| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Like r367463, but for asan.
llvm-svn: 367558
|
| |
|
|
|
|
|
|
|
|
| |
Otherwise the tests hang on Windows attempting to report nested errors.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D63627
llvm-svn: 364070
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This patch contains a fixlet for the AddressSanitizer on the SPARC with GCC, which would otherwise generate a problematic call to the intercepted memcpy routine. It was tested with GCC on SPARC/Solaris and SPARC/Linux.
Patch by Eric Botcazou.
Reviewers: #sanitizers, vitalybuka
Reviewed By: #sanitizers, vitalybuka
Subscribers: vitalybuka, ro, jyknight, kubamracek, fedor.sergeev, jdoerfert, llvm-commits, #sanitizers
Tags: #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D58433
llvm-svn: 355979
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to reflect the new license.
We understand that people may be surprised that we're moving the header
entirely to discuss the new license. We checked this carefully with the
Foundation's lawyer and we believe this is the correct approach.
Essentially, all code in the project is now made available by the LLVM
project under our new license, so you will see that the license headers
include that license only. Some of our contributors have contributed
code under our old license, and accordingly, we have retained a copy of
our old license notice in the top-level files in each project and
repository.
llvm-svn: 351636
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
private and internal: should not trigger ODR at all.
unnamed_addr: current ODR checking approach fail and rereport false violation if
a linker merges such globals
linkonce_odr, weak_odr: could cause similar problems and they are already not
instrumented for ELF.
Reviewers: eugenis, kcc
Subscribers: kubamracek, hiraditya, llvm-commits
Differential Revision: https://reviews.llvm.org/D55621
llvm-svn: 349015
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Flag was added for testing 3 years ago. Probably it's time
to simplify code and usage by removing it.
Reviewers: eugenis, m.ostapenko
Subscribers: mehdi_amini, kubamracek, steven_wu, dexonsmith, llvm-commits
Differential Revision: https://reviews.llvm.org/D55254
llvm-svn: 348315
|
| |
|
|
| |
llvm-svn: 331617
|
| |
|
|
|
|
|
|
| |
dlclose itself might touch it, so better return it to the state it was
before. I don't know how to create a test for this as it would require
chaning dlclose itself.
llvm-svn: 314415
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
compunit's .data section. This vector is not poisoned. Because of this the
first symbol of the following section has no left red zone. As a result, ASan
cannot detect underflow for such symbols.
Poison ASan allocated metadata, it should not be accessible to user code.
This fix does not eliminate the problem with missing left red zones but it
reduces the set of vulnerable symbols from first symbols in each input data
section to first symbols in the output section of the binary.
Differential Revision: https://reviews.llvm.org/D38056
llvm-svn: 314365
|
| |
|
|
|
|
|
| |
Third attempt. See the description of the corresponding commit in
LLVM for more details.
llvm-svn: 301588
|
| |
|
|
|
|
| |
This reverts r299698, which caused a big increase in object file size.
llvm-svn: 299881
|
| |
|
|
|
|
| |
This is a re-land of r298173, r298169, r298159.
llvm-svn: 299698
|
| |
|
|
|
|
|
|
|
|
|
| |
Revert "Fix sanitizer tests with LLVM_TOOL_LLD_BUILD=OFF."
Revert "[asan] Remove gc-sections test with bfd."
Revert "[asan] Disable globals-gc test with ld.bfd."
Revert "[asan] Fix dead stripping of globals on Linux (compiler-rt)"
OOM in gold linker.
llvm-svn: 298287
|
| |
|
|
|
|
|
|
| |
Runtime support for the new instrumentation of globals based on !associated, and a bunch of tests.
Differential Revision: https://reviews.llvm.org/D30120
llvm-svn: 298159
|
| |
|
|
|
|
| |
Should fix issues that came up while testing Win64 ASan.
llvm-svn: 287791
|
| |
|
|
|
|
|
|
|
|
| |
The MSVC incremental linker pads every global out to 256 bytes in case
it changes size after an incremental link. So, skip over null entries in
the DSO-wide asan globals array. This only works if the global padding
size is divisible by the size of the asan global object, so add some
defensive CHECKs.
llvm-svn: 287780
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
The expectation is that new instrumented code will add global variable
metadata to the .ASAN$GL section, and we will use this new code to
iterate over it.
This technique seems to break when using incremental linking, which
seems to align every global to a 256 byte boundary. Presumably this is
so that it can incrementally cope with global changing size. Clang
already passes -incremental:no as a linker flag when you invoke it to do
the link step.
The two tests added for this feature will fail until the LLVM
instrumentation change in D26770 lands, so they are marked XFAIL for
now.
Reviewers: pcc, kcc, mehdi_amini, kubabrecka
Subscribers: llvm-commits, mgorny
Differential Revision: https://reviews.llvm.org/D26771
llvm-svn: 287246
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When optimizing, GCC optimizes away aggressively unused static globals.
The __asan_before_dynamic_init/__asan_after_dynamic_init calls are placed
in static constructor earlier while the registration of the globals is done
later in the compilation process. If all the globals with
dynamic initialization are optimized away from some particular TU in between
those two, libasan can fail on an assertion that dynamic_init_globals is
empty.
While I'm going to commit a GCC change which will remove the
__asan_before_dynamic_init/__asan_after_dynamic_init in many cases when this
happens (basically if the optimizers can prove there are no memory
references in between the two calls), there are still testcases where such
pair of calls is left, e.g. for
struct S { S () { asm volatile ("" : : : "memory"); } };
static S c;
int
main ()
{
return 0;
}
with -O2 -fsanitize=address and ASAN_OPTIONS=check_initialization_order=true
this still fails the assertion. Trying to avoid this problem on the
compiler side would decrease code quality I'm afraid, whether it is making
sure for -fsanitize=address we keep around at least one dynamically
initialized global if the
__asan_before_dynamic_init/__asan_after_dynamic_init pair has been emitted,
or adding some artificial global which would be used as the condition for
those calls etc.
So, can the assertion be instead just removed, this really shouldn't slow
down the calls measurably (for __asan_before_dynamic_init it is even
cheaper) and the assertion doesn't check something worthwhile anyway (it is
sufficient if there is a single dynamically initialized global in any other
TU to make it happy).
Details in http://gcc.gnu.org/PR77396
Author: Jakub Jelinek
llvm-svn: 280657
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
information, and one that prints it.
Summary:
Replacement for part of D23518
This deals with global variable addresses.
(This commit is written on top of D23605, but can be applied by itself)
Reviewers: kcc, samsonov
Subscribers: kubabrecka, llvm-commits
Differential Revision: https://reviews.llvm.org/D23607
llvm-svn: 278959
|
| |
|
|
|
|
|
|
|
|
|
| |
This change introduces routines that register and unregister all
instrumented globals in a loaded executable image.
These routines are only implemented on Darwin, where globals metadata
is expected to be placed in the __DATA,__asan_globals section.
Review: http://reviews.llvm.org/D16841
llvm-svn: 264644
|
| |
|
|
| |
llvm-svn: 264112
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
indicator symbols.
This is a compiler-rt part of this http://reviews.llvm.org/D15642 patch. Here,
we add a new approach for ODR violation detection.
Instead of using __asan_region_is_poisoned(g->beg, g->size_with_redzone) on
global address (that would return false now due to using private alias), we can
use new globally visible indicator symbol to perform the check.
Differential Revision: http://reviews.llvm.org/D15644
llvm-svn: 260076
|
| |
|
|
| |
llvm-svn: 259979
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
- Add blank lines to separate function definitions.
- Add 'extern "C"' or 'namespace foo' comments after the appropriate
closing brackets
This is a continuation of work from 409b7b82. The focus here is on the
various sanitizers (not sanitizer_common, as before).
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13225
llvm-svn: 248966
|
| |
|
|
| |
llvm-svn: 235540
|
| |
|
|
| |
llvm-svn: 235539
|
| |
|
|
| |
llvm-svn: 231000
|
| |
|
|
| |
llvm-svn: 230409
|
| |
|
|
|
|
| |
instead of the one used for FATAL crash (which may be too slow)
llvm-svn: 230256
|
| |
|
|
| |
llvm-svn: 230018
|
| |
|
|
| |
llvm-svn: 228838
|
| |
|
|
|
|
|
|
|
|
| |
SetCanPoisonMemory()/CanPoisonMemory() functions are now used
instead of "poison_heap" flag to determine if ASan is allowed
to poison the shadow memory. This allows to hot-patch this
value in runtime (e.g. during ASan activation) without introducing
a data race.
llvm-svn: 224395
|
| |
|
|
| |
llvm-svn: 220637
|
| |
|
|
|
|
|
|
|
|
| |
extraction and locating addresses
Reviewed at http://reviews.llvm.org/D4527
Fixed a test case failure on 32-bit Linux, I did right shift on intptr_t, instead it should have been uintptr_t.
llvm-svn: 218538
|
| |
|
|
| |
llvm-svn: 218501
|
| |
|
|
|
|
|
|
|
|
| |
addresses
Reviewed at http://reviews.llvm.org/D4527
This patch is part of an effort to implement a more generic debugging API, as proposed in http://lists.cs.uiuc.edu/pipermail/llvmdev/2014-July/074656.html, with first part reviewed at http://reviews.llvm.org/D4466. Now adding several new APIs: __asan_report_present, __asan_get_report_{pc,bp,sp,address,type,size,description}, __asan_locate_address. These return whether an asan report happened yet, the PC, BP, SP, address, access type (read/write), access size and bug description (e.g. "heap-use-after-free"), __asan_locate_address takes a pointer and tries to locate it, i.e. say whether it is a heap pointer, a global or a stack, or whether it's a pointer into the shadow memory. If global or stack, tries to also return the variable name, address and size. If heap, tries to return the chunk address and size. Generally these should serve as an alternative to "asan_describe_address", which only returns all the data in text form. Having an API to get these data could allow having debugging scripts/extensions that could show additional information about a variable/expression/pointer. Test cases in test/asan/TestCases/debug_locate.cc and test/asan/TestCasea/debug_report.cc.
llvm-svn: 218481
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of creating global variables for source locations and global names,
just create metadata nodes and strings. They will be transformed into actual
globals in the instrumentation pass (if necessary). This approach is more
flexible:
1) we don't have to ensure that our custom globals survive all the optimizations
2) if globals are discarded for some reason, we will simply ignore metadata for them
and won't have to erase corresponding globals
3) metadata for source locations can be reused for other purposes: e.g. we may
attach source location metadata to alloca instructions and provide better descriptions
for stack variables in ASan error reports.
No functionality change.
llvm-svn: 214604
|
| |
|
|
|
|
| |
the globals have been registered (thus show the name of shared library or exe to which the global belongs). The reports become a bit too verbose but I do not see any *simple* way to make them more compact. This should be especially helpful when the ODR happens because the same .cc file is used twice in the project in differend DSOs
llvm-svn: 211343
|
| |
|
|
|
|
| |
=1 detects only those where the variable sizes are different. BTW, the detector seems to be working well and finding nice bugs. Early adopters are welcome.
llvm-svn: 207415
|
| |
|
|
|
|
| |
outside of a tiny test, may need tuning.
llvm-svn: 207210
|
| |
|
|
| |
llvm-svn: 193308
|
| |
|
|
| |
llvm-svn: 183972
|
| |
|
|
|
|
|
|
|
|
| |
We don't want to report initialization-order bugs when a destructor of a global
variable accesses dynamically initialized global from another
(not necessarily initialized) module. We do this by intercepting __cxa_atexit and
registrering our own callback that unpoisons shadow for all dynamically initialized
global variables.
llvm-svn: 182637
|
| |
|
|
|
|
|
|
|
|
| |
This change adds ASan runtime option "strict-init-order" (off by default)
that makes init-order checker bark if global initializer accesses any global from different
translation unit (even if the latter is already initialized). strict init-order checking
doesn't play well with, e.g. LLVM registration machineries, and causes issue
https://code.google.com/p/address-sanitizer/issues/detail?id=178.
llvm-svn: 179843
|
| |
|
|
|
|
| |
INLINE combinations
llvm-svn: 178266
|
| |
|
|
|
|
| |
of PoisonShadow functions, store copies of __asan_global descriptors in a vector instead of list of pointers. This gives 3x speedup on both benchmarks and real binaries with lots of globals.
llvm-svn: 178239
|
| |
|
|
|
|
| |
pointer to private string with module name. This string serves as a unique module ID in ASan runtime. compiler-rt part
llvm-svn: 178014
|
| |
|
|
| |
llvm-svn: 177862
|
| |
|
|
|
|
|
|
|
|
| |
In case of partial right OOB, ASan was reporting
X is located 0 bytes to the right of [A, B)
where X was actually inside [A, B).
With this change, ASan will report B as the error address in such case.
llvm-svn: 174373
|
| |
|
|
|
|
| |
that makes sure users can include interface header
llvm-svn: 174058
|
