| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch provides the assembly support for setjmp/longjmp for use
with the thread sanitizer. This is a big more complicated than for
aarch64, because sibcalls are only legal under our ABIs if the TOC
pointer is unchanged. Since the true setjmp function trashes the TOC
pointer, and we have to leave the stack in a correct state, we emulate
the setjmp function rather than branching to it.
We also need to materialize the TOC for cases where the _setjmp code
is called from libc. This is done differently under the ELFv1 and
ELFv2 ABIs.
llvm-svn: 255059
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is by Simone Atzeni with portions by Adhemerval Zanella.
This contains the LLVM patches to enable the thread sanitizer for
PPC64, both big- and little-endian. Two different virtual memory
sizes are supported: Old kernels use a 44-bit address space, while
newer kernels require a 46-bit address space.
There are two companion patches that will be added shortly. There is
a Clang patch to actually turn on the use of the thread sanitizer for
PPC64. There is also a patch that I wrote to provide interceptor
support for setjmp/longjmp on PPC64.
Patch discussion at reviews.llvm.org/D12841.
llvm-svn: 255057
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
It was barely supported for a several years for now, somewhat
rotten and doesn't correspond to the way we build/test TSan runtime
in Clang anymore.
CMake build has proper compile flags, library layout, build
dependencies etc.
Shell scripts that depended on the output of Makefile.old are
either obsolete now (check_cmake.sh), or moved to lit tests
(check_memcpy.sh), or kept as a standalone scripts not suitable
for generic test suite, but invoked on bots (check_analyze.sh).
It is not used on bots anymore: all "interesting" configurations
(gcc/clang as a host compiler; debug/release build types) are now
tested via CMake.
Reviewers: dvyukov, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D15316
llvm-svn: 255032
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Another attempt at fixing tsan_invisible_barrier.
Current implementation causes:
https://llvm.org/bugs/show_bug.cgi?id=25643
There were several unsuccessful iterations for this functionality:
Initially it was implemented in user code using REAL(pthread_barrier_wait). But pthread_barrier_wait is not supported on MacOS. Futexes are linux-specific for this matter.
Then we switched to atomics+usleep(10). But usleep produced parasitic "as-if synchronized via sleep" messages in reports which failed some output tests.
Then we switched to atomics+sched_yield. But this produced tons of tsan- visible events, which lead to "failed to restore stack trace" failures.
Move implementation into runtime and use internal_sched_yield in the wait loop.
This way tsan should see no events from the barrier, so not trace overflows and
no "as-if synchronized via sleep" messages.
llvm-svn: 255030
|
| |
|
|
|
|
|
|
| |
This patch adds release and acquire semantics for dispatch groups, plus a test case.
Differential Revision: http://reviews.llvm.org/D15048
llvm-svn: 255020
|
| |
|
|
|
|
|
|
|
|
| |
mac_ignore_invalid_free was helpful when ASan runtime used to intercept
CFAllocator and sometimes corrupted its memory. This behavior had been long
gone, and the flag was unused.
This patch also deletes ReportMacCfReallocUnknown(), which was used by the
CFAllocator realloc() wrapper.
llvm-svn: 254722
|
| |
|
|
|
|
|
|
| |
On OS X, there are other-than-pthread locking APIs that are used quite extensively - OSSpinLock and os_lock_lock. Let's add interceptors for those.
Differential Revision: http://reviews.llvm.org/D14987
llvm-svn: 254611
|
| |
|
|
|
|
|
|
| |
In AddressSanitizer, we have the MaybeReexec method to detect when we're running without DYLD_INSERT_LIBRARIES (in which case interceptors don't work) and re-execute with the environment variable set. On OS X 10.11+, this is no longer necessary, but to have ThreadSanitizer supported on older versions of OS X, let's use the same method as well. This patch moves the implementation from `asan/` into `sanitizer_common/`.
Differential Revision: http://reviews.llvm.org/D15123
llvm-svn: 254600
|
| |
|
|
|
|
|
|
| |
This patch adds release and acquire semantics for libdispatch semaphores and a test case.
Differential Revision: http://reviews.llvm.org/D14992
llvm-svn: 254412
|
| |
|
|
|
|
|
|
|
|
| |
1) There's a few wrongly defined things in tsan_interceptors.cc,
2) a typo in tsan_rtl_amd64.S which calls setjmp instead of sigsetjmp in the interceptor, and
3) on OS X, accessing an mprotected page results in a SIGBUS (and not SIGSEGV).
Differential Revision: http://reviews.llvm.org/D15052
llvm-svn: 254299
|
| |
|
|
|
|
|
|
|
|
| |
On OS X, for weak function (that user can override by providing their own implementation in the main binary), we need extern `"C" SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE NOINLINE`.
Fixes a broken test case on OS X, java_symbolization.cc, which uses a weak function __tsan_symbolize_external.
Differential Revision: http://reviews.llvm.org/D14907
llvm-svn: 254298
|
| |
|
|
|
|
|
|
| |
Serial queues need extra happens-before between individual tasks executed in the same queue. This patch adds `Acquire(queue)` before the executed task and `Release(queue)` just after it (for serial queues only). Added a test case.
Differential Revision: http://reviews.llvm.org/D15011
llvm-svn: 254229
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch ports the assembly file tsan_rtl_amd64.S to OS X, where we need several changes:
* Some assembler directives are not available on OS X (.hidden, .type, .size)
* Symbol names need to start with an underscore (added a ASM_TSAN_SYMBOL macro for that).
* To make the interceptors work, we ween to name the function "_wrap_setjmp" (added ASM_TSAN_SYMBOL_INTERCEPTOR for that).
* Calling the original setjmp is done with a simple "jmp _setjmp".
* __sigsetjmp doesn't exist on OS X.
Differential Revision: http://reviews.llvm.org/D14947
llvm-svn: 254228
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When a race on file descriptors is detected, `FindThreadByUidLocked()` is called to retrieve ThreadContext with a specific unique_id. However, this ThreadContext might not exist in the thread registry anymore (it may have been recycled), in which case `FindThreadByUidLocked` will cause an assertion failure in `GetThreadLocked`. Adding a test case that reproduces this, producing:
FATAL: ThreadSanitizer CHECK failed: sanitizer_common/sanitizer_thread_registry.h:92 "((tid)) < ((n_contexts_))" (0x34, 0x34)
This patch fixes this by replacing the loop with `FindThreadContextLocked`.
Differential Revision: http://reviews.llvm.org/D14984
llvm-svn: 254223
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch unify the 39 and 42-bit support for AArch64 by using an external
memory read to check the runtime detected VMA and select the better mapping
and transformation. Although slower, this leads to same instrumented binary
to be independent of the kernel.
Along with this change this patch also fix some 42-bit failures with
ALSR disable by increasing the upper high app memory threshold and also
the 42-bit madvise value for non large page set.
llvm-svn: 254151
|
| |
|
|
|
|
|
|
| |
On OS X, SIGBUS is 10 and SIGSYS is 12.
Differential Revision: http://reviews.llvm.org/D14946
llvm-svn: 253983
|
| |
|
|
|
|
|
|
| |
We need to intercept libdispatch APIs (dispatch_sync, dispatch_async, etc.) to add synchronization between the code that submits the task and the code that gets executed (possibly on a different thread). This patch adds release+acquire semantics for dispatch_sync, and dispatch_async (plus their "_f" and barrier variants). The synchronization is done on malloc'd contexts (separate for each submitted block/callback). Added tests to show usage of dispatch_sync and dispatch_async, for cases where we expect no warnings and for cases where TSan finds races.
Differential Revision: http://reviews.llvm.org/D14745
llvm-svn: 253982
|
| |
|
|
|
|
|
|
| |
This patch fixes the __cxa_guard_acquire, __cxa_guard_release and __cxa_guard_abort interceptors on OS X. They apparently work on Linux just by having the same name, but on OS X, we actually need to use TSAN_INTERCEPTOR.
Differential Revision: http://reviews.llvm.org/D14868
llvm-svn: 253776
|
| |
|
|
|
|
|
|
|
|
| |
of libpthread hooks
On OS X, the thread finalization is fragile due to thread-local variables destruction order. I've seen cases where the we destroy the ThreadState too early and subsequent thread-local values' destructors call interceptors again. Let's replace the TLV-based thread finalization method with libpthread hooks. The notification PTHREAD_INTROSPECTION_THREAD_TERMINATE is called *after* all TLVs have been destroyed.
Differential Revision: http://reviews.llvm.org/D14777
llvm-svn: 253560
|
| |
|
|
|
|
|
|
| |
On OS X, we build a dylib of the TSan runtime, which doesn't necessarily need to contain debugging symbols (and file and line information), so llvm-symbolizer might not be able to find file names for TSan internal frames. FrameIsInternal currently only considers filenames, but we should simply treat all frames within `libclang_rt.tsan_osx_dynamic.dylib` as internal. This patch treats all modules starting with `libclang_rt.tsan_` as internal, because there may be more runtimes for other platforms in the future.
Differential Revision: http://reviews.llvm.org/D14813
llvm-svn: 253559
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reimplement dispatch_once in an interceptor to solve these issues that may produce false positives with TSan on OS X:
1) there is a racy load inside an inlined part of dispatch_once,
2) the fast path in dispatch_once doesn't perform an acquire load, so we don't properly synchronize the initialization and subsequent uses of whatever is initialized,
3) dispatch_once is already used in a lot of already-compiled code, so TSan doesn't see the inlined fast-path.
This patch uses a trick to avoid ever taking the fast path (by never storing ~0 into the predicate), which means the interceptor will always be called even from already-compiled code. Within the interceptor, our own atomic reads and writes are not written into shadow cells, so the race in the inlined part is not reported (because the accesses are only loads).
Differential Revision: http://reviews.llvm.org/D14811
llvm-svn: 253552
|
| |
|
|
|
|
|
|
| |
Symbolizers can call malloc/realloc/free/..., which we don't want to intercept. This is already implemented on Linux, let's do it for OS X as well.
Differential Revision: http://reviews.llvm.org/D14710
llvm-svn: 253460
|
| |
|
|
| |
llvm-svn: 253416
|
| |
|
|
| |
llvm-svn: 253407
|
| |
|
|
|
|
| |
As per comments in 252892 commit.
llvm-svn: 253216
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds assembly routines to enable setjmp/longjmp for aarch64
on linux. It fixes:
* test/tsan/longjmp2.cc
* test/tsan/longjmp3.cc
* test/tsan/longjmp4.cc
* test/tsan/signal_longjmp.cc
I also checked with perlbench from specpu2006 (it fails to run
with missing setjmp/longjmp intrumentation).
llvm-svn: 253205
|
| |
|
|
|
|
|
|
| |
Currently, we crash on finalization of detached threads, because we'll try to clear the ThreadState twice.
Differential Revision: http://reviews.llvm.org/D14644
llvm-svn: 253079
|
| |
|
|
|
|
|
|
| |
The default symbolizer, `llvm-symbolizer` provides sizes for global symbols. On OS X, we want to also allow using `atos` (because it's available everywhere and users don't need to copy/install it) and `dladdr` (it's the only available option when running in a sandbox). However, these symbolizers do not supply the symbol sizes, only names and starting addresses. This patch changes the reporting functions to hide the size of the symbol when this value is unavailable, and modifies tests to make this part of the report "optional".
Differential Revision: http://reviews.llvm.org/D14608
llvm-svn: 252896
|
| |
|
|
|
|
|
| |
It does not work as expected.
Go runtime handles SIGABRT and crashes with a loud message.
llvm-svn: 252892
|
| |
|
|
| |
llvm-svn: 252875
|
| |
|
|
|
|
| |
cur_thread does not exist in Go.
llvm-svn: 252874
|
| |
|
|
| |
llvm-svn: 252746
|
| |
|
|
| |
llvm-svn: 252735
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
On Darwin, interposed functions are prefixed with "wrap_". On Linux,
they are prefixed with "__interceptor_".
Reviewers: dvyukov, samsonov, glider, kcc, kubabrecka
Subscribers: zaks.anna, llvm-commits
Differential Revision: http://reviews.llvm.org/D14512
llvm-svn: 252695
|
| |
|
|
|
|
|
|
| |
This patch adds `tsan_new_delete.cc` into the OS X build.
Differential Revision: http://reviews.llvm.org/D14424
llvm-svn: 252284
|
| |
|
|
|
|
| |
http://lab.llvm.org:8011/builders/sanitizer_x86_64-freebsd/builds/6395
llvm-svn: 252277
|
| |
|
|
|
|
|
|
| |
Fixing `tsan_interceptors.cc`, which on OS X produces a bunch of warnings about unused constants and functions.
Differential Revision: http://reviews.llvm.org/D14381
llvm-svn: 252165
|
| |
|
|
| |
llvm-svn: 252163
|
| |
|
|
|
|
|
|
| |
On OS X, memcpy and memmove are actually aliases of the same implementation, which means the interceptor of memcpy is also invoked when memmove is called. The current implementation of the interceptor uses `internal_memcpy` to perform the actual memory operation, which can produce an incorrect result when memmove semantics are expected. Let's call `internal_memmove` instead.
Differential Revision: http://reviews.llvm.org/D14336
llvm-svn: 252162
|
| |
|
|
|
|
|
|
| |
A call to memmove is used early during new thread initialization on OS X. This patch uses the `COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED` check, similarly to how we deal with other early-used interceptors.
Differential Revision: http://reviews.llvm.org/D14377
llvm-svn: 252161
|
| |
|
|
|
|
|
|
| |
TSan has a re-implementation of `pthread_once` in its interceptor, which assumes that the `pthread_once_t *once_control` pointer is actually pointing to a "storage" which is zero-initialized and used for the atomic operations. However, that's not true on OS X, where pthread_once_t is a structure, that contains a header (with a magic value) and the actual storage follows after that. This patch skips the header to make the interceptor work on OS X.
Differential Revision: http://reviews.llvm.org/D14379
llvm-svn: 252160
|
| |
|
|
|
|
|
|
| |
This implements a "poor man's TLV" to be used for TSan's ThreadState on OS X. Based on the fact that `pthread_self()` is always available and reliable and returns a valid pointer to memory, we'll use the shadow memory of this pointer as a thread-local storage. No user code should ever read/write to this internal libpthread structure, so it's safe to use it for this purpose. We lazily allocate the ThreadState object and store the pointer here.
Differential Revision: http://reviews.llvm.org/D14288
llvm-svn: 252159
|
| |
|
|
|
|
|
|
| |
TSan needs to use a custom malloc zone on OS X, which is already implemented in ASan. This patch uses the sanitizer_common implementation in `sanitizer_malloc_mac.inc` for TSan as well.
Reviewed at http://reviews.llvm.org/D14330
llvm-svn: 252155
|
| |
|
|
|
|
|
| |
mmap() offset argument has type off_t, not unsigned. off_t is usually
64-bit on 64-bit Linux.
llvm-svn: 252103
|
| |
|
|
|
|
|
|
| |
On OS X, GCD worker threads are created without a call to pthread_create. We need to properly register these threads with ThreadCreate and ThreadStart. This patch uses a libpthread API (`pthread_introspection_hook_install`) to get notifications about new threads and about threads that are about to be destroyed.
Differential Revision: http://reviews.llvm.org/D14328
llvm-svn: 252049
|
| |
|
|
|
|
|
|
| |
Updating the shadow memory initialization in `tsan_platform_mac.cc` to also initialize the meta shadow and to mprotect the memory ranges that need to be avoided.
Differential Revision: http://reviews.llvm.org/D14324
llvm-svn: 252044
|
| |
|
|
| |
llvm-svn: 251924
|
| |
|
|
| |
llvm-svn: 251923
|
| |
|
|
| |
llvm-svn: 251922
|
| |
|
|
| |
llvm-svn: 251920
|
