Second attempt to enable building ThreadSanitizer (and running tests) on OS X by default.
Differential Revision: http://reviews.llvm.org/D15109
llvm-svn: 254603
In mmap_large.cc, let's use MAP_ANON instead of MAP_ANONYMOUS, because MAP_ANONYMOUS is only available on OS X 10.11 and later.
Differential Revision: http://reviews.llvm.org/D15180
llvm-svn: 254601
In AddressSanitizer, we have the MaybeReexec method to detect when we're running without DYLD_INSERT_LIBRARIES (in which case interceptors don't work) and re-execute with the environment variable set. On OS X 10.11+, this is no longer necessary, but to have ThreadSanitizer supported on older versions of OS X, let's use the same method as well. This patch moves the implementation from `asan/` into `sanitizer_common/`.
Differential Revision: http://reviews.llvm.org/D15123
llvm-svn: 254600
If the top-level cmake has a custom make specified through -DCMAKE_MAKE_PROGRAM
then this must be passed along to the sub-build processes in compiler-rt or the
build process will fail.
llvm-svn: 254509
si_int is already defined in sysroot's siginfo.h
emutls.c includes pthread.h which includes asm/siginfo.h which
in turn includes asm-generic/siginfo.h and that defines si_int.
si_int is also defined in builtin's int_types.h and this leads to
errors. This patch fixes the issue by undefining the si_int in int_types.h
Differential Revision: http://reviews.llvm.org/D15086
llvm-svn: 254472
For the build set up which runs the unit tests using an emulator like QEMU,
the unit tests must be run using %run.
Differential Revision: http://reviews.llvm.org/D15081
llvm-svn: 254467
This patch adds release and acquire semantics for libdispatch semaphores and a test case.
Differential Revision: http://reviews.llvm.org/D14992
llvm-svn: 254412
Calloc interceptor initially allocates memory from temp buffer (to serve dlsyms called during asan_init). There is a chance that some non-instrumented library (or executable) has allocated memory with calloc before asan_init and got pointer from the same temporary buffer which later caused problems with free.
Inspired by https://github.com/google/sanitizers/issues/626
Differential Revision: http://reviews.llvm.org/D14979
llvm-svn: 254395
This patch complete removed SANITIZER_AARCH64_VMA definition and usage.
AArch64 ports now supports runtime VMA detection and instrumentation
for 39 and 42-bit VMA.
It also Rewrite print_address to take a variadic argument list
(the addresses to print) and adjust the tests which uses it to the new
signature.
llvm-svn: 254319
On OS X, in AtosSymbolizer, if the answer from atos doesn't contain module name, let's bail and return false. There are some cases where this is beneficial, because we'll try DlAddrSymbolizer next (it's next in the symbolizer chain), which might be able to symbolize something that atos couldn't.
Differential Revision: http://reviews.llvm.org/D15071
llvm-svn: 254301
Changing comments that have references to code.google.com to point to GitHub instead, because the current links are not redirected properly (they instead redirect to different issues, mostly ASan). NFC.
Differential Revision: http://reviews.llvm.org/D15053
llvm-svn: 254300
1) There's a few wrongly defined things in tsan_interceptors.cc,
2) a typo in tsan_rtl_amd64.S which calls setjmp instead of sigsetjmp in the interceptor, and
3) on OS X, accessing an mprotected page results in a SIGBUS (and not SIGSEGV).
Differential Revision: http://reviews.llvm.org/D15052
llvm-svn: 254299
On OS X, for weak function (that user can override by providing their own implementation in the main binary), we need extern `"C" SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE NOINLINE`.
Fixes a broken test case on OS X, java_symbolization.cc, which uses a weak function __tsan_symbolize_external.
Differential Revision: http://reviews.llvm.org/D14907
llvm-svn: 254298
build errors on ARM. Define it internally to avoid such errors.
Patch by Max Ostapenko.
Differential Revision: http://reviews.llvm.org/D14921
llvm-svn: 254292
Serial queues need extra happens-before between individual tasks executed in the same queue. This patch adds `Acquire(queue)` before the executed task and `Release(queue)` just after it (for serial queues only). Added a test case.
Differential Revision: http://reviews.llvm.org/D15011
llvm-svn: 254229
This patch ports the assembly file tsan_rtl_amd64.S to OS X, where we need several changes:
* Some assembler directives are not available on OS X (.hidden, .type, .size)
* Symbol names need to start with an underscore (added a ASM_TSAN_SYMBOL macro for that).
* To make the interceptors work, we ween to name the function "_wrap_setjmp" (added ASM_TSAN_SYMBOL_INTERCEPTOR for that).
* Calling the original setjmp is done with a simple "jmp _setjmp".
* __sigsetjmp doesn't exist on OS X.
Differential Revision: http://reviews.llvm.org/D14947
llvm-svn: 254228
There's a few more lit tests that require features not available on OS X (MAP_32BIT, pthread_setname_np), let's mark them with "UNSUPPORTED: darwin".
Differential Revision: http://reviews.llvm.org/D14923
llvm-svn: 254225
Pthread spinlocks are not available on OS X and this test doesn't really require a spinlock.
Differential Revision: http://reviews.llvm.org/D14949
llvm-svn: 254224
When a race on file descriptors is detected, `FindThreadByUidLocked()` is called to retrieve ThreadContext with a specific unique_id. However, this ThreadContext might not exist in the thread registry anymore (it may have been recycled), in which case `FindThreadByUidLocked` will cause an assertion failure in `GetThreadLocked`. Adding a test case that reproduces this, producing:
FATAL: ThreadSanitizer CHECK failed: sanitizer_common/sanitizer_thread_registry.h:92 "((tid)) < ((n_contexts_))" (0x34, 0x34)
This patch fixes this by replacing the loop with `FindThreadContextLocked`.
Differential Revision: http://reviews.llvm.org/D14984
llvm-svn: 254223
This patch reorganize the platform specific mapping information to
export the application mask on a external variable. This exported
variable will be used by intrumentation phase to create code to be
used on architecture with multiple VMA range.
The patch creates a new header, dfsan_platform.h, and move all the
mapping information and also create function accessors to the
mapping value.
Also for aarch64 it initialize application exported mask to the
value based on runtime VMA detection.
llvm-svn: 254197
This patch unify the 39 and 42-bit support for AArch64 by using an external
memory read to check the runtime detected VMA and select the better mapping
and transformation. Although slower, this leads to same instrumented binary
to be independent of the kernel.
Along with this change this patch also fix some 42-bit failures with
ALSR disable by increasing the upper high app memory threshold and also
the 42-bit madvise value for non large page set.
llvm-svn: 254151
Summary:
In r251553, I added a warning that proved to be super noisy,
especially in case of MSan. Removing it for now, and I will
probably add some additional diagnostics for symbolizer, when
I better understand how to make it properly.
Reviewers: eugenis
Differential Revision: http://reviews.llvm.org/D14998
llvm-svn: 254102
Due to a typo, atos-symbolizer-dyld-root-path.cc is currently being skipped all the time. There's a few more typos/copy-paste-errors. Let's fix them and enable this test.
Differential Revision: http://reviews.llvm.org/D14951
llvm-svn: 254058
This patch adds some fixes for MSAN with libc++ for aarch64:
1. Adds the libmsan_loadable name for aarch64.
2. Fixes some pthread_attr_setstacksize for aarch64, since glibc sets
the mininum stack size to be higher than the x86_64 default (16KB
vs 128KB).
3. Fixes a swprintf null char constant definition.
llvm-svn: 254015
We need to intercept libdispatch APIs (dispatch_sync, dispatch_async, etc.) to add synchronization between the code that submits the task and the code that gets executed (possibly on a different thread). This patch adds release+acquire semantics for dispatch_sync, and dispatch_async (plus their "_f" and barrier variants). The synchronization is done on malloc'd contexts (separate for each submitted block/callback). Added tests to show usage of dispatch_sync and dispatch_async, for cases where we expect no warnings and for cases where TSan finds races.
Differential Revision: http://reviews.llvm.org/D14745
llvm-svn: 253982
The test relies on two variables in different frames to end up being on the same address. For some reason, this isn't true on OS X. This patch adds `__attribute__((aligned(64)))` to the variables, which actually makes the variables occupy the same address. This is still not a guarantee, but it's more likely to work (the test looks very fragile already).
Differential Revision: http://reviews.llvm.org/D14925
llvm-svn: 253981
Pthread semaphores are not available on OS X. Let's replace sem_wait/sem_post with barrier_wait, which makes the test pass on OS X. I know that sem_wait/sem_post is intercepted by TSan, whereas barrier_wait is TSan-invisible, but the purpose of the test is not affected by this.
Also, let's properly initialize the mutex and cond variables.
Differential Revision: http://reviews.llvm.org/D14924
llvm-svn: 253980
On OS X, interceptors don't work in unit tests, so calloc() calls the system allocator. We need to use user_calloc() instead.
Differential Revision: http://reviews.llvm.org/D14918
llvm-svn: 253979
On OS X, __thread variables are lazily heap-allocated (with malloc). Therefore, they're recognized as heap blocks (which is what they are) and not as TLS variables in TSan reports. Figuring out if a heap block is a TLS or not is difficult (in malloc interceptor we could analyze the caller and then mark the object), so let's instead modify the tests so that we expect the report to say "Location is heap block" instead of "Location is TLS".
Differential Revision: http://reviews.llvm.org/D14873
llvm-svn: 253858
This patch fixes the __cxa_guard_acquire, __cxa_guard_release and __cxa_guard_abort interceptors on OS X. They apparently work on Linux just by having the same name, but on OS X, we actually need to use TSAN_INTERCEPTOR.
Differential Revision: http://reviews.llvm.org/D14868
llvm-svn: 253776
We need to call the intercepted version of pthread_detach. Secondly, PTHREAD_CREATE_JOINABLE and PTHREAD_CREATE_DETACHED are not 0 and 1 on OS X, so we need to properly pass these constants and not just a bool.
Differential Revision: http://reviews.llvm.org/D14837
llvm-svn: 253775
The tsan_test_util_posix.cc implementation of mutexes call pthread APIs directly, which on OS X don't end up calling the intercepted versions and we miss the synchronization. This patch changes the unit tests to directly call the intercepted versions. This fixes several test failures on OS X.
Differential Revision: http://reviews.llvm.org/D14835
llvm-svn: 253774
(patch suggested by silvas)
With this patch, the IO information is wrapped in struct
ProfDataIOVec, and interface of writerCallback takes a vector
of IOVec and a pointer to writer context pointer.
Differential Revision: http://reviews.llvm.org/D14859
llvm-svn: 253764
This test checks if we can print a backtrace from the death callback. On old
OS X versions, backtrace is not able to symbolicate the trace past the ASan
runtime because we build with -fomit-frame-pointer.
llvm-svn: 253729
There seems to be a problem in system header (stdint.h) of FreeBSD
where uint8_t nor uint16_t are defined. Explicitly define the key
types as done for FreeBSD i386.
llvm-svn: 253703
Value profile enumerator change to match LLVM code
ProfData new member field name change to match LLVM code
ProfData member type change to match LLVM code
Do not use lower case for types that are internal to implementation (not exposed to APIs)
There is no functional change. This is a preparation patch to enable more code sharing
in follow up patches
Differential Revision: http://reviews.llvm.org/D14841
llvm-svn: 253700
The Crash Report is going to add app specific info if it is stored in the magical buffer.
Differential Revision: http://reviews.llvm.org/D14791
llvm-svn: 253691
The compiler-rt should make use of strlcpy() rather than strncpy(). Using internal_strncpy() may be fine with appropriate bounds checking or enforcement of nul-termination elsewhere, but it's just good practice these days to avoid using strncpy() in new code.
A patch by Jeremy Sequoia!
Differential Revision: http://reviews.llvm.org/D14714
llvm-svn: 253690
[asan] On OS X, log reports to syslog and os_trace, has been reverted in r252076 due to deadlocks on earlier versions of OS X. Alexey has also noticed deadlocks in some corner cases on Linux. This patch, if applied on top of the logging patch (http://reviews.llvm.org/D13452), addresses the known deadlock issues.
(This also proactively removes the color escape sequences from the error report buffer since we have to copy the buffer anyway.)
Differential Revision: http://reviews.llvm.org/D14470
llvm-svn: 253689
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
(In addition, add sanitizer_common_libcdep.cc to buildgo.sh to avoid
build failures on Linux.)
llvm-svn: 253688
MIPS build bots failed due to lack of 64bit atomic operations.
The fix is to disable VP for MIPS target until a better solution
is found.
llvm-svn: 253687
On Linux, we have internal_fork that forks without invoking user's pthread_atfork handlers, which is important for spawning external symbolizers. Let's implement this for OS X as well (using __fork). This patch also adds internal_forkpty which re-implements forkpty and uses __fork in it as well.
Differential Revision: http://reviews.llvm.org/D14869
llvm-svn: 253666
OS X doesn't support POSIX semaphores (but it does have the API for it, which returns ENOSYS - "Function not implemented").
Differential Revision: http://reviews.llvm.org/D14865
llvm-svn: 253665
On OS X, we don't have pthread spinlocks, let's just use a regular mutex instead. Secondly, pthread_rwlock_t is much larger (200 bytes), so `char padding_[64 - sizeof(pthread_rwlock_t)]` actually underflows.
Differential Revision: http://reviews.llvm.org/D14862
llvm-svn: 253659
Several tests rely on CLOCK_MONOTONIC, which doesn't exist on OS X. This patch fixes these tests by either disabling them (in case of cond_version.c which doesn't make sense on OS X), or by porting the test to also work on OS X.
Differential Revision: http://reviews.llvm.org/D14861
llvm-svn: 253658
Apparently check_c_compiler_flag isn't a thing everywhere. Not being
incredibly well-versed in cmake, I'm hoping that check_cxx_compiler_flag
serves a similar purpose. :)
llvm-svn: 253648
On OS X, this unit test (ThreadSpecificDtors) fails, because the new and delete operators actually call the overridden operators, which end up using TLVs and crash. Since C++'s new and delete is not important in this test, let's just replace them with a local variable. This fixes the test on OS X.
Differential Revision: http://reviews.llvm.org/D14826
llvm-svn: 253583
Summary:
Newer libstdc++ has global pool, which is filled with objects
allocated during libstdc++ initialization, and never released.
Using use_globals=0 in the lit tests results in these objects
being treated as leaks.
Fix this by porting several tests to plain C, and introducing
a simple sanity test case for __lsan::ScopedDisabler.
Reviewers: kcc, ygribov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14798
llvm-svn: 253576
On OS X, the thread finalization is fragile due to thread-local variables destruction order. I've seen cases where the we destroy the ThreadState too early and subsequent thread-local values' destructors call interceptors again. Let's replace the TLV-based thread finalization method with libpthread hooks. The notification PTHREAD_INTROSPECTION_THREAD_TERMINATE is called *after* all TLVs have been destroyed.
Differential Revision: http://reviews.llvm.org/D14777
llvm-svn: 253560
On OS X, we build a dylib of the TSan runtime, which doesn't necessarily need to contain debugging symbols (and file and line information), so llvm-symbolizer might not be able to find file names for TSan internal frames. FrameIsInternal currently only considers filenames, but we should simply treat all frames within `libclang_rt.tsan_osx_dynamic.dylib` as internal. This patch treats all modules starting with `libclang_rt.tsan_` as internal, because there may be more runtimes for other platforms in the future.
Differential Revision: http://reviews.llvm.org/D14813
llvm-svn: 253559
Several testcases need pthread barriers (e.g. all bench_*.cc which use test/tsan/bench.h) which are not available on OS X. Let's mark them with "UNSUPPORTED: darwin".
Differential Revision: http://reviews.llvm.org/D14636
llvm-svn: 253558
Reimplement dispatch_once in an interceptor to solve these issues that may produce false positives with TSan on OS X:
1) there is a racy load inside an inlined part of dispatch_once,
2) the fast path in dispatch_once doesn't perform an acquire load, so we don't properly synchronize the initialization and subsequent uses of whatever is initialized,
3) dispatch_once is already used in a lot of already-compiled code, so TSan doesn't see the inlined fast-path.
This patch uses a trick to avoid ever taking the fast path (by never storing ~0 into the predicate), which means the interceptor will always be called even from already-compiled code. Within the interceptor, our own atomic reads and writes are not written into shadow cells, so the race in the inlined part is not reported (because the accesses are only loads).
Differential Revision: http://reviews.llvm.org/D14811
llvm-svn: 253552
Summary:
dlopen(NULL, ...) is intended to give you back a handle to the
executable for use with dlsym. Casting it to link_map and using it with
ForEachMappedRegion results in a crash.
We also shouldn't unpoison the globals of a DSO that is already in
memory. This ensures that we don't do it for the executable, but in
general, MSan may have false negatives if the DSO is already loaded.
Reviewers: eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14795
llvm-svn: 253530
1. Added missing public API decl in InstrProfiling.h
2. Clang formatting fix
3. Added more comments for new VP code
4. refactor the VP allocation code to make it more readable.
llvm-svn: 253508
This change adds extends the data structures and adds in the routines
for handling runtime calls for value profiling. The profile data format
is modified and the version number is incremented.
llvm-svn: 253483
Symbolizers can call malloc/realloc/free/..., which we don't want to intercept. This is already implemented on Linux, let's do it for OS X as well.
Differential Revision: http://reviews.llvm.org/D14710
llvm-svn: 253460
This patch adds assembly routines to enable setjmp/longjmp for aarch64
on linux. It fixes:
* test/tsan/longjmp2.cc
* test/tsan/longjmp3.cc
* test/tsan/longjmp4.cc
* test/tsan/signal_longjmp.cc
I also checked with perlbench from specpu2006 (it fails to run
with missing setjmp/longjmp intrumentation).
llvm-svn: 253205
- This is to handle a corner case where profile lib is linked
in but non of the modules are instrumented (On linux, since
we avoided the overhead to emit runtime hook use functions so
this is the side effect of that size optimization).
- Added a profile runtime test case to cover all scenarios of
shared library builds.
Differential Revision: http://reviews.llvm.org/D14468
llvm-svn: 253098
I noticed that when a symbol is named just "x", it gets demangled to "long long". On POSIX, AFAIK, mangled names always start with "_Z", so lets just require that.
Differential Revision: http://reviews.llvm.org/D14637
llvm-svn: 253080
Currently, we crash on finalization of detached threads, because we'll try to clear the ThreadState twice.
Differential Revision: http://reviews.llvm.org/D14644
llvm-svn: 253079
On OS X, memcpy and memmove are actually aliases of the same function, so the memmove interceptor can be invoked on a call to memcpy. This patch updates the tests to expect either memmove or memcpy on a stack trace.
Differential Revision: http://reviews.llvm.org/D14638
llvm-svn: 253077
The OS X symbolizers (namely AtosSymbolizer) don't return full file paths, only file names. This patch modifies `mutexset*.cc` tests not to require a path to be present in the symbol on the stack trace.
Differential Revision: http://reviews.llvm.org/D14642
llvm-svn: 253075
Turns out that there are some checks in the backend that change code generation for armv7 if you are building against an iOS sys root. For the macho_embedded builtins we really don't want that.
llvm-svn: 253064
This patch adds support for symbolication of globals (implements `SymbolizeData`) for `AtosSymbolizer` on OS X.
Differential Revision: http://reviews.llvm.org/D14618
llvm-svn: 253015
We need to add -fPIC to the flags for the builtins in case PIC was turned off at a higher level. We also want to set ENABLE_PIC to Off when building the macho_embedded builtins so the top-level settings don't impact that build.
llvm-svn: 252966
Go build does not link in whatever library provides these symbols:
# runtime/race
race_windows_amd64.syso:gotsan.cc:(.text+0x578f): undefined reference to `__sanitizer::DumpProcessMap()'
race_windows_amd64.syso:gotsan.cc:(.text+0xee33): undefined reference to `EnumProcessModules'
race_windows_amd64.syso:gotsan.cc:(.text+0xeeb9): undefined reference to `GetModuleInformation'
llvm-svn: 252922
`DlAddrSymbolizer` is used on OS X when we're running inside a sandbox that prevents us from spawning an external symbolizer. This patch adds support for symbolication of globals (implements `SymbolizeData`) for `DlAddrSymbolizer`.
Differential Revision: http://reviews.llvm.org/D14613
llvm-svn: 252899
The default symbolizer, `llvm-symbolizer` provides sizes for global symbols. On OS X, we want to also allow using `atos` (because it's available everywhere and users don't need to copy/install it) and `dladdr` (it's the only available option when running in a sandbox). However, these symbolizers do not supply the symbol sizes, only names and starting addresses. This patch changes the reporting functions to hide the size of the symbol when this value is unavailable, and modifies tests to make this part of the report "optional".
Differential Revision: http://reviews.llvm.org/D14608
llvm-svn: 252896
This seems to be dead code – `system_malloc_zone` is initialized as null and we never assign to it. This code is apparently currently never executed (in ASan), but is causes trouble for the TSan OS X port. Let's replace the checks with `COMMON_MALLOC_ENTER` (`ENSURE_ASAN_INITED()`).
Differential Revision: http://reviews.llvm.org/D14334
llvm-svn: 252876
The TSan unit test build currently fails if we're also building the iOS parts of compiler-rt, because `TSAN_SUPPORTED_ARCH` contains ARM64. For unit tests, we need to filter this only to host architecture(s).
Differential Revision: http://reviews.llvm.org/D14604
llvm-svn: 252873
Setting CMAKE_*_FLAGS isn't sufficient here because CMAKE_*_FLAGS_${CMAKE_BUILD_TYPE} can override the flags, and there is no way to safely clear that because it is a cached variable (<sarcasm> YAY! </sarcasm>).
llvm-svn: 252807
Summary: This is enough to get the asan static_tls.cc test case working.
Reviewers: eugenis, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14574
llvm-svn: 252738
Summary:
On PowerPC64 Linux PTRACE_GETREGS is a #define and PT_GETREGS is not.
On other systems it's the other way round. Extend the #ifs to check for
both PTRACE_* and PT_*.
This fixes test/sanitizer_common/TestCases/Linux/ptrace.cc when msan is
enabled for PowerPC64.
Reviewers: zatrazz, kcc, eugenis, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14564
llvm-svn: 252730
Atomic RMW is not necessary in InitializeGuardArray.
It is supposed to run when no user code runs.
And if user code runs concurrently, then the atomic
RMW won't help anyway. So replace it with non-atomic RMW.
InitializeGuardArray takes more than 50% of time during re2 fuzzing:
real 0m47.215s
51.56% a.out a.out [.] __sanitizer_reset_coverage
6.68% a.out a.out [.] __sanitizer_cov
3.41% a.out a.out [.] __sanitizer::internal_bzero_aligned16(void*, unsigned long)
1.79% a.out a.out [.] __asan::Allocator::Allocate(unsigned long, unsigned long,
With this change:
real 0m31.661s
26.21% a.out a.out [.] sanitizer_reset_coverage
10.12% a.out a.out [.] sanitizer_cov
5.38% a.out a.out [.] __sanitizer::internal_bzero_aligned16(void*, unsigned long)
2.53% a.out a.out [.] __asan::Allocator::Allocate(unsigned long, unsigned long,
That's 33% speedup.
Reviewed in http://reviews.llvm.org/D14537
llvm-svn: 252715
Summary:
On Darwin, interposed functions are prefixed with "wrap_". On Linux,
they are prefixed with "__interceptor_".
Reviewers: dvyukov, samsonov, glider, kcc, kubabrecka
Subscribers: zaks.anna, llvm-commits
Differential Revision: http://reviews.llvm.org/D14512
llvm-svn: 252695
Summary:
First batch of sancov.py rewrite in C++.
Supports "-print" and "-covered_functions" commands.
Differential Revision: http://reviews.llvm.org/D14356
llvm-svn: 252683
* Setting CMAKE_*_FLAGS_${BUILD_TYPE} isn't really needed since we're setting the same value everywhere
* functions sanitize variables differently from macros, darwin_add_embedded_builtin_libraries should be a macro otherwise it won't alter the variables.
llvm-svn: 252618
Runtime code implicitly depends on the defintions and const
values defined in LLVM proper, but currently such dependency
is made implicitly by duplicating code across two dirs. As
part of the PGO cleanup effort, there will be changes to share
common sources. This is a preparation patch to enable it (NFC).
Differential Revision: http://reviews.llvm.org/D14487
llvm-svn: 252570
This commit reverts r252525. I was not really thinking about this fix properly. This doesn't work because it relys on try_compile checks which do a full compile & link. I'm going to put in a temporary solution as an interm step until we have a way to perform compiler checks without linking.
llvm-svn: 252569
Not making sure there are thin libraries results in some difficult to diagnose build failures. This check should make those build failures go away.
llvm-svn: 252527
This patch makes ASAN for aarch64 use the same shadow offset for all
currently supported VMAs (39 and 42 bits). The shadow offset is the
same for 39-bit (36).
llvm-svn: 252497
The TSan-instrumented version of libcxx doesn't even build on OS X at this point. Let's skip it from the OS X build for now, since most of TSan functionality doesn't depend on it. This will enable `check-tsan` to be run.
Differential Revision: http://reviews.llvm.org/D14486
llvm-svn: 252455
To make them the same as the common def in InstrProfData.inc.
This is a preparation to make the runtime code to use the
template as well. NFC
llvm-svn: 252421
Several tests currently deadlock when the lit test suite is run on OS X. Let's mark them as unsupported.
Differential Revision: http://reviews.llvm.org/D14443
llvm-svn: 252402
This patch enables running lit tests on OS X:
1) Simply enable tests for Darwin (they were restricted to Linux and FreeBSD).
2) Disable using instrumented libcxx (libcxx_tsan) on Darwin.
3) On Darwin, override abort_on_error=0, otherwise all tests would generate crash logs and take much longer to process.
Differential Revision: http://reviews.llvm.org/D14439
llvm-svn: 252309
The current implementation does not work on darwin and can have issues with other OSes in future.
See http://reviews.llvm.org/D14427
Make it portable once and for all (minus usleep call).
Reviewed in:
http://reviews.llvm.org/D14434
llvm-svn: 252292
Summary:
The following tests for 128-bit floating-point type behaved in a strange way, thought it were bugs, but seem to be mistakes in tests:
* `fixtfsi` test checked for `0x80000001` as a value returned for number less than can be represented, while `LONG_MIN` should be returned on saturation;
* `fixunstfdi` wasn't enabled for AArch64, only for PPC, but there is nothing PPC specific in that test;
* `multf3` tried to underflow multiplication by producing result with 16383 exponent, while there are still 112 bits of fraction plus implicit bit, so resultant exponent should be 16497.
Tests for some other builtins didn't exist:
* `fixtfdi`
* `fixtfti`
* `fixunstfti`
They were made by copying similar files and adjusting for wider types and adding/removing some reasonable/extra checks.
Also `__fixuint` seems to have off by one error, updated tests to catch this case.
Reviewers: rengolin, zatrazz, howard.hinnant, t.p.northover, jmolloy, enefaim
Subscribers: aemerson, llvm-commits, rengolin
Differential Revision: http://reviews.llvm.org/D14187
llvm-svn: 252180
Fixing `tsan_interceptors.cc`, which on OS X produces a bunch of warnings about unused constants and functions.
Differential Revision: http://reviews.llvm.org/D14381
llvm-svn: 252165
On OS X, memcpy and memmove are actually aliases of the same implementation, which means the interceptor of memcpy is also invoked when memmove is called. The current implementation of the interceptor uses `internal_memcpy` to perform the actual memory operation, which can produce an incorrect result when memmove semantics are expected. Let's call `internal_memmove` instead.
Differential Revision: http://reviews.llvm.org/D14336
llvm-svn: 252162
A call to memmove is used early during new thread initialization on OS X. This patch uses the `COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED` check, similarly to how we deal with other early-used interceptors.
Differential Revision: http://reviews.llvm.org/D14377
llvm-svn: 252161
TSan has a re-implementation of `pthread_once` in its interceptor, which assumes that the `pthread_once_t *once_control` pointer is actually pointing to a "storage" which is zero-initialized and used for the atomic operations. However, that's not true on OS X, where pthread_once_t is a structure, that contains a header (with a magic value) and the actual storage follows after that. This patch skips the header to make the interceptor work on OS X.
Differential Revision: http://reviews.llvm.org/D14379
llvm-svn: 252160
This implements a "poor man's TLV" to be used for TSan's ThreadState on OS X. Based on the fact that `pthread_self()` is always available and reliable and returns a valid pointer to memory, we'll use the shadow memory of this pointer as a thread-local storage. No user code should ever read/write to this internal libpthread structure, so it's safe to use it for this purpose. We lazily allocate the ThreadState object and store the pointer here.
Differential Revision: http://reviews.llvm.org/D14288
llvm-svn: 252159
TSan needs to use a custom malloc zone on OS X, which is already implemented in ASan. This patch uses the sanitizer_common implementation in `sanitizer_malloc_mac.inc` for TSan as well.
Reviewed at http://reviews.llvm.org/D14330
llvm-svn: 252155
TSan needs to use a custom malloc zone on OS X, which is already implemented in ASan. This patch is a refactoring patch (NFC) that extracts this from ASan into sanitizer_common, where we can reuse it in TSan.
Reviewed at http://reviews.llvm.org/D14330
llvm-svn: 252052
On OS X, GCD worker threads are created without a call to pthread_create. We need to properly register these threads with ThreadCreate and ThreadStart. This patch uses a libpthread API (`pthread_introspection_hook_install`) to get notifications about new threads and about threads that are about to be destroyed.
Differential Revision: http://reviews.llvm.org/D14328
llvm-svn: 252049
Updating the shadow memory initialization in `tsan_platform_mac.cc` to also initialize the meta shadow and to mprotect the memory ranges that need to be avoided.
Differential Revision: http://reviews.llvm.org/D14324
llvm-svn: 252044
On OS X, `memchr` is called on a newly created thread even before `__tsan_thread_start_func` is invoked, which means that the ThreadState object for that thread will not yet be initialized. Let's add `COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED` into the interceptor to simply call `internal_memchr` in these cases.
Differential Revision: http://reviews.llvm.org/D14283
llvm-svn: 251935
Add chkstk/alloca for gcc objects.
Replace or instructions with test, the latter should be marginally more
efficent, as it does not write to memory.
Differential Revision: http://reviews.llvm.org/D14044
Patch by vadimcn
llvm-svn: 251928
This patch moves a few functions from `sanitizer_linux_libcdep.cc` to `sanitizer_posix_libcdep.cc` in order to use them on OS X as well. Plus a few more small build fixes.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
Differential Revision: http://reviews.llvm.org/D14235
llvm-svn: 251918
This patch modifies `tsan_interceptors.cc` to be buildable on OS X. Several of the intercepted methods are not available on OS X, so we need to `#if !SANITIZER_MAC` them. Plus a few other fixes, e.g. `pthread_yield` doesn't exist, let's use `internal_sched_yield` instead.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
Differential Revision: http://reviews.llvm.org/D14237
llvm-svn: 251916
Hi, this patch adds a CMake flag called `COMPILER_RT_ENABLE_TSAN_OSX`, which is off by default. If enabled, the build system will be building the OS X version of the TSan runtime library (called `libclang_rt.tsan_osx_dynamic.dylib`). I'll submit patches that fix OS X build errors shortly.
This is part of an effort to port TSan to OS X, and it's one the very first steps. Don't expect TSan on OS X to actually work or pass tests at this point.
llvm-svn: 251915
This reverts commit r250823.
Replacing at least some of empty
constructors with "= default" variants is a semantical change which we
don't want. E.g. __tsan::ClockBlock contains a union of large arrays,
and it's critical for correctness and performance that we don't memset()
these arrays in the constructor.
llvm-svn: 251717
Define WIN32_LEAN_AND_MEAN before including Windows.h. This is already being
done in some places. This does it more broadly. This permits building ASAN on
Linux for Winndows, as well as reduces the amount of included declarations.
llvm-svn: 251649
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
(In addition, add sanitizer_common_libcdep.cc to buildgo.sh to avoid
build failures on Linux.)
llvm-svn: 251577
app_process32, when started via a shell script wrapper, needs a
different security context to satisty SELinux.
Patch by Abhishek Arya.
llvm-svn: 251572
Summary:
I have othen been stuck when I got an ASAN report, but no symbols
are resolved. The reasons might be different, and it always
requires a bit of detective work to track down.
These more verbose error messages will help the users like me.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D14135
llvm-svn: 251553
It was recently enabled for non-x86 targets and doesn't seem to work for MIPS.
The reason is currently unclear so XFAILing while I investigate.
llvm-svn: 251466
When ASan currently detects a bug, by default it will only print out the text
of the report to stderr. This patch changes this behavior and writes the full
text of the report to syslog before we terminate the process. It also calls
os_trace (Activity Tracing available on OS X and iOS) with a message saying
that the report is available in syslog. This is useful, because this message
will be shown in the crash log.
For this to work, the patch makes sure we store the full report into
error_message_buffer unconditionally, and it also strips out ANSI escape
sequences from the report (they are used when producing colored reports).
I've initially tried to log to syslog during printing, which is done on Android
right now. The advantage is that if we crash during error reporting or the
produced error does not go through ScopedInErrorReport, we would still get a
(partial) message in the syslog. However, that solution is very problematic on
OS X. One issue is that the logging routine uses GCD, which may spawn a new
thread on its behalf. In many cases, the reporting logic locks threadRegistry,
which leads to deadlocks.
Reviewed at http://reviews.llvm.org/D13452
llvm-svn: 251447
This will tag all mmapped memory sanitizers use with "Performance tool data"
when viewed in vmmap. (Even though sanitizers are not performance tools, it's
the best available match and better than having the unidentified objects.)
http://reviews.llvm.org/D13609
llvm-svn: 251445
We've switched to Gold earlier because of a minor misconfiguration
of the BFD linker in Android NDK. It turns out, Gold has much bigger
problems:
https://sourceware.org/bugzilla/show_bug.cgi?id=19163
(a bug is actually in the android runtime loader, but it means that
gold does not work with android L and even M).
Switching back to BFD and adding a workaround by explicitly linking
libm to all tests.
llvm-svn: 251360
Asanwrapper is required on older android versions to work around undesired
linker behavior. It is not required on L and newer, and does not fully
support multiarch devices.
llvm-svn: 251359
This patch fixes the ptrace interceptor for aarch64. The PTRACE_GETREGSET
ptrace syscall with with invalid memory might zero the iovec::iov_base
field and then masking the subsequent check after the syscall (since it
will be 0 and it will not trigger an invalid access). The fix is to copy
the value on a local variable and use its value on the checks.
The patch also adds more coverage on the Linux/ptrace.cc testcase by addding
check for PTRACE_GETREGSET for both general and floating registers (aarch64
definitions added only).
llvm-svn: 251331
This patch enables the ptrace syscall interceptors for arm and adds support
for both PTRACE_GETVFPREGS and PTRACE_SETVFPREGS used to get the VFP register
from ARM.
The ptrace tests is also updated with arm and PTRACE_GETVFPREGS tests.
llvm-svn: 251321
This patch add support for leak sanitizer for aarch64. Similar to
MIPS it uses a SizeClassAllocator32 due VMA constraints (aarch64
currently supports 39 and 42-bit VMA).
It also fixes the android build issue.
llvm-svn: 250898
Summary:
While instrumenting std::string with asan I discovered that speculative load might load data from poisoned region. Disabling all speculative loads for asan-annotated functions.
The test follows the std::string implementation.
Corresponding CL in llvm: http://reviews.llvm.org/D13264
Patch by Mike Aizatsky, the review page for the CL is http://reviews.llvm.org/D13265
Reviewers: aizatsky
Subscribers: kcc, llvm-commits
Differential Revision: http://reviews.llvm.org/D13905
llvm-svn: 250837
This patch introduces a well defined header struct
to represent raw profile header instead of using raw array.
Previously the raw array is used in two different files and
is very error prone when header structure is re-organized.
This is a small cleanup with NFC.
llvm-svn: 250561
MSVC 2013 doesnt support C99 fully, including the hexidecimal floating point
representation. Use the expanded value to permit building with it.
Patch by Tee Hao Wei!
llvm-svn: 250365
The assembly implementations use GNU syntax which MSVC doesn't handle. Rather
than duplicate the code in a second syntax, use the C implementations.
Patch by Tee Hao Wei!
llvm-svn: 250360
On Linux, the profile runtime can use __start_SECTNAME and __stop_SECTNAME
symbols defined by the linker to locate the start and end location of
a named section (with C name). This eliminates the need for instrumented
binary to call __llvm_profile_register_function during start-up time.
llvm-svn: 250200
Old version of sem_init (GLIBC_2.0) fails to initialize parts of
sem_t that are used in sem_timedwait. This is fixed in GLIBC_2.1,
but since ASan interceptors downgrade sem_* to the oldest available
version, this can introduce bugs that are only present in sanitized
build. Workaround by zero-initializing sem_t in sem_init.
llvm-svn: 250113
Revert once more. This seems to fail to build on the buildbots which build with
ninja rather than MSBuild/Visual Studio. This requires further build
infrastructure changes to deal with the assembly routines.
llvm-svn: 250001
__inline is a vendor specific spelling for inline. clang and gcc treat it the
same as inline, and is available in MSVC 2013 which does not implement C99
(VS2015 supports the inline keyword though). This will allow us to build the
builtins using MSVC.
llvm-svn: 249953
CMake build rules listed -I flags for two different libc++ header
locations which broke when libc++ headers started using include_next.
Also change -I to -isystem to avoid compiler warning about
include_next.
llvm-svn: 249759
This is an implementation of
https://github.com/google/sanitizers/issues/579
It has a number of advantages over the current mapping:
* Works for non-PIE executables.
* Does not require ASLR; as a consequence, debugging MSan programs in
gdb no longer requires "set disable-randomization off".
* Supports linux kernels >=4.1.2.
* The code is marginally faster and smaller.
This is an ABI break. We never really promised ABI stability, but
this patch includes a courtesy escape hatch: a compile-time macro
that reverts back to the old mapping layout.
llvm-svn: 249754
Summary:
Since r223145 we don't include sanitizer_allocator_internal.h into
sanitizer_symbolizer.h, so we can have undefined reference to
Internal{Alloc, Free} stuff into sanitizer_symbolizer_libbacktrace.cc under
SANITIZER_CP_DEMANGLE macro.
This patch simply includes appropriate header into
sanitizer_symbolizer_libbacktrace.h to resolve the issue.
Patch by Maxim Ostapenko!
Reviewers: kcc, eugenis, samsonov
Subscribers: llvm-commits, ygribov
Differential Revision: http://reviews.llvm.org/D13429
llvm-svn: 249633
cl does not support the same intrinsics as clang. Provide implementations for
the intrinsics using MSVC builtins.
Patch by Tee Hao Wei!
llvm-svn: 249515
Unfortunately, int_utils.h needs to depend on int_lib for the common macro
definitions. However, currently, int_utils.h is included by int_lib.h. Reorder
the inclusion to work around this.
llvm-svn: 249376
Summary: This is the Makefile analog of r247833, except that the test also had to be changed such that clang actually attempts to link the program as opposed to just building it. Because of that change, I also switched the order to checking for ld/clang architecture support, because now lack of ld support would make the clang check fail. This fixes PR24776.
Reviewers: beanz
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13425
llvm-svn: 249358
This patch add support for leak sanitizer for aarch64. Similar to
MIPS it uses a SizeClassAllocator32 due VMA constraints (aarch64
currently supports 39 and 42-bit VMA).
llvm-svn: 249337
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
- Add blank lines to separate function definitions.
- Add 'extern "C"' or 'namespace foo' comments after the appropriate
closing brackets
This is a continuation of work from 409b7b82. The focus here is on the
various sanitizers (not sanitizer_common, as before).
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13225
llvm-svn: 248966
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13310
llvm-svn: 248964
We need to make sure that if you change the builtin filter lists CMake re-generates its configurations so it includes the right builtins in the generated libraries.
llvm-svn: 248852
Summary: This ports functionality from the clang_macho_embedded.mk platform makefile over to CMake.
Reviewers: bogner, samsonov, bob.wilson
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13226
llvm-svn: 248850
We don't want to filter out the builtins that are present in libSystem like we do for the normal builtins because kexts can't link libSystem, but we should filter out all the builtins that are generally not supported on the OS and architecture.
llvm-svn: 248756
For Darwin simulator platforms we shouldn't build the cc_kext builtins at all because they aren't applicable, and we should includ the simulator builtins as slices inside the main platform builtin library.
llvm-svn: 248751
If the builtins are built with libgcc as the unwind provider on ARM, the exposed
_Unwind_SetIP is a macro. This results in the following warning due to
expansion of the argument:
warning: suggest parentheses around arithmetic in operand of ‘|’ [-Wparentheses]
Add a no-op set of parenthesis around the argument that will prevent this
warning.
llvm-svn: 248686
This somehow worked with the build on Linux, but seems to fail on the buildbots.
Split the flags apart here as otherwise the two flags are treated as one, and
cause a compilation failure.
llvm-svn: 248654
This adds a new name for ARM32 (armhf). We now force that the default build for
ARM32 (arm) to be soft-float ABI. This has a corresponding clang change to look
for these names based on the floating point ABI. The functions are built
identically (the functions are marked as AAPCS, so the calling convention does
not change, as per the RTABI specification), however, the object file contains
attributes indicating the build configuration which the linker will ensure are
not mix and matched. We now built the appropriate named archive so that we can
link properly.
llvm-svn: 248648
Rename darwin_read_exclude_file to more generic darwin_read_list_from_file, and make it take the file path instead of constructing it so it can be reused more freely.
llvm-svn: 248635
OS and ARCH must be specified, but minimum version may not. Excluding the minimum version will only apply the filters for builtins not supported by the OS and OS-Arch pair.
llvm-svn: 248543
Summary: First pass at adding cc_kext_* builtin libraries. I need to cleanup and refactor the builtin filtering so that I can use it to filter the builtin symbols list, but this is the first step in the right direction.
Reviewers: bob.wilson, bogner, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13115
llvm-svn: 248443
Summary:
Xcode 7 doesn't support targeting iOS5 and earlier. Instead of just dropping cc_kext_ios5, I've repurposed it to cc_kext_ios, and I'm pulling the iOS architectures out of cc_kext. Putting OS X and iOS slices inside the same archive was just odd.
There is a cooresponding clang change coming too.
Reviewers: bogner, bob.wilson
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13112
llvm-svn: 248441
There are lingering issues building the atomic builtins with various versions of gcc. To unblock people we can only include them on Apple platforms where they are more tested.
llvm-svn: 248386
Summary:
Building the builtins on Darwin platforms is a bit complicated. This is a first-pass implementation of the functionality from clang_darwin.mk into CMake.
When building the builtins on Darwin we have layers of blacklists that we apply based on platform, architecture, and minimum supported OS version.
Reviewers: bogner, filcab, bob.wilson, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D13059
llvm-svn: 248383
This fixes a crash in pthread_create on linux/i386 due to abi
incompatibility between intercepted and non-intercepted functions.
See the test case for more details.
llvm-svn: 248325
Currently aarch64 lacks instrumentation support for variadic arguments
for MSan. This patch sets the UBSan tests that uses it as to require
stable-runtime and sets aarch64/ubsan as an unstable one.
llvm-svn: 247996
error: width of bit-field 'allocated' (8 bits) exceeds the width of
its type; value will be truncated to 1 bit [-Werror,-Wbitfield-width]
llvm-svn: 247840
This patch enabled msan for aarch64 with 39-bit VMA and 42-bit VMA.
As defined by lib/msan/msan.h the memory layout used is for 39-bit is:
00 0000 0000 - 40 0000 0000: invalid
40 0000 0000 - 43 0000 0000: shadow
43 0000 0000 - 46 0000 0000: origin
46 0000 0000 - 55 0000 0000: invalid
55 0000 0000 - 56 0000 0000: app (low)
56 0000 0000 - 70 0000 0000: invalid
70 0000 0000 - 80 0000 0000: app (high)
And for 42-bit VMA:
000 0000 0000 - 100 0000 0000: invalid
100 0000 0000 - 11b 0000 0000: shadow
11b 0000 0000 - 120 0000 0000: invalid
120 0000 0000 - 13b 0000 0000: origin
13b 0000 0000 - 2aa 0000 0000: invalid
2aa 0000 0000 - 2ab 0000 0000: app (low)
2ab 0000 0000 - 3f0 0000 0000: invalid
3f0 0000 0000 - 400 0000 0000: app (high)
Most of tests are passing with exception of:
* Linux/mallinfo.cc
* chained_origin_limits.cc
* dlerror.cc
* param_tls_limit.cc
* signal_stress_test.cc
* nonnull-arg.cpp
The 'Linux/mallinfo.cc' is due the fact AArch64 returns the sret in 'x8'
instead of default first argument 'x1'. So a function prototype that
aims to mimic (by using first argument as the return of function) won't
work. For GCC one can make a register alias (register var asm ("r8")), but
for clang it detects is an unused variable and generate wrong code.
The 'chained_origin_limits' is probably due a wrong code generation,
since it fails only when origin memory is used
(-fsanitize-memory-track-origins=2) and only in the returned code
(return buf[50]).
The 'signal_streess_test' and 'nonnull-arg' are due currently missing variadic
argument handling in memory sanitizer code instrumentation on LLVM side.
Both 'dlerror' and 'param_tls_test' are unknown failures that require
further investigation.
All the failures are XFAIL for aarch64 for now.
llvm-svn: 247809
test/msan/dtor-trivial.cpp. Runtime testing for poisoning
vtable pointer in dtor.
Summary: Runtime testing for vtable ptr poisoning in dtor.
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12713
Clean test case & comments.
Update tests for vptr poisoning order.
Simplify test to rely upon globals.
Assertions verify that vtable still accessible from dtors.
Testing linear inheritance and multiple inheritance for vtable poisoning.
Macros for testing expected failing functions.
Rename macros.
Removed xfail, modified FileCheck commands, to expect test to crash.
llvm-svn: 247763
There are situations where a user may want to build only the compiler-rt builtins, or only the sanitizer runtimes. This exposes options to do that. Both default to On, so there should be no implicit change in behavior.
llvm-svn: 247607
If the pointer passed to the getVtablePrefix function was read from a freed
object, we may end up following pointers into objects on the heap and
printing bogus dynamic type names in diagnostics. However, we know that
vtable pointers will generally only point into memory mapped from object
files, not objects on the heap.
This change causes us to only follow pointers in a vtable if the vtable
and one of the virtual functions it points to appear to have appropriate
permissions (i.e. non-writable, and maybe executable), which will generally
exclude heap pointers.
Only enabled for Linux; this hasn't been tested on FreeBSD, and vtables are
writable on Mac (PR24782) so this won't work there.
Differential Revision: http://reviews.llvm.org/D12790
llvm-svn: 247484
This patch adds a runtime check for asan, dfsan, msan, and tsan for
architectures that support multiple VMA size (like aarch64). Currently
the check only prints a warning indicating which is the VMA built and
expected against the one detected at runtime.
llvm-svn: 247413
In some cases, PHDR table is allocated with malloc() by the linker
instead of being mapped from file. It needs to be unpoisoned in the
dl_iterate_phdr callback then.
This happens when program headers are not part of any loadable ELF
segment.
llvm-svn: 247100
Instead, assume we're going to target triple specified by
COMPILER_RT_DEFAULT_TARGET_TRIPLE and build runtimes for this triple
(and hope that the host compiler can target them).
This will help users that use cross-compiler on their host to build
Clang that would work on a different architecture. This will also come in
handy if one would want to configure several compiler-rt build trees on
the same host, using just-built Clang that can target many
architectures.
This doesn't change the behavior in the default build configuration.
llvm-svn: 247099
Summary:
When destructor for a class is not declared, no destructor
is emitted, and members are not poisoned. Test case exhibits this
current bug in use-after-dtor implementation (detailed in
https://github.com/google/sanitizers/issues/596).
Reviewers: eugenis, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12617
Rename test files.
llvm-svn: 247091
On recent OS X systems, blocks used as callbacks for XPC events (set up e.g. via xpc_connection_set_event_handler) are not later executed via the public libdispatch API (dispatch_async, etc). Because we don't intercept the path where the block is executed, we can fail to register the newly created dispatch thread. To fix that, let's intercept libxpc's APIs that take a block as a callback handler, and let's wrap these blocks in the same way as we do for libdispatch API.
Differential Revision: http://reviews.llvm.org/D12490
llvm-svn: 246961
Tests need to be run either via asanwrapper or asanwrapper64
depending in the binary bitness. This matters when testing on an
aarch64 device.
llvm-svn: 246891
The failure is caused by the missing implementation of array cookie
poisoning in Clang for ARMCXXABI and has nothing to do with Android
(and the test passes on Android/x86).
llvm-svn: 246832
Due to a slightly different initialization order, syslog on
android/x86 calls vsnprintf, which can not be handled until interceptors
are initialized at least.
llvm-svn: 246831
Summary: Verify that all members are poisoned.
Reviewers: eugenis, kcc
Differential Revision: http://reviews.llvm.org/D12023
Test virtual functions and virtual bases poisoning proper size.
Runtime testing of destroying diamond inheritance.
Explicit testing for 0 optimizations.
Simplify test to only test interesting values.
Test poisoning on multiple inheritance with nontrivial and trivial members.
Removed unnecessary header.
Testing (anonymous/)bit fields.
Revised object instantiation in test to avoid undefined behavior.
llvm-svn: 246817
Race deduplication code proved to be a performance bottleneck in the past if suppressions/annotations are used, or just some races left unaddressed. And we still get user complaints about this:
https://groups.google.com/forum/#!topic/thread-sanitizer/hB0WyiTI4e4
ReportRace already has several layers of caching for racy pcs/addresses to make deduplication faster. However, ReportRace still takes a global mutex (ThreadRegistry and ReportMutex) during deduplication and also calls mmap/munmap (which take process-wide semaphore in kernel), this makes deduplication non-scalable.
This patch moves race deduplication outside of global mutexes and also removes all mmap/munmap calls.
As the result, race_stress.cc with 100 threads and 10000 iterations become 30x faster:
before:
real 0m21.673s
user 0m5.932s
sys 0m34.885s
after:
real 0m0.720s
user 0m23.646s
sys 0m1.254s
http://reviews.llvm.org/D12554
llvm-svn: 246758
All supported version of Android provide both "signal" and
"bsd_signal" libc exports. Binaries built for API level <21 call
bsd_signal; newer binaries call signal.
Simply intercept both.
Fixes AddressSanitizer.SignalTest on Android/x86.
llvm-svn: 246716
Summary:
I broke building the builtins with r245967. This fixes them on Linux and builds them properly for Darwin.
The old code could not be made to work on Darwin as a result of the refactoring of add_compiler_rt_runtime, so I had to rework the way they are built for Darwin. This solution is not ideal and will be fixed in subsequent commits. I just want to get this in so everything is working again.
Reviewers: samsonov, chh, compnerd, bogner
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12500
llvm-svn: 246487
According to `man freopen`, passing NULL instead of a filename is valid, however the current implementation of the interceptor assumes this parameter is non-NULL. Let's fix that and add a test case.
Differential Revision: http://reviews.llvm.org/D11389
llvm-svn: 246435
This patch adds support for tsan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels). The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt. The default VMA is 39 bits.
It also enabled tsan for previous supported VMA (39).
llvm-svn: 246330
Summary:
Teach all sanitizers to call abort() instead of _exit() after printing
an error report, if requested. This behavior is the default on Mac OS.
Reviewers: kcc, kubabrecka
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12332
llvm-svn: 246205
Summary:
This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Changes to CMakeLists files are all minimal except ubsan which tests the new ARCHS loop.
Further cleanup patches will follow.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12410
llvm-svn: 246199
Summary: This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12409
llvm-svn: 246178
This patch fix the function GetTls for aarch64, where it assumes it
follows the x86_64 way where the TLS initial address is at the end
of TLS. Instead aarch64 set the TLS address as the thread pointer.
llvm-svn: 246148
Summary: This is the first step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12386
llvm-svn: 246102
This follows the approach we use in ASan and UBSan lit tests to setup
tool options in a portable way, and to provide a nice way to specify
testsuite-wide defaults.
llvm-svn: 246058
Summary: This is one more step to allow us to eliminate platform-specific code from the library CMakeLists files. Subsequent patches will refactor all call sites to use this and other new features.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12339
llvm-svn: 246047
Summary: Currently there is a libc++ test failing under MSAN because wcrtomb is not intercepted. This patch adds an interceptor for it.
Reviewers: samsonov, eugenis
Subscribers: tberghammer, danalbert, srhines, llvm-commits
Differential Revision: http://reviews.llvm.org/D12311
llvm-svn: 245994
Summary: This refactoring moves much of the Apple-specific behavior into a function in AddCompilerRT. The next cleanup patch will remove more of the if(APPLE) checks in the outlying CMakeLists.
This patch adds a bunch of new functionality to add_compiler_rt_runtime so that the target names don't need to be reconstructed outside the call. It also updates some of the call sites to exercise the new functionality, but does not update all uses fully. Subsequent patches will further update call sites and move to using the new features.
Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov
Subscribers: beanz, rengolin, llvm-commits
Differential Revision: http://reviews.llvm.org/D12292
llvm-svn: 245970
Introduce %env_ubsan_opts= substitution instead of specifying
UBSAN_OPTIONS manually in the RUN-lines. This will come in handy
once we introduce some default UBSAN_OPTIONS for the whole testsuite
(for instance, make abort_on_error common option).
llvm-svn: 245967
Previously we had to call __sanitizer_cov_dump() from tool-specific
callbacks - instead, let sanitizer_common library handle this in a
single place.
This is a re-application of r245770, with slightly different approach
taken.
llvm-svn: 245890
This is required to properly re-apply r245770:
1) We should be able to dump coverage in __sanitizer::Die() if coverage
collection is turned on.
2) We don't want to explicitly do this in every single
sanitizer that supports it.
3) We don't want to link in coverage (and therefore symbolization) bits
into small sanitizers that don't support it (safestack).
The solution is to make InitializeCoverage() register its own Die()
callback that would call __sanitizer_cov_dump(). This callback should be
executed in addition to another tool-specific die callbacks (if there
are any).
llvm-svn: 245889
This patch adds support for dfsan on aarch64-linux with 42-bit VMA
(current default config for 64K pagesize kernels). The support is
enabled by defining the SANITIZER_AARCH64_VMA to 42 at build time
for both clang/llvm and compiler-rt. The default VMA is 39 bits.
llvm-svn: 245841
These changes break both autoconf Mac OS X buildbot (linker errors
due to wrong Makefiles) and CMake buildbot (safestack test failures).
llvm-svn: 245784
Kuba Brecka