| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Small refactoring: replace some if-else cascades with switches so that the compiler warns us about missing cases.
Maybe found a small bug?
Reviewers: dcoughlin, kubamracek, dvyukov, delcypher, jfb
Reviewed By: dvyukov
Subscribers: llvm-commits, #sanitizers
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D56295
llvm-svn: 351288
|
| |
|
|
|
|
|
|
|
|
| |
Summary:
Remove code for handling unstable edges from libFuzzer since
it has not been found useful.
Differential Revision: https://reviews.llvm.org/D56730
llvm-svn: 351262
|
| |
|
|
| |
llvm-svn: 351257
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: krytarowski, vitalybuka
Reviewed By: krytarowski
Differential Revision: https://reviews.llvm.org/D56670
llvm-svn: 351189
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This is the compiler-rt part.
The clang part is D54589.
This is a second commit, the original one was r351106,
which was mass-reverted in r351159 because 2 compiler-rt tests were failing.
Now, i have fundamentally changed the testing approach:
i malloc a few bytes, intentionally mis-align the pointer
(increment it by one), and check that. Also, i have decreased
the expected alignment. This hopefully should be enough to pacify
all the bots. If not, i guess i might just drop the two 'bad' tests.
Reviewers: filcab, vsk, #sanitizers, vitalybuka, rsmith, morehouse
Reviewed By: morehouse
Subscribers: rjmccall, krytarowski, rsmith, kcc, srhines, kubamracek, dberris, llvm-commits
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D54590
llvm-svn: 351178
|
| |
|
|
|
|
|
| |
Revert r351104-6, r351109, r351110, r351119, r351134, and r351153. These
changes fail on the sanitizer bots.
llvm-svn: 351159
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Use alternatename for external functions only when using
MSVC since Clang doesn't support it and MSVC doesn't support
Clang's method (weak aliases).
Reviewers: morehouse
Reviewed By: morehouse
Subscribers: rnk, thakis, mgorny
Differential Revision: https://reviews.llvm.org/D56514
llvm-svn: 351152
|
| |
|
|
|
|
|
| |
Somehow this escaped my local testing.
A follow-up for r351106.
llvm-svn: 351110
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Disable tests requiring sunrpc when the relevant headers are missing.
In order to accommodate that, move the header check
from sanitizer_common to base-config-ix, and define the check result
as a global variable there. Use it afterwards both for definition
needed by sanitizer_common, and to control 'sunrpc' test feature.
While at it, remove the append_have_file_definition macro that was used
only once, and no longer fits the split check-definition.
Bug report: https://github.com/google/sanitizers/issues/974
Differential Revision: https://reviews.llvm.org/D47819
llvm-svn: 351109
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This is the compiler-rt part.
The clang part is D54589.
Reviewers: filcab, vsk, #sanitizers, vitalybuka, rsmith, morehouse
Reviewed By: morehouse
Subscribers: rjmccall, krytarowski, rsmith, kcc, srhines, kubamracek, dberris, llvm-commits
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D54590
llvm-svn: 351106
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts r350806 which marked some tests as UNSUPPORTED on ARM and
instead reintroduces the old code path only for Thumb, since that seems
to be the only target that broke.
It would still be nice to find the root cause of the breakage, but with
the branch point for LLVM 8.0 scheduled for next week it's better to put
things in a stable state while we investigate.
Differential Revision: https://reviews.llvm.org/D56594
llvm-svn: 351040
|
| |
|
|
|
|
|
| |
No need to pay function call overhead for a function that returns a
constant.
llvm-svn: 350983
|
| |
|
|
|
|
|
|
|
|
|
| |
of writing to stdout.
This makes the script a little more gn friendly; gn does not support
redirecting the output of a script.
Differential Revision: https://reviews.llvm.org/D56579
llvm-svn: 350980
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: vitalybuka, pcc, eugenis
Reviewed By: eugenis
Differential Revision: https://reviews.llvm.org/D56583
llvm-svn: 350965
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This fixes linker errors that occurs when the
`sanitizer_type_traits_test.cc` is built without optimizations.
The error occurs because the test tries to take a reference.
A possible workaround is to give the GTest macros take boolean rvalues
by doing something like:
```
ASSERT_TRUE(bool(is_same<uptr, uptr>::value));
```
However this only hides the problem. Unfortunately Using `constexpr`
won't fix the problem unless we are using C++17.
Reviewers: vitalybuka, kubamracek, george.karpenkov, yln
Subscribers: mgorny, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D56035
llvm-svn: 350940
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- If entries are properly copied (there were a bug in FreeBSD implementation in earlier version), or list properly reset.
Reviewers: vitalybuka, krytarowski
Reviewed By: krytarowski
Differential Revision: https://reviews.llvm.org/D56562
llvm-svn: 350919
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
It has been superseded by the `ignore_noninstrumented_modules` flag and is no longer needed.
Also simplify a test that checks that `mmap_interceptor` respects ignore annotations (`thr->ignore_reads_and_writes `).
Relevant: https://reviews.llvm.org/rL269855
<rdar://problem/46263073> Remove obsolete Apple-specific suppression option
Reviewers: dcoughlin, kubamracek, dvyukov, delcypher
Reviewed By: dvyukov
Subscribers: jfb, llvm-commits, #sanitizers
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D55075
llvm-svn: 350883
|
| |
|
|
|
|
| |
Differential Revision: https://reviews.llvm.org/D56109
llvm-svn: 350882
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the partial support for rpc/xdr.h from libtirpc. Since it is
an entirely external library, we ought to build it sanitized separately
and not attempt to intercept like the libc implementation. Besides,
the existing code for tirpc support was neither complete nor working.
Noted by @krytarowski.
Differential Revision: https://reviews.llvm.org/D47817
llvm-svn: 350881
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the long double __floattitf (int128_t) method for
PowerPC -- specifically to convert a 128 bit integer into a long double
(IBM double-double).
To invoke this method, one can do so by linking against compiler-rt, via the
--rtlib=compiler-rt command line option supplied to clang.
Differential Revision: https://reviews.llvm.org/D54313/
llvm-svn: 350818
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the __uint128_t __fixunstfti (long double) method for
PowerPC -- specifically to convert a long double (IBM double-double) to an
unsigned 128 bit integer.
The general approach of this algorithm is to convert the high and low doubles
of the long double and add them together if the doubles fit within 64 bits.
However, additional adjustments and scaling is performed when the high or low
double does not fit within a 64 bit integer.
To invoke this method, one can do so by linking against compiler-rt, via the
--rtlib=compiler-rt command line option supplied to clang.
Differential Revision: https://reviews.llvm.org/D54911
llvm-svn: 350815
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: krytarowski
Reviewed By: krytarowski
Differential Revision: https://reviews.llvm.org/D56495
llvm-svn: 350796
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Replace calls to builtin functions with macros or functions that call the
Windows-equivalents when targeting windows and call the original
builtin functions everywhere else.
This change makes more parts of libFuzzer buildable with MSVC.
Reviewers: vitalybuka
Reviewed By: vitalybuka
Subscribers: mgorny, rnk, thakis
Differential Revision: https://reviews.llvm.org/D56439
llvm-svn: 350766
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that memory intrinsics are instrumented, it's more likely that
CheckAddressSized will be called with size 0. (It was possible before
with IR like:
%val = load [0 x i8], [0 x i8]* %ptr
but I don't think clang will generate IR like that and the optimizer
would normally remove it by the time it got anywhere near our pass
anyway). The right thing to do in both cases is to disable the
addressing checks (since the underlying memory intrinsic is a no-op),
so that's what we do.
Differential Revision: https://reviews.llvm.org/D56465
llvm-svn: 350683
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Is a file descriptor flavor FreeBSD's specific.
- reentrant version included.
Reviewers: vitalybuka, krytarowski, emaste
Reviewed By: emaste
Differential Revision: https://reviews.llvm.org/D56268
llvm-svn: 350658
|
| |
|
|
|
|
| |
Provide an implementation of MemoryMappingLayout::Error() for Mac.
llvm-svn: 350601
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This patch lets ASan run when /proc is not accessible (ex. not mounted
yet). It includes a special test-only flag that emulates this condition
in an unpriviledged process.
This only matters on Linux, where /proc is necessary to enumerate
virtual memory mappings.
Reviewers: vitalybuka, pcc, krytarowski
Subscribers: kubamracek, llvm-commits
Differential Revision: https://reviews.llvm.org/D56141
llvm-svn: 350590
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Objective-C employs tagged pointers, that is, small objects/values may be encoded directly in the pointer bits. The resulting pointer is not backed by an allocation/does not point to a valid memory. TSan infrastructure requires a valid address for `Acquire/Release` and `Mutex{Lock/Unlock}`.
This patch establishes such a mapping via a "dummy allocation" for each encountered tagged pointer value.
Reviewers: dcoughlin, kubamracek, dvyukov, delcypher
Reviewed By: dvyukov
Subscribers: llvm-commits, #sanitizers
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D56238
llvm-svn: 350556
|
| |
|
|
|
|
|
|
|
| |
This is the deprecated legacy interface, replace it with the current
_zx_vmar_allocate one.
Differential Revision: https://reviews.llvm.org/D56360
llvm-svn: 350488
|
| |
|
|
|
|
| |
This reapplies commit r348984.
llvm-svn: 350449
|
| |
|
|
|
|
|
|
| |
We still need the interceptor on non-aarch64 to untag the pthread_t
and pthread_attr_t pointers and disable tagging on allocations done
internally by glibc.
llvm-svn: 350445
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
The default setting kTabSizeLog=20 results in an 8Mb global hash table,
almost all of it in private pages. That is not a sane setting in a
mobile, system-wide use case: with ~150 concurrent processes stack
depot will account for more than 1Gb of RAM.
Reviewers: kcc, pcc
Subscribers: srhines, kubamracek, llvm-commits
Differential Revision: https://reviews.llvm.org/D56333
llvm-svn: 350443
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem is similar to D55986 but for threads: a process with the
interceptor hwasan library loaded might have some threads started by
instrumented libraries and some by uninstrumented libraries, and we
need to be able to run instrumented code on the latter.
The solution is to perform per-thread initialization lazily. If a
function needs to access shadow memory or add itself to the per-thread
ring buffer its prologue checks to see whether the value in the
sanitizer TLS slot is null, and if so it calls __hwasan_thread_enter
and reloads from the TLS slot. The runtime does the same thing if it
needs to access this data structure.
This change means that the code generator needs to know whether we
are targeting the interceptor runtime, since we don't want to pay
the cost of lazy initialization when targeting a platform with native
hwasan support. A flag -fsanitize-hwaddress-abi={interceptor,platform}
has been introduced for selecting the runtime ABI to target. The
default ABI is set to interceptor since it's assumed that it will
be more common that users will be compiling application code than
platform code.
Because we can no longer assume that the TLS slot is initialized,
the pthread_create interceptor is no longer necessary, so it has
been removed.
Ideally, lazy initialization should only cost one instruction in the
hot path, but at present the call may cause us to spill arguments
to the stack, which means more instructions in the hot path (or
theoretically in the cold path if the spills are moved with shrink
wrapping). With an appropriately chosen calling convention for
the per-thread initialization function (TODO) the hot path should
always need just one instruction and the cold path should need two
instructions with no spilling required.
Differential Revision: https://reviews.llvm.org/D56038
llvm-svn: 350429
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
interceptor mode.
The Android dynamic loader has a non-standard feature that allows
libraries such as the hwasan runtime to interpose symbols even after
the symbol already has a value. The new value of the symbol is used to
relocate libraries loaded after the interposing library, but existing
libraries keep the old value. This behaviour is activated by the
DF_1_GLOBAL flag in DT_FLAGS_1, which is set by passing -z global to
the linker, which is what we already do to link the hwasan runtime.
What this means in practice is that if we have .so files that depend
on interceptor-mode hwasan without the main executable depending on
it, some of the libraries in the process will be using the hwasan
allocator and some will be using the system allocator, and these
allocators need to interact somehow. For example, if an instrumented
library calls a function such as strdup that allocates memory on
behalf of the caller, the instrumented library can reasonably expect
to be able to call free to deallocate the memory.
We can handle that relatively easily with hwasan by using tag 0 to
represent allocations from the system allocator. If hwasan's realloc
or free functions are passed a pointer with tag 0, the system allocator
is called.
One limitation is that this scheme doesn't work in reverse: if an
instrumented library allocates memory, it must free the memory itself
and cannot pass ownership to a system library. In a future change,
we may want to expose an API for calling the system allocator so
that instrumented libraries can safely transfer ownership of memory
to system libraries.
Differential Revision: https://reviews.llvm.org/D55986
llvm-svn: 350427
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Replace the 32-bit allocator with a 64-bit one with a non-constant
base address, and reduce both the number of size classes and the maximum
size of per-thread caches.
As measured on [1], this reduces average weighted memory overhead
(MaxRSS) from 26% to 12% over stock android allocator. These numbers
include overhead from code instrumentation and hwasan shadow (i.e. not a
pure allocator benchmark).
This switch also enables release-to-OS functionality, which is not
implemented in the 32-bit allocator. I have not seen any effect from
that on the benchmark.
[1] https://android.googlesource.com/platform/system/extras/+/master/memory_replay/
Reviewers: vitalybuka, kcc
Subscribers: kubamracek, cryptoad, llvm-commits
Differential Revision: https://reviews.llvm.org/D56239
llvm-svn: 350370
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
@synchronized semantics can be synthesized by using existing mutex_[un]lock operations.
```
@synchronized(obj) {
// ...
}
=>
{
mutex_lock(obj);
// ...
mutex_unlock(obj);
}
```
Let me know whether you think this a good idea.
Reviewers: dcoughlin, dvyukov, kubamracek, delcypher
Reviewed By: dvyukov
Subscribers: llvm-commits, #sanitizers
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D55959
llvm-svn: 350258
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: krytarowski
Reviewed By: krytarowski
Differential Revision: https://reviews.llvm.org/D56209
llvm-svn: 350248
|
| |
|
|
| |
llvm-svn: 350246
|
| |
|
|
|
|
| |
Differential Revision: https://reviews.llvm.org/D56158
llvm-svn: 350233
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement the interceptors for popen(), pclose() and popenve()
functions. The first two are POSIX, the third one is specific
to NetBSD. popen() spawns a process and creates a FILE object piping
data from/to that process. pclose() closes the pipe and waits for
the process to terminate appropriately.
For the purpose of popen(), the COMMON_INTERCEPTOR_FILE_OPEN macro is
modified to allow null path parameter.
Differential Revision: https://reviews.llvm.org/D56157
llvm-svn: 350232
|
| |
|
|
|
|
|
|
|
|
| |
Update the interceptor for devname_r() to account for correct return
types on different platforms. This function returns int on NetBSD
but char* on FreeBSD/OSX. Noticed by @krytarowski.
Differential Revision: https://reviews.llvm.org/D56150
llvm-svn: 350228
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Change the point of calling MaybeStartBackgroudThread() from AsanInitInternal()
that is too early on NetBSD to a constructor (with aid of C++11 lambda construct).
Enable the code for background thread as is for NetBSD.
Rename test/sanitizer_common/TestCases/Linux/hard_rss_limit_mb_test.cc
to test/sanitizer_common/TestCases/hard_rss_limit_mb_test.cc and allow runs
on NetBSD. This tests passes correctly.
Reviewers: vitalybuka, joerg, eugenis
Reviewed By: eugenis
Subscribers: eugenis, kubamracek, fedor.sergeev, llvm-commits, mgorny, #sanitizers
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D55887
llvm-svn: 350139
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: vitalybuka, kubamracek
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D56138
llvm-svn: 350138
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`Load(...)` method return a const pointer.
Summary:
This is a follow-up to r346956 (https://reviews.llvm.org/D53975).
The purpose of this change to allow implementers of the
`AddressSpaceView` to be able to distinguish between when a caller wants
read-only memory and when a caller wants writable memory. Being able
distinguish these cases allows implementations to optimize for the
different cases and also provides a way to workaround possible platform
restrictions (e.g. the low level platform interface for reading
out-of-process memory may place memory in read-only pages).
For allocator enumeration in almost all cases read-only is sufficient so
we make `Load(...)` take on this new requirement and introduce the
`LoadWritable(...)` variants for cases where memory needs to be
writable.
The behaviour of `LoadWritable(...)` documented in comments are
deliberately very restrictive so that it will be possible in the future
to implement a simple write-cache (i.e. just a map from target address
to a writable region of memory). These restrictions can be loosened in
the future if necessary by implementing a more sophisticated
write-cache.
rdar://problem/45284065
Reviewers: kcc, cryptoad, eugenis, kubamracek, george.karpenkov
Subscribers: #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D54879
llvm-svn: 350136
|
| |
|
|
|
|
|
| |
This .file directive wasn't doing anything on MachO, and now that's
diagnosed as an error.
llvm-svn: 350132
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Disabled on purpose on Android and Darwin platform (for now).
- Darwin supports it, would need interception in its specific code before enabling it.
- Linux does not support it but only via third party library.
- Android supports it via bionic however it is known to have issue with older versions of the implementations. Can be enabled by an Android committer later on if necessary once there is more 'certainity'/been more tested.
Reviewers: krytarowski, vitalybuka
Reviewed By: krytarowski
Differential Revision: https://reviews.llvm.org/D56125
llvm-svn: 350123
|
| |
|
|
|
|
|
|
|
| |
Revert r350104 "[asan] Fix build on windows."
Revert r350101 "[asan] Support running without /proc."
These changes break Mac build, too.
llvm-svn: 350112
|
| |
|
|
|
|
| |
Assign correct ioctl(2) operation number.
llvm-svn: 350110
|
| |
|
|
|
|
|
|
|
| |
Add SIOCSETHERCAP.
Add commented out NVMM (NetBSD Virtual Machine Monitor) operations
as this interface is still WIP and a subject to change.
llvm-svn: 350107
|
| |
|
|
|
|
|
|
|
|
| |
Reviewers: vitalybuka
Subscribers: kubamracek, llvm-commits
Differential Revision: https://reviews.llvm.org/D56111
llvm-svn: 350104
|
