| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
The interception context is not used by esan, but the compiler complains
about it being uninitialized all the same. We set it to null to avoid the
warning.
llvm-svn: 267376
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Adds libc interceptors to the runtime library for the new
EfficiencySanitizer ("esan") family of tools. The interceptors cover
the memory operations in most common library calls and will be shared
among all esan tools.
Reviewers: aizatsky
Subscribers: zhaoqin, tberghammer, danalbert, srhines, llvm-commits, vitalybuka, eugenis, kcc
Differential Revision: http://reviews.llvm.org/D19411
llvm-svn: 267293
|
| |
|
|
|
|
| |
*somewhere*; use MmapNoAccess in the Allocator when SpaceBeg is not a constant. In this mode the allocator will be a bit more hardened
llvm-svn: 267256
|
| |
|
|
| |
llvm-svn: 267253
|
| |
|
|
|
|
| |
use a non-fixed address range. An allocator with a non-fixed address range will be attack-resistan. NFC for the sanitizers at this point.
llvm-svn: 267252
|
| |
|
|
| |
llvm-svn: 267251
|
| |
|
|
|
|
| |
r267094 that has been reverted
llvm-svn: 267203
|
| |
|
|
|
|
| |
This reverts commit r266716, as it breaks the self-hosting on Thumb2 buildbot.
llvm-svn: 267158
|
| |
|
|
|
|
|
|
|
| |
range. An allocator with a non-fixed address range will be attack-resistan. NFC for the sanitizers at this point."
This reverts commit r267094, because it broke a lot of MSAN tests in AArch64.
Being NFC and all, this needs some deeper investigation before it goes in again.
llvm-svn: 267136
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: When using 32-bit python with 64-bit asan the pc array in sancov.py cannot fit in 64-bit pc's because the type-code 'L' for
arrays in python corresponds to the C type long which is only of 4 bytes. Because of this some of the coverage tool tests fail on
mips. To fix these test possible solutions are to use 64-bit python or use struct.unpack with the 'Q' type-code. We have used
struct.unpack with 'Q' type code since it is not appropriate to have a 64-bit python on all hosts.
Reviewed by kcc, aizatsky
Differential: http://reviews.llvm.org/D18817
llvm-svn: 267126
|
| |
|
|
|
|
| |
An allocator with a non-fixed address range will be attack-resistan. NFC for the sanitizers at this point.
llvm-svn: 267094
|
| |
|
|
|
|
| |
Patch by Vitaly Buka.
llvm-svn: 267088
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix and enable working stack-use-after-scope tests.
Add more failing tests for the feature, for fix later.
PR27453.
Patch by Vitaly Buka.
llvm-svn: 267084
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Adds the initial version of a runtime library for the new
EfficiencySanitizer ("esan") family of tools. The library includes:
+ Slowpath code via callouts from the compiler instrumentation for
each memory access.
+ Registration of atexit() to call finalization code.
+ Runtime option flags controlled by the environment variable
ESAN_OPTIONS. The common sanitizer flags are supported such as
verbosity and log_path.
+ An initial simple test.
Still TODO: common code for libc interceptors and shadow memory mapping,
and tool-specific code for shadow state updating.
Reviewers: eugenis, vitalybuka, aizatsky, filcab
Subscribers: filcab, vkalintiris, kubabrecka, llvm-commits, zhaoqin, kcc
Differential Revision: http://reviews.llvm.org/D19168
llvm-svn: 267060
|
| |
|
|
| |
llvm-svn: 267028
|
| |
|
|
|
|
|
|
| |
The field "pid" in ReportThread is used to store the OS-provided thread ID (pthread_self or gettid). The name "pid" suggests it's a process ID, which it isn't. Let's rename it.
Differential Revision: http://reviews.llvm.org/D19365
llvm-svn: 266994
|
| |
|
|
|
|
|
|
| |
Let's use pthread_threadid_np which returns a more reasonable ID than pthread_self (which is actually a stack pointer). The numbers from pthread_threadid_np are already used in other tools, e.g. in LLDB, and often appear in logs, so it's much more useful than pthread_self.
Differential Revision: http://reviews.llvm.org/D18951
llvm-svn: 266991
|
| |
|
|
| |
llvm-svn: 266934
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not sure what changed, but on my machine this is literally one byte
short. Only happens when malloc_context_size <= 2 due to the special
case in GET_STACK_TRACE definition (see asan_stack.h):
StackTrace::GetCurrentPc() on the right (context size > 2) branch
returns the address that is 200-something bytes from the return
address it is later matched to, while the same call on the left
branch is 321 bytes away from it.
This fixes the double-free test on my machine.
llvm-svn: 266932
|
| |
|
|
|
|
| |
This happens on Linux when building as C (not C++) with optimization.
llvm-svn: 266931
|
| |
|
|
|
|
|
|
|
| |
Instead of calling a sanitizer_common function, implement GetPageSize in the
test directly. MSan runtime does not export __sanitizer::* symbols, and the
current code breaks when the test and the runtime library are in the separate
link units (ex. when the test is built as a shared library).
llvm-svn: 266910
|
| |
|
|
|
|
| |
This removes the unused variable `flags`. NFC
llvm-svn: 266892
|
| |
|
|
|
|
|
|
|
| |
Windows does not honour the __attribute__((pcs)) on ARM. Although this will
result in ABI mismatches, compiler-rt should largely be unneeded for resolving
dependencies as we generate MS ABI compliant library calls now for the most
part.
llvm-svn: 266891
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The real problem is that sanitizer_print_stack_trace obtains current PC and
expects the PC to be in the stack trace after function calls. We don't
prevent tail calls in sanitizer runtimes, so this assumption does not
necessary hold.
We add "always inline" attribute on PrintCurrentStackSlow to address this
issue, however this solution is not reliable enough, but unfortunately, we
don't see any simple, reliable solution.
Reviewers: samsonov hfinkel kbarton tjablin dvyukov kcc
http://reviews.llvm.org/D19148
Thanks Hal, dvyukov, and kcc for invaluable discussion, I have even borrowed
part of dvyukov's summary as my commit message!
llvm-svn: 266869
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
old Darwin systems.
This patch fixes https://github.com/google/sanitizers/issues/669. On older Darwin systems (in particular, Darwin 10),
dyld doesn't export '_dyldVersionNumber' symbol so we would have 'undefined reference' error in sanitzer library. Although
sanitizers support was added to LLVM on OS X 10.7+ where '_dyldVersionNumber' symbol is already exported, GCC users still
may want use them on older systems.
Differential Revision: http://reviews.llvm.org/D19218
llvm-svn: 266868
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Removed unwanted --check-prefix=CHECK from the following unit tests:
test/asan/TestCases/Posix/start-deactivated.cc
test/tsan/Darwin/ignored-interceptors.mm
Patch by: Mandeep Singh Grang (mgrang)
Reviewers: samsonov, kcc, dvyukov, eugenis
Differential Revision: http://reviews.llvm.org/D19281
llvm-svn: 266813
|
| |
|
|
|
|
|
|
|
| |
Summary: There is no frame validity check in the slow unwinder like there is in the fast unwinder due to which lsan reports a leak even for heap allocated coroutine in the test swapcontext.cc. Since mips/linux uses slow unwindwer instead of fast unwinder, the test fails for mips/linux. Therefore adding the checks before unwinding fixes the test for mips/linux.
Reviewers: samsonov, earthdok, kcc
Subscribers: llvm-commits, mohit.bhakkad, jaydeep
Differential: http://reviews.llvm.org/D18690
llvm-svn: 266716
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This breaks the valloc test on PowerPC, which has 64kiB pages. Since
getting page size portably is nontrivial, and there's already a function
for that in __sanitizer, just use it. Unfortunately, sanitizer_common.h
conflicts with the interface headers inclucded by msan_test.cc (and a few
of its own macros), so we have to declare it manually.
Differential Revision: http://reviews.llvm.org/D19227
llvm-svn: 266688
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: Test that asan detects access to the dead variable captured by lambda.
Reviewers: aizatsky, kcc
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D19238
llvm-svn: 266676
|
| |
|
|
|
|
| |
Differential Revision: http://reviews.llvm.org/D19217
llvm-svn: 266646
|
| |
|
|
|
|
|
|
|
| |
On s390, siginfo reports the faulting address with page granularity -
we need to mask off the low bits of sp before comparison.
Differential Revision: http://reviews.llvm.org/D19112
llvm-svn: 266593
|
| |
|
|
|
|
|
|
|
|
|
|
| |
At the moment almost every lit.site.cfg.in contains two lines comment:
## Autogenerated by LLVM/Clang configuration.
# Do not edit!
The patch adds variable LIT_SITE_CFG_IN_HEADER, that is replaced from
configure_lit_site_cfg with the note and some useful information.
llvm-svn: 266520
|
| |
|
|
|
|
|
| |
The test is failing on Windows because we do not have a definition for
DemangleSwiftAndCXX nor DemangleCXXABI, which I am replacing, on Windows.
llvm-svn: 266499
|
| |
|
|
| |
llvm-svn: 266497
|
| |
|
|
|
|
|
|
|
| |
Add support for Swift names when symbolicating sanitizer traces. This is
now relevant since TSan and ASan support have been added to Swift on OS X.
Differential Revision: http://reviews.llvm.org/D19135
llvm-svn: 266494
|
| |
|
|
|
|
|
|
|
| |
sanitizer_common is now in good enough shape on s390x to support UBSan
- all tests passing. Let's enable it.
Differential Revision: http://reviews.llvm.org/D19157
llvm-svn: 266483
|
| |
|
|
|
|
|
|
|
| |
This file will contain s390-specific code. For now, let's move the s390
version of internal_mmap here.
Differential Revision: http://reviews.llvm.org/D19174
llvm-svn: 266482
|
| |
|
|
|
|
|
|
| |
CVE-2016-2143."
This reverts commit r266297.
llvm-svn: 266470
|
| |
|
|
|
|
|
|
| |
Some tests didn't merge stderr with stdout.
Patch by Maxim Kuvyrkov.
llvm-svn: 266426
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang's StaticAnalyzer seems to (correctly) complain about code like:
T *p = calloc(sizeof(U), N);
...Where T and U are different types.
This patch removes some instances of this pattern from compiler-rt.
Patch by Apelete Seketeli.
Differential Revision: http://reviews.llvm.org/D19085
llvm-svn: 266388
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On s390, the return address is in %r14, which is saved 14 words from
the frame pointer.
Unfortunately, there's no way to do a proper fast backtrace on SystemZ
with current LLVM - the saved %r15 in fixed-layout register save
area points to the containing frame itself, and not to the next one.
Likewise for %r11 - it's identical to %r15, unless alloca is used
(and even if it is, it's still useless). There's just no way to
determine frame size / next frame pointer. -mbackchain would fix that
(and make the current code just work), but that's not yet supported
in LLVM. We will thus need to XFAIL some asan tests
(Linux/stack-trace-dlclose.cc, deep_stack_uaf.cc).
Differential Revision: http://reviews.llvm.org/D18895
llvm-svn: 266371
|
| |
|
|
|
|
|
|
|
|
|
| |
This is the first part of upcoming asan support for s390 and s390x.
Note that there are bits for 31-bit support in this and subsequent
patches - while LLVM itself doesn't support it, gcc should be able
to make use of it just fine.
Differential Revision: http://reviews.llvm.org/D18888
llvm-svn: 266370
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The PS_STRINGS constant can easily be incorrect with mismatched
kernel/userland - e.g. when building i386 sanitizers on FreeBSD/amd64
with -m32. The kern.ps_strings sysctl was introduced over 20 years ago
as the supported way to fetch the environment and argument string
addresses from the kernel, so the fallback is never used.
Differential Revision: http://reviews.llvm.org/D19027
llvm-svn: 266305
|
| |
|
|
|
|
| |
This reverts commit r266294, as it broke some buildbots again. :/
llvm-svn: 266300
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork(). ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected. Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.
Unfortunately, there's no reliable way to detect the fix without crashing
the kernel. So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work. In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.
Differential Revision: http://reviews.llvm.org/D18915
llvm-svn: 266297
|
| |
|
|
|
|
|
|
|
| |
This teaches sanitizer_common about s390 and s390x virtual space size.
s390 is unusual in that it has 31-bit virtual space.
Differential Revision: http://reviews.llvm.org/D18896
llvm-svn: 266296
|
| |
|
|
|
|
|
|
|
|
| |
mmap on s390 is quite a special snowflake: since it has too many
parameters to pass them in registers, it passes a pointer to a struct
with all the parameters instead.
Differential Revision: http://reviews.llvm.org/D18889
llvm-svn: 266295
|
| |
|
|
|
|
|
|
|
| |
Using stderr more uniformily, avoiding potential races when scanning stdout
and stderr output.
Patch by Maxim Kuvyrkov.
llvm-svn: 266294
|
| |
|
|
|
|
|
|
|
|
|
| |
Some bots failed with:
sanitizer_quarantine.h:104:7: error: unused typedef 'assertion_failed__104' [-Werror,-Wunused-local-typedef]
COMPILER_CHECK(kPrefetch <= ARRAY_SIZE(b->batch));
Replace COMPILER_CHECK with CHECK.
llvm-svn: 266291
|
| |
|
|
| |
llvm-svn: 266288
|
