 253483
Symbolizers can call malloc/realloc/free/..., which we don't want to intercept. This is already implemented on Linux, let's do it for OS X as well.
Differential Revision: http://reviews.llvm.org/D14710
llvm-svn: 253460
This patch adds assembly routines to enable setjmp/longjmp for aarch64
on linux. It fixes:
* test/tsan/longjmp2.cc
* test/tsan/longjmp3.cc
* test/tsan/longjmp4.cc
* test/tsan/signal_longjmp.cc
I also checked with perlbench from specpu2006 (it fails to run
with missing setjmp/longjmp intrumentation).
llvm-svn: 253205
- This is to handle a corner case where profile lib is linked
in but non of the modules are instrumented (On linux, since
we avoided the overhead to emit runtime hook use functions so
this is the side effect of that size optimization).
- Added a profile runtime test case to cover all scenarios of
shared library builds.
Differential Revision: http://reviews.llvm.org/D14468
llvm-svn: 253098
I noticed that when a symbol is named just "x", it gets demangled to "long long". On POSIX, AFAIK, mangled names always start with "_Z", so lets just require that.
Differential Revision: http://reviews.llvm.org/D14637
llvm-svn: 253080
Currently, we crash on finalization of detached threads, because we'll try to clear the ThreadState twice.
Differential Revision: http://reviews.llvm.org/D14644
llvm-svn: 253079
On OS X, memcpy and memmove are actually aliases of the same function, so the memmove interceptor can be invoked on a call to memcpy. This patch updates the tests to expect either memmove or memcpy on a stack trace.
Differential Revision: http://reviews.llvm.org/D14638
llvm-svn: 253077
The OS X symbolizers (namely AtosSymbolizer) don't return full file paths, only file names. This patch modifies `mutexset*.cc` tests not to require a path to be present in the symbol on the stack trace.
Differential Revision: http://reviews.llvm.org/D14642
llvm-svn: 253075
Turns out that there are some checks in the backend that change code generation for armv7 if you are building against an iOS sys root. For the macho_embedded builtins we really don't want that.
llvm-svn: 253064
This patch adds support for symbolication of globals (implements `SymbolizeData`) for `AtosSymbolizer` on OS X.
Differential Revision: http://reviews.llvm.org/D14618
llvm-svn: 253015
We need to add -fPIC to the flags for the builtins in case PIC was turned off at a higher level. We also want to set ENABLE_PIC to Off when building the macho_embedded builtins so the top-level settings don't impact that build.
llvm-svn: 252966
Go build does not link in whatever library provides these symbols:
# runtime/race
race_windows_amd64.syso:gotsan.cc:(.text+0x578f): undefined reference to `__sanitizer::DumpProcessMap()'
race_windows_amd64.syso:gotsan.cc:(.text+0xee33): undefined reference to `EnumProcessModules'
race_windows_amd64.syso:gotsan.cc:(.text+0xeeb9): undefined reference to `GetModuleInformation'
llvm-svn: 252922
`DlAddrSymbolizer` is used on OS X when we're running inside a sandbox that prevents us from spawning an external symbolizer. This patch adds support for symbolication of globals (implements `SymbolizeData`) for `DlAddrSymbolizer`.
Differential Revision: http://reviews.llvm.org/D14613
llvm-svn: 252899
The default symbolizer, `llvm-symbolizer` provides sizes for global symbols. On OS X, we want to also allow using `atos` (because it's available everywhere and users don't need to copy/install it) and `dladdr` (it's the only available option when running in a sandbox). However, these symbolizers do not supply the symbol sizes, only names and starting addresses. This patch changes the reporting functions to hide the size of the symbol when this value is unavailable, and modifies tests to make this part of the report "optional".
Differential Revision: http://reviews.llvm.org/D14608
llvm-svn: 252896
This seems to be dead code – `system_malloc_zone` is initialized as null and we never assign to it. This code is apparently currently never executed (in ASan), but is causes trouble for the TSan OS X port. Let's replace the checks with `COMMON_MALLOC_ENTER` (`ENSURE_ASAN_INITED()`).
Differential Revision: http://reviews.llvm.org/D14334
llvm-svn: 252876
The TSan unit test build currently fails if we're also building the iOS parts of compiler-rt, because `TSAN_SUPPORTED_ARCH` contains ARM64. For unit tests, we need to filter this only to host architecture(s).
Differential Revision: http://reviews.llvm.org/D14604
llvm-svn: 252873
Setting CMAKE_*_FLAGS isn't sufficient here because CMAKE_*_FLAGS_${CMAKE_BUILD_TYPE} can override the flags, and there is no way to safely clear that because it is a cached variable (<sarcasm> YAY! </sarcasm>).
llvm-svn: 252807
Summary: This is enough to get the asan static_tls.cc test case working.
Reviewers: eugenis, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14574
llvm-svn: 252738
Summary:
On PowerPC64 Linux PTRACE_GETREGS is a #define and PT_GETREGS is not.
On other systems it's the other way round. Extend the #ifs to check for
both PTRACE_* and PT_*.
This fixes test/sanitizer_common/TestCases/Linux/ptrace.cc when msan is
enabled for PowerPC64.
Reviewers: zatrazz, kcc, eugenis, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14564
llvm-svn: 252730
Atomic RMW is not necessary in InitializeGuardArray.
It is supposed to run when no user code runs.
And if user code runs concurrently, then the atomic
RMW won't help anyway. So replace it with non-atomic RMW.
InitializeGuardArray takes more than 50% of time during re2 fuzzing:
real 0m47.215s
51.56% a.out a.out [.] __sanitizer_reset_coverage
6.68% a.out a.out [.] __sanitizer_cov
3.41% a.out a.out [.] __sanitizer::internal_bzero_aligned16(void*, unsigned long)
1.79% a.out a.out [.] __asan::Allocator::Allocate(unsigned long, unsigned long,
With this change:
real 0m31.661s
26.21% a.out a.out [.] sanitizer_reset_coverage
10.12% a.out a.out [.] sanitizer_cov
5.38% a.out a.out [.] __sanitizer::internal_bzero_aligned16(void*, unsigned long)
2.53% a.out a.out [.] __asan::Allocator::Allocate(unsigned long, unsigned long,
That's 33% speedup.
Reviewed in http://reviews.llvm.org/D14537
llvm-svn: 252715
Summary:
On Darwin, interposed functions are prefixed with "wrap_". On Linux,
they are prefixed with "__interceptor_".
Reviewers: dvyukov, samsonov, glider, kcc, kubabrecka
Subscribers: zaks.anna, llvm-commits
Differential Revision: http://reviews.llvm.org/D14512
llvm-svn: 252695
Summary:
First batch of sancov.py rewrite in C++.
Supports "-print" and "-covered_functions" commands.
Differential Revision: http://reviews.llvm.org/D14356
llvm-svn: 252683
* Setting CMAKE_*_FLAGS_${BUILD_TYPE} isn't really needed since we're setting the same value everywhere
* functions sanitize variables differently from macros, darwin_add_embedded_builtin_libraries should be a macro otherwise it won't alter the variables.
llvm-svn: 252618
Runtime code implicitly depends on the defintions and const
values defined in LLVM proper, but currently such dependency
is made implicitly by duplicating code across two dirs. As
part of the PGO cleanup effort, there will be changes to share
common sources. This is a preparation patch to enable it (NFC).
Differential Revision: http://reviews.llvm.org/D14487
llvm-svn: 252570
This commit reverts r252525. I was not really thinking about this fix properly. This doesn't work because it relys on try_compile checks which do a full compile & link. I'm going to put in a temporary solution as an interm step until we have a way to perform compiler checks without linking.
llvm-svn: 252569
Not making sure there are thin libraries results in some difficult to diagnose build failures. This check should make those build failures go away.
llvm-svn: 252527
This patch makes ASAN for aarch64 use the same shadow offset for all
currently supported VMAs (39 and 42 bits). The shadow offset is the
same for 39-bit (36).
llvm-svn: 252497
The TSan-instrumented version of libcxx doesn't even build on OS X at this point. Let's skip it from the OS X build for now, since most of TSan functionality doesn't depend on it. This will enable `check-tsan` to be run.
Differential Revision: http://reviews.llvm.org/D14486
llvm-svn: 252455
To make them the same as the common def in InstrProfData.inc.
This is a preparation to make the runtime code to use the
template as well. NFC
llvm-svn: 252421
Several tests currently deadlock when the lit test suite is run on OS X. Let's mark them as unsupported.
Differential Revision: http://reviews.llvm.org/D14443
llvm-svn: 252402
This patch enables running lit tests on OS X:
1) Simply enable tests for Darwin (they were restricted to Linux and FreeBSD).
2) Disable using instrumented libcxx (libcxx_tsan) on Darwin.
3) On Darwin, override abort_on_error=0, otherwise all tests would generate crash logs and take much longer to process.
Differential Revision: http://reviews.llvm.org/D14439
llvm-svn: 252309
The current implementation does not work on darwin and can have issues with other OSes in future.
See http://reviews.llvm.org/D14427
Make it portable once and for all (minus usleep call).
Reviewed in:
http://reviews.llvm.org/D14434
llvm-svn: 252292
Summary:
The following tests for 128-bit floating-point type behaved in a strange way, thought it were bugs, but seem to be mistakes in tests:
* `fixtfsi` test checked for `0x80000001` as a value returned for number less than can be represented, while `LONG_MIN` should be returned on saturation;
* `fixunstfdi` wasn't enabled for AArch64, only for PPC, but there is nothing PPC specific in that test;
* `multf3` tried to underflow multiplication by producing result with 16383 exponent, while there are still 112 bits of fraction plus implicit bit, so resultant exponent should be 16497.
Tests for some other builtins didn't exist:
* `fixtfdi`
* `fixtfti`
* `fixunstfti`
They were made by copying similar files and adjusting for wider types and adding/removing some reasonable/extra checks.
Also `__fixuint` seems to have off by one error, updated tests to catch this case.
Reviewers: rengolin, zatrazz, howard.hinnant, t.p.northover, jmolloy, enefaim
Subscribers: aemerson, llvm-commits, rengolin
Differential Revision: http://reviews.llvm.org/D14187
llvm-svn: 252180
Fixing `tsan_interceptors.cc`, which on OS X produces a bunch of warnings about unused constants and functions.
Differential Revision: http://reviews.llvm.org/D14381
llvm-svn: 252165
On OS X, memcpy and memmove are actually aliases of the same implementation, which means the interceptor of memcpy is also invoked when memmove is called. The current implementation of the interceptor uses `internal_memcpy` to perform the actual memory operation, which can produce an incorrect result when memmove semantics are expected. Let's call `internal_memmove` instead.
Differential Revision: http://reviews.llvm.org/D14336
llvm-svn: 252162
A call to memmove is used early during new thread initialization on OS X. This patch uses the `COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED` check, similarly to how we deal with other early-used interceptors.
Differential Revision: http://reviews.llvm.org/D14377
llvm-svn: 252161
TSan has a re-implementation of `pthread_once` in its interceptor, which assumes that the `pthread_once_t *once_control` pointer is actually pointing to a "storage" which is zero-initialized and used for the atomic operations. However, that's not true on OS X, where pthread_once_t is a structure, that contains a header (with a magic value) and the actual storage follows after that. This patch skips the header to make the interceptor work on OS X.
Differential Revision: http://reviews.llvm.org/D14379
llvm-svn: 252160
This implements a "poor man's TLV" to be used for TSan's ThreadState on OS X. Based on the fact that `pthread_self()` is always available and reliable and returns a valid pointer to memory, we'll use the shadow memory of this pointer as a thread-local storage. No user code should ever read/write to this internal libpthread structure, so it's safe to use it for this purpose. We lazily allocate the ThreadState object and store the pointer here.
Differential Revision: http://reviews.llvm.org/D14288
llvm-svn: 252159
TSan needs to use a custom malloc zone on OS X, which is already implemented in ASan. This patch uses the sanitizer_common implementation in `sanitizer_malloc_mac.inc` for TSan as well.
Reviewed at http://reviews.llvm.org/D14330
llvm-svn: 252155
TSan needs to use a custom malloc zone on OS X, which is already implemented in ASan. This patch is a refactoring patch (NFC) that extracts this from ASan into sanitizer_common, where we can reuse it in TSan.
Reviewed at http://reviews.llvm.org/D14330
llvm-svn: 252052
On OS X, GCD worker threads are created without a call to pthread_create. We need to properly register these threads with ThreadCreate and ThreadStart. This patch uses a libpthread API (`pthread_introspection_hook_install`) to get notifications about new threads and about threads that are about to be destroyed.
Differential Revision: http://reviews.llvm.org/D14328
llvm-svn: 252049
Updating the shadow memory initialization in `tsan_platform_mac.cc` to also initialize the meta shadow and to mprotect the memory ranges that need to be avoided.
Differential Revision: http://reviews.llvm.org/D14324
llvm-svn: 252044
On OS X, `memchr` is called on a newly created thread even before `__tsan_thread_start_func` is invoked, which means that the ThreadState object for that thread will not yet be initialized. Let's add `COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED` into the interceptor to simply call `internal_memchr` in these cases.
Differential Revision: http://reviews.llvm.org/D14283
llvm-svn: 251935
Add chkstk/alloca for gcc objects.
Replace or instructions with test, the latter should be marginally more
efficent, as it does not write to memory.
Differential Revision: http://reviews.llvm.org/D14044
Patch by vadimcn
llvm-svn: 251928
This patch moves a few functions from `sanitizer_linux_libcdep.cc` to `sanitizer_posix_libcdep.cc` in order to use them on OS X as well. Plus a few more small build fixes.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
Differential Revision: http://reviews.llvm.org/D14235
llvm-svn: 251918
This patch modifies `tsan_interceptors.cc` to be buildable on OS X. Several of the intercepted methods are not available on OS X, so we need to `#if !SANITIZER_MAC` them. Plus a few other fixes, e.g. `pthread_yield` doesn't exist, let's use `internal_sched_yield` instead.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
Differential Revision: http://reviews.llvm.org/D14237
llvm-svn: 251916
Hi, this patch adds a CMake flag called `COMPILER_RT_ENABLE_TSAN_OSX`, which is off by default. If enabled, the build system will be building the OS X version of the TSan runtime library (called `libclang_rt.tsan_osx_dynamic.dylib`). I'll submit patches that fix OS X build errors shortly.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
llvm-svn: 251915
This reverts commit r250823.
Replacing at least some of empty
constructors with "= default" variants is a semantical change which we
don't want. E.g. __tsan::ClockBlock contains a union of large arrays,
and it's critical for correctness and performance that we don't memset()
these arrays in the constructor.
llvm-svn: 251717
Define WIN32_LEAN_AND_MEAN before including Windows.h. This is already being
done in some places. This does it more broadly. This permits building ASAN on
Linux for Winndows, as well as reduces the amount of included declarations.
llvm-svn: 251649
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
(In addition, add sanitizer_common_libcdep.cc to buildgo.sh to avoid
build failures on Linux.)
llvm-svn: 251577
app_process32, when started via a shell script wrapper, needs a
different security context to satisty SELinux.
Patch by Abhishek Arya.
llvm-svn: 251572
Summary:
I have othen been stuck when I got an ASAN report, but no symbols
are resolved. The reasons might be different, and it always
requires a bit of detective work to track down.
These more verbose error messages will help the users like me.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14135
llvm-svn: 251553
It was recently enabled for non-x86 targets and doesn't seem to work for MIPS.
The reason is currently unclear so XFAILing while I investigate.
llvm-svn: 251466
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
llvm-svn: 251447
This will tag all mmapped memory sanitizers use with "Performance tool data"
when viewed in vmmap. (Even though sanitizers are not performance tools, it's
the best available match and better than having the unidentified objects.)
http://reviews.llvm.org/D13609
llvm-svn: 251445
We've switched to Gold earlier because of a minor misconfiguration
of the BFD linker in Android NDK. It turns out, Gold has much bigger
problems:
https://sourceware.org/bugzilla/show_bug.cgi?id=19163
(a bug is actually in the android runtime loader, but it means that
gold does not work with android L and even M).
Switching back to BFD and adding a workaround by explicitly linking
libm to all tests.
llvm-svn: 251360
Asanwrapper is required on older android versions to work around undesired
linker behavior. It is not required on L and newer, and does not fully
support multiarch devices.
llvm-svn: 251359
This patch fixes the ptrace interceptor for aarch64. The PTRACE_GETREGSET
ptrace syscall with with invalid memory might zero the iovec::iov_base
field and then masking the subsequent check after the syscall (since it
will be 0 and it will not trigger an invalid access). The fix is to copy
the value on a local variable and use its value on the checks.
The patch also adds more coverage on the Linux/ptrace.cc testcase by addding
check for PTRACE_GETREGSET for both general and floating registers (aarch64
definitions added only).
llvm-svn: 251331
This patch enables the ptrace syscall interceptors for arm and adds support
for both PTRACE_GETVFPREGS and PTRACE_SETVFPREGS used to get the VFP register
from ARM.
The ptrace tests is also updated with arm and PTRACE_GETVFPREGS tests.
llvm-svn: 251321
This patch add support for leak sanitizer for aarch64. Similar to
MIPS it uses a SizeClassAllocator32 due VMA constraints (aarch64
currently supports 39 and 42-bit VMA).
It also fixes the android build issue.
llvm-svn: 250898
Summary:
While instrumenting std::string with asan I discovered that speculative load might load data from poisoned region. Disabling all speculative loads for asan-annotated functions.
The test follows the std::string implementation.
Corresponding CL in llvm: http://reviews.llvm.org/D13264
Patch by Mike Aizatsky, the review page for the CL is http://reviews.llvm.org/D13265
Reviewers: aizatsky
Subscribers: kcc, llvm-commits
Differential Revision: http://reviews.llvm.org/D13905
llvm-svn: 250837
This patch introduces a well defined header struct
to represent raw profile header instead of using raw array.
Previously the raw array is used in two different files and
is very error prone when header structure is re-organized.
This is a small cleanup with NFC.
llvm-svn: 250561
MSVC 2013 doesnt support C99 fully, including the hexidecimal floating point
representation. Use the expanded value to permit building with it.
Patch by Tee Hao Wei!
llvm-svn: 250365
The assembly implementations use GNU syntax which MSVC doesn't handle. Rather
than duplicate the code in a second syntax, use the C implementations.
Patch by Tee Hao Wei!
llvm-svn: 250360
On Linux, the profile runtime can use __start_SECTNAME and __stop_SECTNAME
symbols defined by the linker to locate the start and end location of
a named section (with C name). This eliminates the need for instrumented
binary to call __llvm_profile_register_function during start-up time.
llvm-svn: 250200
Old version of sem_init (GLIBC_2.0) fails to initialize parts of
sem_t that are used in sem_timedwait. This is fixed in GLIBC_2.1,
but since ASan interceptors downgrade sem_* to the oldest available
version, this can introduce bugs that are only present in sanitized
build. Workaround by zero-initializing sem_t in sem_init.
llvm-svn: 250113
Revert once more. This seems to fail to build on the buildbots which build with
ninja rather than MSBuild/Visual Studio. This requires further build
infrastructure changes to deal with the assembly routines.
llvm-svn: 250001
__inline is a vendor specific spelling for inline. clang and gcc treat it the
same as inline, and is available in MSVC 2013 which does not implement C99
(VS2015 supports the inline keyword though). This will allow us to build the
builtins using MSVC.
llvm-svn: 249953
CMake build rules listed -I flags for two different libc++ header
locations which broke when libc++ headers started using include_next.
Also change -I to -isystem to avoid compiler warning about
include_next.
llvm-svn: 249759
This is an implementation of
https://github.com/google/sanitizers/issues/579
It has a number of advantages over the current mapping:
* Works for non-PIE executables.
* Does not require ASLR; as a consequence, debugging MSan programs in
gdb no longer requires "set disable-randomization off".
* Supports linux kernels >=4.1.2.
* The code is marginally faster and smaller.
This is an ABI break. We never really promised ABI stability, but
this patch includes a courtesy escape hatch: a compile-time macro
that reverts back to the old mapping layout.
llvm-svn: 249754
Summary:
Since r223145 we don't include sanitizer_allocator_internal.h into
sanitizer_symbolizer.h, so we can have undefined reference to
Internal{Alloc, Free} stuff into sanitizer_symbolizer_libbacktrace.cc under
SANITIZER_CP_DEMANGLE macro.
This patch simply includes appropriate header into
sanitizer_symbolizer_libbacktrace.h to resolve the issue.
Patch by Maxim Ostapenko!
Reviewers: kcc, eugenis, samsonov
Subscribers: llvm-commits, ygribov
Differential Revision: http://reviews.llvm.org/D13429
llvm-svn: 249633
cl does not support the same intrinsics as clang. Provide implementations for
the intrinsics using MSVC builtins.
Patch by Tee Hao Wei!
llvm-svn: 249515
Unfortunately, int_utils.h needs to depend on int_lib for the common macro
definitions. However, currently, int_utils.h is included by int_lib.h. Reorder
the inclusion to work around this.
llvm-svn: 249376
Summary: This is the Makefile analog of r247833, except that the test also had to be changed such that clang actually attempts to link the program as opposed to just building it. Because of that change, I also switched the order to checking for ld/clang architecture support, because now lack of ld support would make the clang check fail. This fixes PR24776.
Reviewers: beanz
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13425
llvm-svn: 249358
This patch add support for leak sanitizer for aarch64. Similar to
MIPS it uses a SizeClassAllocator32 due VMA constraints (aarch64
currently supports 39 and 42-bit VMA).
llvm-svn: 249337
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
- Add blank lines to separate function definitions.
- Add 'extern "C"' or 'namespace foo' comments after the appropriate
closing brackets
This is a continuation of work from 409b7b82. The focus here is on the
various sanitizers (not sanitizer_common, as before).
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13225
llvm-svn: 248966
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13310
llvm-svn: 248964
We need to make sure that if you change the builtin filter lists CMake re-generates its configurations so it includes the right builtins in the generated libraries.
llvm-svn: 248852
Summary: This ports functionality from the clang_macho_embedded.mk platform makefile over to CMake.
Reviewers: bogner, samsonov, bob.wilson
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13226
llvm-svn: 248850
We don't want to filter out the builtins that are present in libSystem like we do for the normal builtins because kexts can't link libSystem, but we should filter out all the builtins that are generally not supported on the OS and architecture.
llvm-svn: 248756
For Darwin simulator platforms we shouldn't build the cc_kext builtins at all because they aren't applicable, and we should includ the simulator builtins as slices inside the main platform builtin library.
llvm-svn: 248751
If the builtins are built with libgcc as the unwind provider on ARM, the exposed
_Unwind_SetIP is a macro. This results in the following warning due to
expansion of the argument:
warning: suggest parentheses around arithmetic in operand of ‘|’ [-Wparentheses]
Add a no-op set of parenthesis around the argument that will prevent this
warning.
llvm-svn: 248686
This somehow worked with the build on Linux, but seems to fail on the buildbots.
Split the flags apart here as otherwise the two flags are treated as one, and
cause a compilation failure.
llvm-svn: 248654
This adds a new name for ARM32 (armhf). We now force that the default build for
ARM32 (arm) to be soft-float ABI. This has a corresponding clang change to look
for these names based on the floating point ABI. The functions are built
identically (the functions are marked as AAPCS, so the calling convention does
not change, as per the RTABI specification), however, the object file contains
attributes indicating the build configuration which the linker will ensure are
not mix and matched. We now built the appropriate named archive so that we can
link properly.
llvm-svn: 248648
Rename darwin_read_exclude_file to more generic darwin_read_list_from_file, and make it take the file path instead of constructing it so it can be reused more freely.
llvm-svn: 248635
OS and ARCH must be specified, but minimum version may not. Excluding the minimum version will only apply the filters for builtins not supported by the OS and OS-Arch pair.
llvm-svn: 248543
Summary: First pass at adding cc_kext_* builtin libraries. I need to cleanup and refactor the builtin filtering so that I can use it to filter the builtin symbols list, but this is the first step in the right direction.
Reviewers: bob.wilson, bogner, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13115
llvm-svn: 248443
Summary:
Xcode 7 doesn't support targeting iOS5 and earlier. Instead of just dropping cc_kext_ios5, I've repurposed it to cc_kext_ios, and I'm pulling the iOS architectures out of cc_kext. Putting OS X and iOS slices inside the same archive was just odd.
There is a cooresponding clang change coming too.
Reviewers: bogner, bob.wilson
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13112
llvm-svn: 248441
There are lingering issues building the atomic builtins with various versions of gcc. To unblock people we can only include them on Apple platforms where they are more tested.
llvm-svn: 248386
Summary:
Building the builtins on Darwin platforms is a bit complicated. This is a first-pass implementation of the functionality from clang_darwin.mk into CMake.
When building the builtins on Darwin we have layers of blacklists that we apply based on platform, architecture, and minimum supported OS version.
Reviewers: bogner, filcab, bob.wilson, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13059
llvm-svn: 248383
This fixes a crash in pthread_create on linux/i386 due to abi
incompatibility between intercepted and non-intercepted functions.
See the test case for more details.
llvm-svn: 248325
Currently aarch64 lacks instrumentation support for variadic arguments
for MSan. This patch sets the UBSan tests that uses it as to require
stable-runtime and sets aarch64/ubsan as an unstable one.
llvm-svn: 247996
error: width of bit-field 'allocated' (8 bits) exceeds the width of
its type; value will be truncated to 1 bit [-Werror,-Wbitfield-width]
llvm-svn: 247840
This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:
00 0000 0000 - 40 0000 0000: invalid
40 0000 0000 - 43 0000 0000: shadow
43 0000 0000 - 46 0000 0000: origin
46 0000 0000 - 55 0000 0000: invalid
55 0000 0000 - 56 0000 0000: app (low)
56 0000 0000 - 70 0000 0000: invalid
70 0000 0000 - 80 0000 0000: app (high)
And for 42-bit VMA:
000 0000 0000 - 100 0000 0000: invalid
100 0000 0000 - 11b 0000 0000: shadow
11b 0000 0000 - 120 0000 0000: invalid
120 0000 0000 - 13b 0000 0000: origin
13b 0000 0000 - 2aa 0000 0000: invalid
2aa 0000 0000 - 2ab 0000 0000: app (low)
2ab 0000 0000 - 3f0 0000 0000: invalid
3f0 0000 0000 - 400 0000 0000: app (high)
Most of tests are passing with exception of:
* Linux/mallinfo.cc
* chained_origin_limits.cc
* dlerror.cc
* param_tls_limit.cc
* signal_stress_test.cc
* nonnull-arg.cpp
The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'. So a function prototype that
aims to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects is an unused variable and generate wrong code.
The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).
The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.
Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.
All the failures are XFAIL for aarch64 for now.
llvm-svn: 247809
test/msan/dtor-trivial.cpp. Runtime testing for poisoning
vtable pointer in dtor.
Summary: Runtime testing for vtable ptr poisoning in dtor.
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12713
Clean test case & comments.
Update tests for vptr poisoning order.
Simplify test to rely upon globals.
Assertions verify that vtable still accessible from dtors.
Testing linear inheritance and multiple inheritance for vtable poisoning.
Macros for testing expected failing functions.
Rename macros.
Removed xfail, modified FileCheck commands, to expect test to crash.
llvm-svn: 247763
There are situations where a user may want to build only the compiler-rt builtins, or only the sanitizer runtimes. This exposes options to do that. Both default to On, so there should be no implicit change in behavior.
llvm-svn: 247607
If the pointer passed to the getVtablePrefix function was read from a freed
object, we may end up following pointers into objects on the heap and
printing bogus dynamic type names in diagnostics. However, we know that
vtable pointers will generally only point into memory mapped from object
files, not objects on the heap.
This change causes us to only follow pointers in a vtable if the vtable
and one of the virtual functions it points to appear to have appropriate
permissions (i.e. non-writable, and maybe executable), which will generally
exclude heap pointers.
Only enabled for Linux; this hasn't been tested on FreeBSD, and vtables are
writable on Mac (PR24782) so this won't work there.
Differential Revision: http://reviews.llvm.org/D12790
llvm-svn: 247484
This patch adds a runtime check for asan, dfsan, msan, and tsan for
architectures that support multiple VMA size (like aarch64). Currently
the check only prints a warning indicating which is the VMA built and
expected against the one detected at runtime.
llvm-svn: 247413
In some cases, PHDR table is allocated with malloc() by the linker
instead of being mapped from file. It needs to be unpoisoned in the
dl_iterate_phdr callback then.
This happens when program headers are not part of any loadable ELF
segment.
llvm-svn: 247100
Instead, assume we're going to target triple specified by
COMPILER_RT_DEFAULT_TARGET_TRIPLE and build runtimes for this triple
(and hope that the host compiler can target them).
This will help users that use cross-compiler on their host to build
Clang that would work on a different architecture. This will also come in
handy if one would want to configure several compiler-rt build trees on
the same host, using just-built Clang that can target many
architectures.
This doesn't change the behavior in the default build configuration.
llvm-svn: 247099
Summary:
When destructor for a class is not declared, no destructor
is emitted, and members are not poisoned. Test case exhibits this
current bug in use-after-dtor implementation (detailed in
https://github.com/google/sanitizers/issues/596).
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12617
Rename test files.
llvm-svn: 247091
On recent OS X systems, blocks used as callbacks for XPC events (set up e.g. via xpc_connection_set_event_handler) are not later executed via the public libdispatch API (dispatch_async, etc). Because we don't intercept the path where the block is executed, we can fail to register the newly created dispatch thread. To fix that, let's intercept libxpc's APIs that take a block as a callback handler, and let's wrap these blocks in the same way as we do for libdispatch API.
Differential Revision: http://reviews.llvm.org/D12490
llvm-svn: 246961
Tests need to be run either via asanwrapper or asanwrapper64
depending in the binary bitness. This matters when testing on an
aarch64 device.
llvm-svn: 246891
The failure is caused by the missing implementation of array cookie
poisoning in Clang for ARMCXXABI and has nothing to do with Android
(and the test passes on Android/x86).
llvm-svn: 246832
Due to a slightly different initialization order, syslog on
android/x86 calls vsnprintf, which can not be handled until interceptors
are initialized at least.
llvm-svn: 246831
Summary: Verify that all members are poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12023
Test virtual functions and virtual bases poisoning proper size.
Runtime testing of destroying diamond inheritance.
Explicit testing for 0 optimizations.
Simplify test to only test interesting values.
Test poisoning on multiple inheritance with nontrivial and trivial members.
Removed unnecessary header.
Testing (anonymous/)bit fields.
Revised object instantiation in test to avoid undefined behavior.
llvm-svn: 246817
Race deduplication code proved to be a performance bottleneck in the past if suppressions/annotations are used, or just some races left unaddressed. And we still get user complaints about this:
https://groups.google.com/forum/#!topic/thread-sanitizer/hB0WyiTI4e4
ReportRace already has several layers of caching for racy pcs/addresses to make deduplication faster. However, ReportRace still takes a global mutex (ThreadRegistry and ReportMutex) during deduplication and also calls mmap/munmap (which take process-wide semaphore in kernel), this makes deduplication non-scalable.
This patch moves race deduplication outside of global mutexes and also removes all mmap/munmap calls.
As the result, race_stress.cc with 100 threads and 10000 iterations become 30x faster:
before:
real 0m21.673s
user 0m5.932s
sys 0m34.885s
after:
real 0m0.720s
user 0m23.646s
sys 0m1.254s
http://reviews.llvm.org/D12554
llvm-svn: 246758
All supported version of Android provide both "signal" and
"bsd_signal" libc exports. Binaries built for API level <21 call
bsd_signal; newer binaries call signal.
Simply intercept both.
Fixes AddressSanitizer.SignalTest on Android/x86.
llvm-svn: 246716
Summary:
I broke building the builtins with r245967. This fixes them on Linux and builds them properly for Darwin.
The old code could not be made to work on Darwin as a result of the refactoring of add_compiler_rt_runtime, so I had to rework the way they are built for Darwin. This solution is not ideal and will be fixed in subsequent commits. I just want to get this in so everything is working again.
Reviewers: samsonov, chh, compnerd, bogner
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12500
llvm-svn: 246487
According to `man freopen`, passing NULL instead of a filename is valid, however the current implementation of the interceptor assumes this parameter is non-NULL. Let's fix that and add a test case.
Differential Revision: http://reviews.llvm.org/D11389
llvm-svn: 246435
This patch adds support for tsan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels). The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt. The default VMA is 39 bits.
It also enabled tsan for previous supported VMA (39).
llvm-svn: 246330
Summary:
Teach all sanitizers to call abort() instead of _exit() after printing
an error report, if requested. This behavior is the default on Mac OS.
Reviewers: kcc, kubabrecka
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12332
llvm-svn: 246205
Summary:
This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Changes to CMakeLists files are all minimal except ubsan which tests the new ARCHS loop.
Further cleanup patches will follow.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12410
llvm-svn: 246199
Summary: This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12409
llvm-svn: 246178
This patch fix the function GetTls for aarch64, where it assumes it
follows the x86_64 way where the TLS initial address is at the end
of TLS. Instead aarch64 set the TLS address as the thread pointer.
llvm-svn: 246148
Summary: This is the first step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12386
llvm-svn: 246102
This follows the approach we use in ASan and UBSan lit tests to setup
tool options in a portable way, and to provide a nice way to specify
testsuite-wide defaults.
llvm-svn: 246058
Summary: This is one more step to allow us to eliminate platform-specific code from the library CMakeLists files. Subsequent patches will refactor all call sites to use this and other new features.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12339
llvm-svn: 246047
Summary: Currently there is a libc++ test failing under MSAN because wcrtomb is not intercepted. This patch adds an interceptor for it.
Reviewers: samsonov, eugenis
Subscribers: tberghammer, danalbert, srhines, llvm-commits
Differential Revision: http://reviews.llvm.org/D12311
llvm-svn: 245994
Summary: This refactoring moves much of the Apple-specific behavior into a function in AddCompilerRT. The next cleanup patch will remove more of the if(APPLE) checks in the outlying CMakeLists.
This patch adds a bunch of new functionality to add_compiler_rt_runtime so that the target names don't need to be reconstructed outside the call. It also updates some of the call sites to exercise the new functionality, but does not update all uses fully. Subsequent patches will further update call sites and move to using the new features.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: beanz, rengolin, llvm-commits
Differential Revision: http://reviews.llvm.org/D12292
llvm-svn: 245970
Introduce %env_ubsan_opts= substitution instead of specifying
UBSAN_OPTIONS manually in the RUN-lines. This will come in handy
once we introduce some default UBSAN_OPTIONS for the whole testsuite
(for instance, make abort_on_error common option).
llvm-svn: 245967
Previously we had to call __sanitizer_cov_dump() from tool-specific
callbacks - instead, let sanitizer_common library handle this in a
single place.
This is a re-application of r245770, with slightly different approach
taken.
llvm-svn: 245890
This is required to properly re-apply r245770:
1) We should be able to dump coverage in __sanitizer::Die() if coverage
collection is turned on.
2) We don't want to explicitly do this in every single
sanitizer that supports it.
3) We don't want to link in coverage (and therefore symbolization) bits
into small sanitizers that don't support it (safestack).
The solution is to make InitializeCoverage() register its own Die()
callback that would call __sanitizer_cov_dump(). This callback should be
executed in addition to another tool-specific die callbacks (if there
are any).
llvm-svn: 245889
This patch adds support for dfsan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels). The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt. The default VMA is 39 bits.
llvm-svn: 245841
These changes break both autoconf Mac OS X buildbot (linker errors
due to wrong Makefiles) and CMake buildbot (safestack test failures).
llvm-svn: 245784
Previously we had to call __sanitizer_cov_dump() from tool-specific
callbacks - instead, let sanitizer_common library handle this in a single place.
llvm-svn: 245770
Summary:
Merge "exitcode" flag from ASan, LSan, TSan and "exit_code" from MSan
into one entity. Additionally, make sure sanitizer_common now uses the
value of common_flags()->exitcode when dying on error, so that this
flag will automatically work for other sanitizers (UBSan and DFSan) as
well.
User-visible changes:
* "exit_code" MSan runtime flag is now deprecated. If explicitly
specified, this flag will take precedence over "exitcode".
The users are encouraged to migrate to the new version.
* __asan_set_error_exit_code() and __msan_set_exit_code() functions
are removed. With few exceptions, we don't support changing runtime
flags during program execution - we can't make them thread-safe.
The users should use __sanitizer_set_death_callback()
that would call _exit() with proper exit code instead.
* Plugin tools (LSan and UBSan) now inherit the exit code of the parent
tool. In particular, this means that ASan would now crash the program
with exit code "1" instead of "23" if it detects leaks.
Reviewers: kcc, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12120
llvm-svn: 245734
MachO and COFF do not support aliases. Restrict the alias to ELF targets. This
should also fix the Darwin build. Make the FNALIAS usage an error on non-ELF
targets.
llvm-svn: 245669
This patch adds support for asan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels). The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt. The default VMA is 39 bits.
For 42-bit VMA aarch64 uses SANITIZIER_CAN_USER_ALLOCATOR64.
llvm-svn: 245596
Summary:
There are a number of issues with unit tests on Darwin. These patches address the following:
* Unit tests should be passed -arch (-m32/-m64 isn't sufficient)
* Unit tests should be passed ${DARWIN_osx_CFLAGS} because they're being built for OS X
* Test architectures should be filtered based on base system capabilities (i.e. don't try running x86_64h tests on pre-haswell hardware).
Reviewers: bogner, filcab, kubabrecka
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12174
llvm-svn: 245580
ASan uses GetProcAddress to get the address of malloc so it can patch
it. Newer versions of Windows make GetProcAddress initialize the DLL
before returning a function pointer into it. That's perfectly
reasonable, but ASan needs to finish patching malloc before CRT
initialization. So now we roll our own GetProcAddress.
Fixes PR24237
Based on a patch by David Major
Originally written by David Major as part of:
https://hg.mozilla.org/mozilla-central/file/tip/toolkit/xre/WindowsCrtPatch.h
llvm-svn: 245377
Summary: This patch consolidates add_compiler_rt_osx_static_runtime and add_compiler_rt_darwin_dynamic_runtime into a single new function add_compiler_rt_darwin_runtime.
Reviewers: filcab, samsonov, bogner
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12106
llvm-svn: 245317
Summary:
Currently CMake doesn't build builtins for AArch64 and if one does this anyway
it's likely that at least `__multc3`, `__floatditf` and `__floatunditf` will be
missing. There is actually more builtins to add, but these come from
different libc implementations, thus providing them makes compiler-rt for
AArch64 good enough at least for basic usage.
Builtins implementation were originally taken from FreeBSD project:
* [[ https://reviews.freebsd.org/D2173 | __multc3 ]]
* [[ https://reviews.freebsd.org/D2174 | __floatditf and __floatunditf ]]
Until they have been tested to find mistakes in `__float*` functions.
`__floatditf` was based on `__floatsitf`, which had the same mistakes
(fixed it in r243746).
Version of the builtins in this patch are fixed and complemented with basic
tests. Additionally they were tested via GCC's torture (this is what revealed
these issues).
P.S. Ed (author of FreeBSD patches) asked for feedback on the list some time ago (here [[ http://lists.cs.uiuc.edu/pipermail/llvmdev/2015-March/084064.html | here ]])
and got no response, but it seems to be worth adding these builtins as is and
extracting common part later.
Reviewers: howard.hinnant, t.p.northover, jmolloy, enefaim, rengolin, zatrazz
Subscribers: asl, emaste, samsonov, aemerson, llvm-commits, rengolin
Differential Revision: http://reviews.llvm.org/D11679
llvm-svn: 245296
This reverts commit r245263, and the change wasn't catched by UBsan.
It also reverts: "[ARM] Also disable stable-runtime check on UBsan,
to use generic one" (r245287), as it didn't fix the UBsan builds.
We need to investigate what's going on before continuing, since this
is breaking all ARM RT buildbots for a while.
llvm-svn: 245292
Summary:
This involved various fixes:
- Move a test that uses ulimit to Posix.
- Add a few "REQUIRES: shell" lines to tests using backtick subshell
evaluation.
- The MSVC CRT buffers stdio if the output is a pipe by default. Some
tests need that disabled to avoid interleaving test stdio with asan
output.
- MSVC headers provide _alloca instead of alloca (go figure), so add a
portability macro to the two alloca tests.
- XFAIL tests that rely on accurate symbols, we need to pass more flags
to make that work.
- MSVC's printf implementation of %p uses upper case letters and doesn't
add 0x, so do that manually.
- Accept "SEGV" or "access-violation" reports in crash tests.
Reviewers: samsonov
Subscribers: tberghammer, danalbert, llvm-commits, srhines
Differential Revision: http://reviews.llvm.org/D12019
llvm-svn: 245073
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12018
llvm-svn: 244952
Summary:
This is a reunification of three separate reviews D11073, D11082, D11083.
Having them separate was not constructive even though the patches were smaller because it led to fragmented conversations, and this is really all about one change.
This patch incorporates feedback from samsonov, and refactors the hacky darwin code out of the root CMakeLists.txt and int config-ix.cmake.
Reviewers: zaks.anna, bogner, kubabrecka, chandlerc, samsonov
Subscribers: jevinskie, filcab, llvm-commits
Differential Revision: http://reviews.llvm.org/D11820
llvm-svn: 244948
Summary:
Let UBSan output flag description if 'help' options is provided.
Report unrecognized flags if verbosity mode is turned on.
Patch by Svetlana Ryabkova!
Differential Revision: http://reviews.llvm.org/D11903
llvm-svn: 244946
Summary:
Printing a stacktrace acquires a spinlock, and the sanitizer spinlocks
aren't re-entrant. Avoid the problem by reusing the logic we already
have on Posix.
This failure mode is already exercised by the existing mmap_limit_mb.cc
test case. It will be enabled in a forthcoming change, so I didn't add
standalone tests for this change.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11999
llvm-svn: 244840
Summary:
The lit internal shell is used by default on Windows, and it does not
support bash variable expansion. Because bash variable expansion
interacts with tokenization, it is prohibitively difficult to make the
existing lit shell do general shell variable expansion.
The most common use of shell variables in the asan tests is to add
options to the default set of options set by lit.cfg. We can avoid the
need for variable expansion with a substitution that expands to 'env
ASAN_OPTIONS=<defaults:>'.
This has the side benefit of shortening the RUN lines, so it seemed
better than implementing limited variable expansion in lit.
Reviewers: samsonov, filcab
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11982
llvm-svn: 244839
Summary:
This is consistent with LLVM and Clang. The lit shell isn't a complete
bash implementation, but its behavior is more easily reproducible. This
fixes some ubsan test failures.
One ubsan test requires a shell currently, so I added "REQUIRES: shell",
and the other doesn't work on Windows because it prints a stack trace
and uses a linker that doesn't support DWARF. We can fix it eventually
through other means.
Reviewers: samsonov, pcc
Subscribers: yaron.keren, filcab, llvm-commits
Differential Revision: http://reviews.llvm.org/D11960
llvm-svn: 244837
Summary: Fixed test in response to buildbot failures from last night.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11992
llvm-svn: 244818
Summary: New implementation for dtor sanitizer callback poisons only class members, and emits poisoning callback before base dtor invoked.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11952
Explicit dtor invocation
llvm-svn: 244709
Summary:
llvm-symbolizer understands both PDBs and DWARF, so it's a better bet if
it's available. It prints out the function parameter types and column
numbers, so I needed to churn the expected test output a bit.
This makes most of the llvm-symbolizer subprocessing code
target-independent. Pipes on all platforms use fd_t, and we can use the
portable ReadFromFile / WriteToFile wrappers in symbolizer_sanitizer.cc.
Only the pipe creation and process spawning is Windows-specific.
Please check that the libcdep layering is still correct. I don't know
how to reproduce the build configuration that relies on that.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11791
llvm-svn: 244616
Summary:
Compiler-rt part of http://reviews.llvm.org/D11757
I ended up making UBSan work with both the old version and the new
version of the float_cast_overflow data (instead of just erroring with
the previous version). The old version will try to symbolize its caller.
Now we compile the float_cast_overflow tests without -g, and make sure
we have the source file+line+column.
If you think I'm trying too hard to make sure we can still use both
versions, let me know.
Reviewers: samsonov, rsmith
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11793
llvm-svn: 244567
We will use this for ASan on Windows soon. When the ELF port of LLD
matures, we can add other sanitizer integration tests to make sure they
work with LLD.
llvm-svn: 244549
Summary: These are needed to talk to llvm-symbolizer on Windows.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11920
llvm-svn: 244533
Summary:
A virtual base class and derived class should only poison their
respective members upon destruction. In particular, trivial members should
be poisoned directly, non-trivial members should be poisoned by their
respective destructors, and references to non-trivial members should be
poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D11912
Test case avoids casting to access members
Run configurations to reflect expected runtime failure on assertions.
Simplified access to internal members.
Updated internal member structure of base.
Revised assert in main to verify successful poisoning after dtor.
Verify address of pointer is poisoned.
Fixed assert err.
Cleaned up test by removing extraneous prints, asserts.
llvm-svn: 244521
Summary: I've copy/pasted the LLVM_NOEXCEPT definition macro goo from LLVM's Compiler.h. Is there somewhere I should put this in Compiler RT? Is there a useful header to define/share things like this?
Reviewers: samsonov
Differential Revision: http://reviews.llvm.org/D11780
llvm-svn: 244453
The number of unaccessible pages at the beginning of the address
space can differ between processes on the same machine. Try different
values at runtime to protect as much memory as possible.
llvm-svn: 244364
This test was in an infinite loop in AArch64. We're investigating it
on PR24389, but I'm disabling it for now, so that we continue testing
everything else.
llvm-svn: 244316
Offset from vptr to the start of most-derived object can actually
be positive in some virtual base class vtables.
Patch by Stephan Bergmann!
llvm-svn: 244101
This patch enabled TSAN for aarch64 with 39-bit VMA layout. As defined by
tsan_platform.h the layout used is:
0000 4000 00 - 0200 0000 00: main binary
2000 0000 00 - 4000 0000 00: shadow memory
4000 0000 00 - 5000 0000 00: metainfo
5000 0000 00 - 6000 0000 00: -
6000 0000 00 - 6200 0000 00: traces
6200 0000 00 - 7d00 0000 00: -
7d00 0000 00 - 7e00 0000 00: heap
7e00 0000 00 - 7fff ffff ff: modules and main thread stack
Which gives it about 8GB for main binary, 4GB for heap and 8GB for
modules and main thread stack.
Most of tests are passing, with the exception of:
* ignore_lib0, ignore_lib1, ignore_lib3 due a kernel limitation for
no support to make mmap page non-executable.
* longjmp tests due missing specialized assembly routines.
These tests are xfail for now.
The only tsan issue still showing is:
rtl/TsanRtlTest/Posix.ThreadLocalAccesses
Which still required further investigation. The test is disable for
aarch64 for now.
llvm-svn: 244055
This patch enables asan for aarch64/linux. It marks it as 'unstable-release',
since some tests are failing due either kernel missing support of non-executable
pages in mmap or environment instability (infinite loop in juno reference
boards).
It sets decorate_proc_maps test to require stable-release, since the test expects
the shadow memory to not be executable and the support for aarch64 is only
added recently by Linux (da141706aea52c1a9 - 4.0).
It also XFAIL static_tls test for aarch64 linker may omit the __tls_get_addr call
as a TLS optimization.
llvm-svn: 244054
Summary: Simple test case to verify that an instance of a derived class with virtual base is properly poisoned
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11733
modified test to be more concise, and check the local pointer to the destroyed object
revised test to not examine padding- only explicit object members
llvm-svn: 243913
Summary:
This is consistent with binutils and ASan behavior on other platforms,
and makes it easier to use llvm-symbolizer with WinASan. The
--relative-address flag to llvm-symbolizer is also no longer needed.
An RVA is a "relative virtual address", meaning it is the address of
something inside the image minus the base of the mapping at runtime.
A VA in this context is an RVA plus the "preferred base" of the module,
and not a real runtime address. The real runtime address of a symbol
will equal the VA iff the module is loaded at its preferred base at
runtime.
On Windows, the preferred base is stored in the ImageBase field of one
of the PE file header, and this change adds the necessary code to
extract it. On Linux, this offset is typically included in program and
section headers of executables.
ELF shared objects typically use a preferred base of zero, meaning the
smallest p_vaddr field in the program headers is zero. This makes it so
that PIC and PIE module offsets come out looking like RVAs, but they're
actually VAs. The difference between them simply happens to be zero.
Reviewers: samsonov, majnemer
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11681
llvm-svn: 243895
We currently have a dyld check in DyldNeedsEnvVariable that detects whether we are on a new OS X (10.11+) where we don't need to re-exec. For iOS simulator, we have a dlsym() hack that checks for a specific symbol, but this turns out to be fragile and problematic, because dlsym can sometimes call malloc(), which is not a good idea this early in the process runtime.
Let's instead of this do a direct comparison of dyld's version, which is exported in a public symbol `dyldVersionNumber`.
Differential Revision: http://reviews.llvm.org/D11719
llvm-svn: 243879
ld.bfd fails to find dependencies of asan runtime library w/o an
extra -rpath-link pointing to usr/lib under the sysroot. Gold does
not have this problem.
llvm-svn: 243802
Summary:
This test is working on other platforms.
Reviewers: samsonov, emaste
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D10415
llvm-svn: 243771
Negative numbers were handled properly initially, but got broken
during addressing review, so none of them did actually work. Issues:
* Wrong negation.
* Wrong exponent calculation.
llvm-svn: 243746
It's implicated in a buildbot failure and while the failure looks unrelated,
this commit is the only probably candidate in the blamelist.
llvm-svn: 243740
This patch enable DFSan for AArch64 (39-bit VMA). All tests are passing
but:
* test/dfsan/custom.cc
Due an invalid access in dl_iterate_phdr instrumentation (commenting out
this function make the testcase to pass). The test is XFAIL for aarch64
for now.
llvm-svn: 243688
Summary:
Using u64 as type for offset changes its value, changing starting address for map in file.
This patch solves Bug 24151, which raises issue while mapping file in mips32.
Patch by Mohit Bhakkad
Reviewers: dsanders, kcc
Subscribers: hans, llvm-commits, samsonov, nitesh.jain, sagar, bhushan, jaydeep
Differential Revision: http://reviews.llvm.org/D11588
llvm-svn: 243686
Summary: Verify that running in optimized mode while checking for use-after-dtor errors, does not generate tail call invocation of destructor. This avoids possible error where stack frame for the destructor is eliminated, making tracking down the errors more difficult.
Reviewers: eugenis, kcc
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D11614
simplified test cases
updated line numbering on test
renamed test
llvm-svn: 243675
Clang will not define __i686__, even when the target triple is i686,
without -march=i686.
With this patch, the compiler-rt build will successfully detect that
Clang can target i686.
The open_memstream.cc test is a little funny. Before my patch, it
was invoked with "-m32 -m64". To make it work after my -march
change, I had to add '-march=x86-64'.
Differential Revision: http://reviews.llvm.org/D11618
llvm-svn: 243604
Let me tell you a story. Suppose you want to build your project (e.g. LLVM)
with CMake 2.8, Clang and AddressSanitizer. You also want to ensure that
Clang is fresh enough and check that CMAKE_CXX_COMPILER_VERSION is 3.1+.
This check would fail - CMake would fail to correctly calculate compiler
version if you pass CMAKE_CXX_FLAGS=-fsanitize=address.
The problem is funky compiler version calculation in
CMakeDetermineCompilerId.cmake module: it compiles the sample source
file with provided compiler and compile flags, runs "strings" and greps
for "INFO:" ASCII strings contained on the executable to fetch
"INFO:compiler", "INFO:compiler_version" etc. It limits the output of
grep to just 4 lines.
Unfortunately, if your executable was built with ASan, it would also contain
an ASCII string
INFO: %s ignores mlock/mlockall/munlock/munlockall
and INFO:compiler_version string would never be parsed.
All of the above actually happened after r243574 when we tried to
configure libcxx with just-built Clang with TSan/MSan, and the version
check mentioned above failed in HandleLLVMOptions.cmake
(╯°□°)╯.~.┻━┻
llvm-svn: 243599
ASan shadow on Android starts at address 0 for both historic and
performance reasons. This is possible because the platform mandates
-pie, which makes lower memory region always available.
This is not such a good idea on 64-bit platforms because of MAP_32BIT
incompatibility.
This patch changes Android/AArch64 mapping to be the same as that of
Linux/AAarch64.
llvm-svn: 243548
Rename getBinaryBasename() to getProcessName() and, on Linux,
read it from /proc/self/cmdline instead of /proc/self/exe. The former
can be modified by the process. The main motivation is Android, where
application processes re-write cmdline to a package name. This lets
us setup per-application ASAN_OPTIONS through include=/some/path/%b.
llvm-svn: 243473
callee-saved return address is stored in the caller's stack frame, not
the callee's. This patch adjusts the logic to find the LR in the
correct place for PowerPC.
Patch joint with Bill Seurer.
llvm-svn: 243467
This applies default compiler flags to .S files, in particular removing
the "-pedantic" option, which is desirable because there is nothing to
reasonably warn about; and the only thing that gcc warns about is that
you allegedly can't correctly invoke GLUE2 in lib/builtins/assembly.h
on platforms for which USER_LABEL_PREFIX is the empty string.
In the gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=33305 that
added the warning, a commenter notes that giving a macro of zero characters
to another macro is not precisely the same as failing to supply an argument,
and "there is a widespread belief in C++ community that such usage is valid".
Unfortunately the only way to silence the warning is to avoid -pedantic.
Differential Revision: http://reviews.llvm.org/D10713
llvm-svn: 243446
This sets the default ASan flags to abort_on_error=1 on OS X. For unit tests and lit tests we set ASAN_OPTIONS back to abort_on_error=0 before running the tests (to avoid crashing). I added two tests that intentionally don't respect the default ASAN_OPTIONS to test the behavior of an empty ASAN_OPTIONS (on OS X we should crash, on Linux we should exit()).
Differential Revision: http://reviews.llvm.org/D7203
llvm-svn: 243418
This fixes the bug https://llvm.org/bugs/show_bug.cgi?id=24152
The float value resides in the first 4 bytes of ValueHandle for both mips and mipsel.
Reviewers: dsanders, samsonov
Subscibers: rsmith, hans, mohit.bhakkad, jaydeep, llvm-commits
Differential: http://reviews.llvm.org/D11448
llvm-svn: 243384
Summary:
Although we assume that we can always target host triple, relax
this check to avoid failing at configure-time for cases when we are
not able to correctly infer/verify host triple for some reasons.
See http://llvm.org/bugs/show_bug.cgi?id=24222 for more details.
Reviewers: hans
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11496
llvm-svn: 243170
Summary:
PTHREAD_CREATE_DETACHED has a different value on Mac OS X. Since both
PTHREAD_CREATE_JOINABLE and PTHREAD_CREATE_DETACHED are non-zero,
`__tsan::ThreadCreate` always creates detached threads.
Reviewers: kcc, samsonov, glider
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D10606
llvm-svn: 243151
Previously, Android target had a logic of duplicating all sanitizer
output to logcat. This change extends it to all posix platforms via
the use of syslog, controlled by log_to_syslog flag. Enabled by
default on Android, off everywhere else.
A bit of cmake magic is required to allow Printf() to call a libc
function. I'm adding a stub implementation to support no-libc builds
like dfsan and safestack.
This is a second attempt. I believe I've fixed all the issues that
prompted the revert: Mac build, and all kinds of non-CMake builds
(there are 3 of those).
llvm-svn: 243051
There are some test failures after r243003 and r243004 ("Rename the ABI
versioning symbol to '__asan_version_mismatch_check' instead abusing
'__asan_init'"). See http://reviews.llvm.org/D11004
llvm-svn: 243007
There are some test failures after r243003 and r243004 ("Rename the ABI
versioning symbol to '__asan_version_mismatch_check' instead abusing
'__asan_init'"). See http://reviews.llvm.org/D11004
llvm-svn: 243005
We currently version `__asan_init` and when the ABI version doesn't match, the linker gives a `undefined reference to '__asan_init_v5'` message. From this, it might not be obvious that it's actually a version mismatch error. This patch makes the error message much clearer by changing the name of the undefined symbol to be `__asan_version_mismatch_check_xxx` (followed by the version string). We obviously don't want the initializer to be named like that, so it's a separate symbol that is used only for the purpose of version checking.
Reviewed at http://reviews.llvm.org/D11004
llvm-svn: 243004
Previously, Android target had a logic of duplicating all sanitizer
output to logcat. This change extends it to all posix platforms via
the use of syslog, controlled by log_to_syslog flag. Enabled by
default on Android, off everywhere else.
A bit of cmake magic is required to allow Printf() to call a libc
function. I'm adding a stub implementation to support no-libc builds
like dfsan and safestack.
llvm-svn: 242975
Summary:
On Windows, thread injection by the kernel or other running processes is
a fairly common occurrence, so ASan should be resilient to it. The
comments on GetCurrentThread() say that it can return null, so we
shouldn't be CHECK failing if it does.
Sending control-C is one way to get the kernel to inject a thread into
your process, so I wrote a test around it.
Reviewers: llvm-commits
Subscribers: samsonov
Differential Revision: http://reviews.llvm.org/D11426
llvm-svn: 242948
include_if_exists=/path/to/sanitizer/options reads flags from the
file if it is present. "%b" in the include file path (for both
variants of the flag) is replaced with the basename of the main
executable.
llvm-svn: 242853
Since the CoreFoundation allocator replacement was moved in r173134, all
implementations of this function have been empty.
Reviewers: samsonov
Differential Revision: http://reviews.llvm.org/D11375
llvm-svn: 242811
According to man freopen, passing NULL instead of a filename is valid, however the current implementation of the interceptor assumes this parameter is non-NULL. Let's fix that and add a test case.
Differential Revision: http://reviews.llvm.org/D11389
llvm-svn: 242787
ASan unit tests don't depend on the symbolizer and they never test its output, but currently they still run it for every crash. This patch simply disables the symbolizer for unit tests, which provides some speed up. On my system (OS X) that's about 1.4x faster, but this could be potentially much more e.g. when using atos on OS X.
Differential Revision: http://reviews.llvm.org/D11353
llvm-svn: 242677
signal_segv_handler.cc occasionally fails due to a suspected kernel bug.
Increasing the mapped region size seems to make the test pass reliably.
llvm-svn: 242647
The is so that we can avoid using libgcc and use compiler-rt with
mingw-w64.
Related driver patch
http://reviews.llvm.org/D11077
I have tested this with mingw-w64 and everything seems to be in order.
I also sent this patch to the mingw-w64 mailing list for them to look at.
Patch by Martell Malone.
Differential Revision: http://reviews.llvm.org/D11085
llvm-svn: 242539
For open_memstream() files, buffer pointer is only valid immediately after
fflush() or fclose(). Fix the fclose() interceptor to unpoison after the
REAL(fclose) call, not before it.
llvm-svn: 242535
Summary:
Exclude external libc++ builds from "all" target, so that they are only
build on demand, and are not installed together with LLVM/Clang.
Reviewers: hans
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11252
llvm-svn: 242424
Some users may need to configure Clang/compiler-rt with
-DMACOSX_DEPLOYMENT_TARGET=10.6, as they expect Clang to produce working
(non-sanitized) binaries on 10.6. In this case they would need to
additionally provide -DSANITIZER_MIN_OSX_VERSION=10.7 to mark
that sanitizer runtimes may only be used on 10.7+ (where they are
supported).
llvm-svn: 242363
When the file is initialized, this patch checks whether the path
specifies a directory. If so, it creates the directory tree before
truncating the file.
Use default.profdata instead of pgo-data for default indexed profile name.
llvm-svn: 241824
The image-relative complete object locator contains a reference to itself,
which we can use to compute the image base without using VirtualQuery.
Spotted by David Majnemer.
llvm-svn: 241758
Specifically:
- Start using %expect_crash.
- Provide an implementation of __ubsan::getDynamicTypeInfoFromVtable
for the Microsoft C++ ABI. This is all that is needed for CFI
diagnostics; UBSan's -fsanitize=vptr also requires an implementation of
__ubsan::checkDynamicType.
- Build the sanitizer runtimes against the release version of the C
runtime, even in debug builds.
- Accommodate demangling differences in tests.
Differential Revision: http://reviews.llvm.org/D11029
llvm-svn: 241745
Since http://reviews.llvm.org/D10294, ASan test cases now respect default env. options via `ASAN_OPTION=$ASAN_OPTIONS:additional_options=xxx`. This patch adds this to a few test cases where it's still missing.
Differential Revision: http://reviews.llvm.org/D10988
llvm-svn: 241571
On OS X 10.11 (which is currently a public beta), the dynamic linker has been improved so that it doesn't require the use of DYLD_INSERT_LIBRARIES in order for interposition/wrappers to work. This patch adds support of this behavior into ASan – we no longer need to re-exec in case the env. variable is not set.
Reviewed at http://reviews.llvm.org/D10924
llvm-svn: 241487
On OS X, when the main instrumented binary contains a custom section with zero length, ASan will crash (assert failure) early in the initialization.
Reviewed at http://reviews.llvm.org/D10944
llvm-svn: 241474
Specifically:
- Disable int128 tests on Windows, as MSVC cl.exe does not support
int128, so we might not have been able to build the runtime
with int128 support.
- XFAIL the vptr tests as we lack Microsoft ABI support.
- XFAIL enum.cpp as UBSan fails to add the correct instrumentation code
for some reason.
- Modify certain tests that build executables multiple times to use
unique names for each executable. This works around a race condition
observed on Windows.
- Implement IsAccessibleMemoryRange for Windows to fix the last
misaligned.cpp test.
- Introduce a substitution for testing crashes on Windows using
KillTheDoctor.
Differential Revision: http://reviews.llvm.org/D10864
llvm-svn: 241303
POSIX states that "It shall be safe to destroy an initialized condition
variable upon which no threads are currently blocked", and later clarifies
"A condition variable can be destroyed immediately after all the threads
that are blocked on it are awakened) (in examples section). Tsan reported
such destruction as a data race.
Fixes https://llvm.org/bugs/show_bug.cgi?id=23616
Reviewed in http://reviews.llvm.org/D10693
llvm-svn: 241082
The test simulates a sandbox that prevents the program from calling readlink().
ASan is supposed to still be able to print the executable name regardless of that.
llvm-svn: 241072
struct sigaction was not initialized. As the result if SA_RESETHAND is set in sa_flags, then the handler is reset after first invocation leading to crash.
Initialize struct sigaction to zero.
Reviewed in http://reviews.llvm.org/D10803
llvm-svn: 240965
which caches the executable name upon the first invocation.
This is necessary because Google Chrome (and potentially other programs)
restrict the access to /proc/self/exe on linux.
This change should fix https://code.google.com/p/chromium/issues/detail?id=502974
llvm-svn: 240960
The new suppression type is called "race_top" and is matched only against top frame in report stacks.
This is required for situations when we want to suppress a race in a "thread pool" or "event loop" implementation.
If we simply use "race:ThreadPool::Execute" suppression, that can suppress everything in the program.
Reviewed in http://reviews.llvm.org/D10686
llvm-svn: 240949
Yury Gribov