summaryrefslogtreecommitdiffstats
path: root/compiler-rt/lib/ubsan
Commit message (Collapse)AuthorAgeFilesLines
...
* [UBSan] Improve bufferization of UBSan error reports.Alexey Samsonov2016-03-111-93/+90
| | | | | | | | | | | | | | | Summary: Use InternalScopedString more extensively. This reduces the number of write() syscalls, and reduces the chance that UBSan output will be mixed with program output. Reviewers: vitalybuka Subscribers: kcc, llvm-commits Differential Revision: http://reviews.llvm.org/D18068 llvm-svn: 263176
* sanitizer: Fix endianness checks for gccAlexey Samsonov2016-03-091-1/+1
| | | | | | | | | | | | | | | | | Summary: __BIG_ENDIAN__ and __LITTLE_ENDIAN__ are not supported by gcc, which eg. for ubsan Value::getFloatValue will silently fall through to the little endian branch, breaking display of float values by ubsan. Use __BYTE_ORDER__ == __ORDER_BIG/LITTLE_ENDIAN__ as the condition instead, which is supported by both clang and gcc. Noticed while porting ubsan to s390x. Patch by Marcin Kościelnicki! Differential Revision: http://reviews.llvm.org/D17660 llvm-svn: 263077
* [cmake] Address Samsonov's post-commit review of r262723Filipe Cabecinhas2016-03-051-5/+3
| | | | | | | | | | Reviewers: samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D17896 llvm-svn: 262770
* [ubsan/cmake] Make sure we end up adding -frtti to ↵Filipe Cabecinhas2016-03-041-0/+3
| | | | | | ubsan_type_hash_itanium.cc, even if -fno-rtti is the default for the platform llvm-svn: 262723
* [UBSan] Fix isDerivedFromAtOffset on iOS ARM64Filipe Cabecinhas2016-02-271-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: iOS on ARM64 doesn't unique RTTI. Ref: clang's iOS64CXXABI::shouldRTTIBeUnique() Due to this, pointer-equality will not necessarily work in this architecture, across dylib boundaries. dynamic_cast<>() will (as expected) still work, since Apple ships with one prepared for this, but we can't rely on the type names being pointer-equal. I've limited the expensive strcmp check to the specific architecture which needs it. Example which triggers this bug: lib.h: struct X { virtual ~X() {} }; X *libCall(); lib.mm: X *libCall() { return new X; } prog.mm: int main() { X *px = libCall(); delete px; } Expected output: Nothing Actual output: <unknown>: runtime error: member call on address 0x00017001ef50 which does not point to an object of type 'X' 0x00017001ef50: note: object is of type 'X' 00 00 00 00 60 00 0f 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for ‘X’ Reviewers: kubabrecka, samsonov, eugenis, rsmith Subscribers: aemerson, llvm-commits, rengolin Differential Revision: http://reviews.llvm.org/D11502 llvm-svn: 262147
* [cfi] Safe handling of unaddressable vtable pointers (compiler-rt).Evgeniy Stepanov2016-02-033-13/+22
| | | | | | | | | | | Avoid crashing when printing diagnostics for vtable-related CFI errors. In diagnostic mode, the frontend does an additional check of the vtable pointer against the set of all known vtable addresses and lets the runtime handler know if it is safe to inspect the vtable. http://reviews.llvm.org/D16824 llvm-svn: 259717
* [cfi] Disable vtable diagnostics when no cxxabi.Evgeniy Stepanov2016-01-272-0/+12
| | | | | | This should fix the build on Mac 10.8 and earlier. llvm-svn: 258988
* Remove autoconf support for building runtime libraries.Chris Bieneman2016-01-261-28/+0
| | | | | | | | | | | | | | | | Summary: This patch is provided in preparation for removing autoconf on 1/26. The proposal to remove autoconf on 1/26 was discussed on the llvm-dev thread here: http://lists.llvm.org/pipermail/llvm-dev/2016-January/093875.html "I am the punishment of God... If [autoconf] had not committed great sins, God would not have sent a punishment like me upon [it]." -Genghis Khan Reviewers: chandlerc, grosbach, bob.wilson, zaks.anna, kubabrecka, samsonov, echristo Subscribers: iains, llvm-commits Differential Revision: http://reviews.llvm.org/D16473 llvm-svn: 258863
* [cfi] Cross-DSO CFI diagnostic mode (compiler-rt part)Evgeniy Stepanov2016-01-254-49/+62
| | | | | | | | | | | | | | | * add __cfi_slowpath_diag with a 3rd parameter which is a pointer to the diagnostic info for the ubsan handlers. *__cfi_check gets a 3rd parameter as well. * unify vcall/cast/etc and icall diagnostic info format, and merge the handlers to have a single entry point (actually two points due to abort/noabort variants). * tests Note that this comes with a tiny overhead in the non-diag mode: cfi_slowpath must pass 0 as the 3rd argument to cfi_check. llvm-svn: 258744
* [UBSan] Implement runtime suppressions (PR25066).Alexey Samsonov2015-12-184-50/+117
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Add the ability to suppress UBSan reports for files/functions/modules at runtime. The user can now pass UBSAN_OPTIONS=suppressions=supp.txt with the contents of the form: signed-integer-overflow:file-with-known-overflow.cpp alignment:function_doing_unaligned_access vptr:shared_object_with_vptr_failures.so Suppression categories match the arguments passed to -fsanitize= flag (although, see below). There is no overhead if suppressions are not provided. Otherwise there is extra overhead for symbolization. Limitations: 1) sometimes suppressions need debug info / symbol table to function properly (although sometimes frontend generates enough info to do the match). 2) it's only possible to suppress recoverable UB kinds - if you've built the code with -fno-sanitize-recover=undefined, suppressions will not work. 3) categories are fine-grained check kinds, not groups like "undefined" or "integer", so you can't write "undefined:file_with_ub.cc". Reviewers: rsmith, kcc Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D15363 llvm-svn: 256018
* Revert "[CMake] Provide options for toggling on and off various runtime ↵Chris Bieneman2015-12-101-2/+0
| | | | | | | | libraries." This reverts r255170. This change caused a bunch of bot failures and needs to be revised. llvm-svn: 255184
* [CMake] Provide options for toggling on and off various runtime libraries.Chris Bieneman2015-12-091-0/+2
| | | | | | | | | | | | | | | Summary: Rather than having to add new "experimental" options each time someone wants to work on bringing a sanitizer to a new platform, this patch makes options for all of them. The default values for the options are set by the platform checks that would have enabled them, but they can be overridden on or off. Reviewers: kubabrecka, samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D14846 llvm-svn: 255170
* [UBSan] Clarify the way we disable de-duplication of reports from ↵Alexey Samsonov2015-12-094-24/+38
| | | | | | | | | | | unrecoverable handlers. Let unrecoverable handlers be responsbile for killing the program with Die(), and let functions which print the error report know if it's going to happen. Re-write the comments to describe the situation. llvm-svn: 255081
* [UBSan] Remove "-fsanitize=" prefix from ubsan_checks.inc. NFC.Alexey Samsonov2015-12-083-34/+26
| | | | llvm-svn: 255075
* [UBSan] Always calculate ErrorType (kind of UB) before printing a report.Alexey Samsonov2015-12-082-42/+65
| | | | | | | | | Currently, this is an NFC. However, knowing out the kind of error report before we bring up all the reporting machinery (implemented in ScopedReport class) is important once we teach UBSan runtime suppressions. llvm-svn: 255074
* Revert "Apply modernize-use-default to compiler-rt."Alexey Samsonov2015-10-301-1/+1
| | | | | | | | | | | | This reverts commit r250823. Replacing at least some of empty constructors with "= default" variants is a semantical change which we don't want. E.g. __tsan::ClockBlock contains a union of large arrays, and it's critical for correctness and performance that we don't memset() these arrays in the constructor. llvm-svn: 251717
* Apply modernize-use-default to compiler-rt.Angel Garcia Gomez2015-10-201-1/+1
| | | | | | | | | | | | Summary: Replace empty bodies of default constructors and destructors with '= default'. Reviewers: klimek, bkramer Subscribers: alexfh, cfe-commits Differential Revision: http://reviews.llvm.org/D13892 llvm-svn: 250823
* [ubsan] Fix looksLikeFloatCastOverflowDataV1 heuristic to work if one of the ↵Yury Gribov2015-10-201-4/+6
| | | | | | | | types is unknown. Differential revision: http://reviews.llvm.org/D13775 llvm-svn: 250806
* Revert "ubsan: Implement memory permission validation for vtables."Evgeniy Stepanov2015-09-171-39/+0
| | | | | | | This reverts r247484 and two follow-up commits. Breaks ppc and x86_64 sanitizer bots. llvm-svn: 247921
* ubsan: Disable vptr validation on powerpc64.Peter Collingbourne2015-09-121-2/+2
| | | | | | Should fix sanitizer-ppc64-linux1 bot. llvm-svn: 247493
* ubsan: Implement memory permission validation for vtables.Peter Collingbourne2015-09-111-0/+39
| | | | | | | | | | | | | | | | | | | | If the pointer passed to the getVtablePrefix function was read from a freed object, we may end up following pointers into objects on the heap and printing bogus dynamic type names in diagnostics. However, we know that vtable pointers will generally only point into memory mapped from object files, not objects on the heap. This change causes us to only follow pointers in a vtable if the vtable and one of the virtual functions it points to appear to have appropriate permissions (i.e. non-writable, and maybe executable), which will generally exclude heap pointers. Only enabled for Linux; this hasn't been tested on FreeBSD, and vtables are writable on Mac (PR24782) so this won't work there. Differential Revision: http://reviews.llvm.org/D12790 llvm-svn: 247484
* CFI: Add diagnostic handler and tests for indirect call checker.Peter Collingbourne2015-09-102-0/+40
| | | | | | Differential Revision: http://reviews.llvm.org/D11858 llvm-svn: 247239
* [CMake] Unify build rules for sanitizer_common for Apple and non-Apple ↵Alexey Samsonov2015-08-271-0/+1
| | | | | | | | | platforms. Additionally, link safestack runtime on OS X with nolibc version of sanitizer_common runtime, as we do on Linux. llvm-svn: 246227
* [CMake] Add ARCHS option to add_sanitizer_rt_symbols.Chris Bieneman2015-08-271-10/+12
| | | | | | | | | | | | | | | | | Summary: This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt. Changes to CMakeLists files are all minimal except ubsan which tests the new ARCHS loop. Further cleanup patches will follow. Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D12410 llvm-svn: 246199
* [CMake] Add PARENT_TARGET option to add_sanitizer_rt_symbols.Chris Bieneman2015-08-271-3/+2
| | | | | | | | | | | | Summary: This is another step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt. Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D12409 llvm-svn: 246178
* [CMake] Converting add_sanitizer_rt_symbols to use cmake_parse_arguments.Chris Bieneman2015-08-261-2/+4
| | | | | | | | | | | | Summary: This is the first step in a multi-step refactoring to move add_sanitizer_rt_symbols in the direction of other add_* functions in compiler-rt. Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D12386 llvm-svn: 246102
* [CMake] Cleaning up ubsan to use OBJECT_LIBS and to not loop when calling ↵Chris Bieneman2015-08-261-27/+27
| | | | | | add_compiler_rt_runtime. llvm-svn: 246097
* [CMake] merge add_compiler_rt_runtime and add_compiler_rt_darwin_runtime ↵Chris Bieneman2015-08-251-11/+14
| | | | | | | | | | | | | | | | into a single function Summary: This refactoring moves much of the Apple-specific behavior into a function in AddCompilerRT. The next cleanup patch will remove more of the if(APPLE) checks in the outlying CMakeLists. This patch adds a bunch of new functionality to add_compiler_rt_runtime so that the target names don't need to be reconstructed outside the call. It also updates some of the call sites to exercise the new functionality, but does not update all uses fully. Subsequent patches will further update call sites and move to using the new features. Reviewers: filcab, bogner, kubabrecka, zaks.anna, glider, samsonov Subscribers: beanz, rengolin, llvm-commits Differential Revision: http://reviews.llvm.org/D12292 llvm-svn: 245970
* [UBSan] Add the ability to print more precise error kind in summary line.Alexey Samsonov2015-08-246-42/+139
| | | | | | | | | | Reviewers: rsmith, pcc Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D12215 llvm-svn: 245897
* [CMake] Refactoring add_compiler_rt functions for darwin runtimes.Chris Bieneman2015-08-181-1/+2
| | | | | | | | | | | | Summary: This patch consolidates add_compiler_rt_osx_static_runtime and add_compiler_rt_darwin_dynamic_runtime into a single new function add_compiler_rt_darwin_runtime. Reviewers: filcab, samsonov, bogner Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D12106 llvm-svn: 245317
* [UBSan] Enable 'help' option output, report unrecognized flagsAlexey Samsonov2015-08-131-0/+3
| | | | | | | | | | | | Summary: Let UBSan output flag description if 'help' options is provided. Report unrecognized flags if verbosity mode is turned on. Patch by Svetlana Ryabkova! Differential Revision: http://reviews.llvm.org/D11903 llvm-svn: 244946
* [ubsan][mips] Revise r243384 to avoid special casing big-endian mips.Daniel Sanders2015-08-111-4/+5
| | | | | | | Account for the case when uptr is 32-bit instead of trying to fix this case using the little endian path. llvm-svn: 244646
* [compiler-rt] Add SourceLocations for float_cast_overflow data.Filipe Cabecinhas2015-08-112-14/+53
| | | | | | | | | | | | | | | | | | | | | | Summary: Compiler-rt part of http://reviews.llvm.org/D11757 I ended up making UBSan work with both the old version and the new version of the float_cast_overflow data (instead of just erroring with the previous version). The old version will try to symbolize its caller. Now we compile the float_cast_overflow tests without -g, and make sure we have the source file+line+column. If you think I'm trying too hard to make sure we can still use both versions, let me know. Reviewers: samsonov, rsmith Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D11793 llvm-svn: 244567
* [UBSan] Fix UBSan-vptr false positive.Alexey Samsonov2015-08-051-3/+3
| | | | | | | | | Offset from vptr to the start of most-derived object can actually be positive in some virtual base class vtables. Patch by Stephan Bergmann! llvm-svn: 244101
* [UBSan][MIPS] Fix cast-overflow tests for mips big endianSagar Thakur2015-07-281-1/+1
| | | | | | | | | | This fixes the bug https://llvm.org/bugs/show_bug.cgi?id=24152 The float value resides in the first 4 bytes of ValueHandle for both mips and mipsel. Reviewers: dsanders, samsonov Subscibers: rsmith, hans, mohit.bhakkad, jaydeep, llvm-commits Differential: http://reviews.llvm.org/D11448 llvm-svn: 243384
* UBSan: Simplify logic for locating the RTTI object.Peter Collingbourne2015-07-081-7/+16
| | | | | | | | | The image-relative complete object locator contains a reference to itself, which we can use to compute the image base without using VirtualQuery. Spotted by David Majnemer. llvm-svn: 241758
* CFI: Get check-cfi passing on Windows.Peter Collingbourne2015-07-087-243/+345
| | | | | | | | | | | | | | | | | | | | Specifically: - Start using %expect_crash. - Provide an implementation of __ubsan::getDynamicTypeInfoFromVtable for the Microsoft C++ ABI. This is all that is needed for CFI diagnostics; UBSan's -fsanitize=vptr also requires an implementation of __ubsan::checkDynamicType. - Build the sanitizer runtimes against the release version of the C runtime, even in debug builds. - Accommodate demangling differences in tests. Differential Revision: http://reviews.llvm.org/D11029 llvm-svn: 241745
* Re-apply r241217 with build fixes:Peter Collingbourne2015-07-023-2/+19
| | | | | | | - Disable building of the interceptor library on 64-bit Windows. - Mangle names in /alternatename directive for 32-bit Windows. llvm-svn: 241224
* Revert r241217, it breaks the build on Windows.Nico Weber2015-07-023-15/+2
| | | | llvm-svn: 241219
* ubsan: Port runtime library to (32- and 64-bit) Windows.Peter Collingbourne2015-07-023-2/+15
| | | | | | Differential Revision: http://reviews.llvm.org/D10856 llvm-svn: 241217
* [CMake] Fix PR23539: Don't reference C++ ABI symbols prior to Mac OS 10.9.Alexey Samsonov2015-06-251-1/+6
| | | | | | | | | | | | | | | | | | | | Summary: This patch implements step 1 from https://llvm.org/bugs/show_bug.cgi?id=23539#c10 I'd appreciate if you could test it on Mac OS and verify that parts of UBSan runtime that reference C++ ABI symbols are properly excluded, and fix ASan/UBSan builds. Test Plan: regression test suite Reviewers: thakis, hans Subscribers: llvm-commits, zaks.anna, kubabrecka Differential Revision: http://reviews.llvm.org/D10621 llvm-svn: 240617
* CMake: Stop using LLVM's custom parse_arguments. NFCFilipe Cabecinhas2015-06-191-6/+6
| | | | | | | | | | | | | | | | | | | | | Summary: Use CMake's cmake_parse_arguments() instead. It's called in a slightly different way, but supports all our use cases. It's in CMake 2.8.8, which is our minimum supported version. CMake 3.0 doc (roughly the same. No direct link to 2.8.8 doc): http://www.cmake.org/cmake/help/v3.0/module/CMakeParseArguments.html?highlight=cmake_parse_arguments Since I was already changing these calls, I changed ARCH and LIB into ARCHS and LIBS to make it more clear that they're lists of arguments. Reviewers: eugenis, samsonov, beanz Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D10529 llvm-svn: 240120
* Add control flow integrity diagnosis function to UBSan runtime library.Peter Collingbourne2015-06-194-9/+69
| | | | | | | | Also includes execution tests for the feature. Differential Revision: http://reviews.llvm.org/D10269 llvm-svn: 240111
* [CMake] Cleanup add_compiler_rt_object_library to be platform-agnosticChris Bieneman2015-06-101-26/+29
| | | | | | | | | | | | | | | | | Summary: This change takes darwin-specific goop that was scattered around CMakeLists files and spread between add_compiler_rt_object_library and add_compiler_rt_darwin_object_library and moves it all under add_compiler_rt_object_library. The goal of this is to try to push platform handling as low in the utility functions as possible. Reviewers: rnk, samsonov Reviewed By: rnk, samsonov Subscribers: rnk, rsmith, llvm-commits Differential Revision: http://reviews.llvm.org/D10250 llvm-svn: 239498
* [ASan] Make binary name reader cross-platform.Yury Gribov2015-06-041-0/+1
| | | | | | Differential Revision: http://reviews.llvm.org/D10213 llvm-svn: 239020
* [sanitizer_common] Added VS-style output for source locationsFilipe Cabecinhas2015-06-041-1/+3
| | | | | | | | | | | | | | | | | | | | | Summary: With this patch, we have a flag to toggle displaying source locations in the regular style: file:line:column or Visual Studio style: file(line,column) This way, they get picked up on the Visual Studio output window and one can double-click them to get to that file location. Reviewers: samsonov, rnk Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D10113 llvm-svn: 239000
* [UBSan] Add missing header that defines SANITIZER_CAN_USE_PREINIT_ARRAYAlexey Samsonov2015-05-111-0/+1
| | | | | | | Otherwise this compile definition was undefined, and .preinit_array was never used on the platforms that support it. llvm-svn: 237045
* [UBSan] Make sure proper error summary is printed for ↵Alexey Samsonov2015-04-231-4/+7
| | | | | | | | | | -fsanitize=float-cast-overflow. float-cast-overflow handler doesn't have source location provided by the compiler, but we still have *some* source location if we have a symbolizer. llvm-svn: 235567
* Make ubsan respect log_pathHal Finkel2015-04-191-0/+1
| | | | | | | As with the other sanitizers, it is desirable to allow ubsan's output to be redirected to somewhere other than stderr (and into per-process log files). llvm-svn: 235277
* Use 'override/final' instead of 'virtual' for overridden methodsAlexander Kornienko2015-04-111-3/+3
| | | | | | | | | | | | The patch is generated using clang-tidy misc-use-override check. This command was used: tools/clang/tools/extra/clang-tidy/tool/run-clang-tidy.py \ -checks='-*,misc-use-override' -header-filter='llvm|clang' -j=32 -fix \ -format llvm-svn: 234680
OpenPOWER on IntegriCloud