Age | Commit message (Collapse) | Author |
|
Summary:
There is currently too much redundancy in the class/variable/* names in Scudo:
- we are in the namespace `__scudo`, so there is no point in having something
named `ScudoX` to end up with a final name of `__scudo::ScudoX`;
- there are a lot of types/* that have `Allocator` in the name, given that
Scudo is an allocator I figure this doubles up as well.
So change a bunch of the Scudo names to make them shorter, less redundant, and
overall simpler. They should still be pretty self explaining (or at least it
looks so to me).
The TSD part will be done in another CL (eg `__scudo::ScudoTSD`).
Reviewers: alekseyshl, eugenis
Reviewed By: alekseyshl
Subscribers: delcypher, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49505
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337557 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
r337531 changed return type of MmapFixedNoReserve, but esan wasn't updated.
As the result esan shadow setup always fails.
We probably need to make MmapFixedNoAccess signature consistent
with MmapFixedNoReserve. But this is just to unbreak tests.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337550 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Reviewers: dberris
Reviewed By: dberris
Differential Revision: https://reviews.llvm.org/D49590
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337536 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
MmapFixedNoReserve does not terminate process on failure.
Failure to check its result and die will always lead to harder
to debug crashes later in execution. This was observed in Go
processes due to some address space conflicts.
Consistently check result of MmapFixedNoReserve.
While we are here also add warn_unused_result attribute
to prevent such bugs in future and change return type to bool
as that's what all callers want.
Reviewed in https://reviews.llvm.org/D49367
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337531 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Previously, check-all failed many tests for me. It was running the
X86_64DefaultLinuxConfig, X86_64LibcxxLinuxConfig, and
X86_64StaticLibcxxLinuxConfig configs out of
llvm-build/projects/compiler-rt/test/fuzzer. Now, it runs them out of
separate subdirectories there, and most tests pass.
Reviewed By: morehouse, george.karpenkov
Differential Revision: https://reviews.llvm.org/D49249
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337521 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
seeds that hit every given function)
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337501 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Noticed that this was causing a compiler warning in the test.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337493 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Add __llvm_profile_get_filename interface to get the profile filename,
which can be used for identifying which profile file belongs to an app
when multiple binaries are instrumented and dumping profiles into the
same directory. The filename includes the path.
Reviewers: davidxl
Subscribers: delcypher, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49529
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337482 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Fix bot failure from r37465. Move the new lto_flags append under the
check for whether lto_supported. Otherwise TestingConfig may not have
that member.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337467 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Executes both LTO and ThinLTO CFI tests an additional time using the new
pass manager. I only bothered to add with gold and not lld as testing
with one linker should be sufficient. I didn't add for APPLE or WIN32
since I don't have a way to test those.
Depends on D49429.
Reviewers: pcc
Subscribers: dberris, mgorny, mehdi_amini, delcypher, dexonsmith, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49432
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337465 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change makes it so that the profiling mode implementation will only
write files when there are buffers to write. Before this change, we'd
always open a file even if there were no profiles collected when
flushing.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337443 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
When providing raw access to the FDR mode buffers, we used to not
include the extents metadata record. This oversight means that
processing the buffers in-memory will lose important information that
would have been written in files.
This change exposes the metadata record by serializing the data
similarly to how we would do it when flushing to files.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337441 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
MAP_NORESERVE is not supported or a no-op on BSD.
Reviewers: dberris
Reviewed By: dberris
Differential Revision: https://reviews.llvm.org/D49494
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337440 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337437 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337436 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
(DFT=data-flow-trace)
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337434 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
We've been seeing intermittent failures on our internal bots and we suspect
this may be due to the OS scheduling the child process to run before the parent
process.
This version ensures that the parent and child can be run in either order.
Reviewers: Maknee, dberris
Reviewed By: dberris
Subscribers: delcypher, #sanitizers, Maknee, llvm-commits
Differential Revision: https://reviews.llvm.org/D49501
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337432 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This prevents gold from printing a warning when trying to export
these symbols via the asan dynamic list after ThinLTO promotes them
from private symbols to external symbols with hidden visibility.
Differential Revision: https://reviews.llvm.org/D49498
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337428 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Fuchsia doesn't have signals; instead it expects processes to have a
dedicated exception thread that binds to the process' exception port and
waits for exception packets to be delivered. On the other hand,
libFuzzer and sanitizer_common use expect to collect crash information
via libunwind from the same thread that caused the exception.
The long term fix is to improve support for remote unwinding in
libunbwind, plumb this through sanitizer_common and libFuzzer, and
handle the exception exclusively on the exception thread. In the
meantime, this revision has the exception thread "resurrect" the
crashing thread by:
* saving its general purpose register state onto the crashing thread's
stack,
* setting the crashing thread's program counter to an assembly trampoline
with the CFI information needed by libunwind, and
* resuming the crashed thread.
Patch By: aarongreen
Differential Revision: https://reviews.llvm.org/D48509
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337418 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Created IterateInline8bitCounters, a single template for visiting Inline8bitCounters (nested for loop)
Made InitializeUnstableCounters and UpdateUnstableCounters both send a lambda to IterateInline8bitCounters.
Patch by Kyungtak Woo (@kevinwkt).
Reviewers: Dor1s, metzman, kcc, morehouse
Reviewed By: metzman, morehouse
Subscribers: delcypher, llvm-commits, #sanitizers
Differential Revision: https://reviews.llvm.org/D49453
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337403 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
This is a follow-on to D49217 which simplifies and optimises the
implementation of the segmented array. In this patch we co-locate the
book-keeping for segments in the `__xray::Array<T>` with the data it's
managing. We take the chance in this patch to actually rename `Chunk` to
`Segment` to better align with the high-level description of the
segmented array.
With measurements using benchmarks landed in D48879, we've identified
that calls to `pthread_getspecific` started dominating the cycles, which
led us to revert the change made in D49217 to use C++ thread_local
initialisation instead (it reduces the cost by a huge margin, since we
save one PLT-based call to pthread functions in the hot path). In
particular, this is in `__xray::getThreadLocalData()`.
We also took the opportunity to remove the least-common-multiple based
calculation and instead pack as much data into segments of the array.
This greatly simplifies the API of the container which hides as much of
the implementation details as possible. For instance, we calculate the
number of elements we need for the each segment internally in the Array
instead of making it part of the type.
With the changes here, we're able to get a measurable improvement on the
performance of profiling mode on top of what D48879 already provides.
Depends on D48879.
Reviewers: kpw, eizan
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D49363
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337343 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
This change simplifies the XRay Allocator implementation to self-manage
an mmap'ed memory segment instead of using the internal allocator
implementation in sanitizer_common.
We've found through benchmarks and profiling these benchmarks in D48879
that using the internal allocator in sanitizer_common introduces a
bottleneck on allocating memory through a central spinlock. This change
allows thread-local allocators to eliminate contention on the
centralized allocator.
To get the most benefit from this approach, we also use a managed
allocator for the chunk elements used by the segmented array
implementation. This gives us the chance to amortize the cost of
allocating memory when creating these internal segmented array data
structures.
We also took the opportunity to remove the preallocation argument from
the allocator API, simplifying the usage of the allocator throughout the
profiling implementation.
In this change we also tweak some of the flag values to reduce the
amount of maximum memory we use/need for each thread, when requesting
memory through mmap.
Depends on D48956.
Reviewers: kpw, eizan
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D49217
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337342 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Fix a bug in FDR mode which didn't allow for re-initialising the logging
in the same process. This change ensures that:
- When we flush the FDR mode logging, that the state of the logging
implementation is `XRAY_LOG_UNINITIALIZED`.
- Fix up the thread-local initialisation to use aligned storage and
`pthread_getspecific` as well as `pthread_setspecific` for the
thread-specific data.
- Actually use the pointer provided to the thread-exit cleanup handling,
instead of assuming that the thread has thread-local data associated
with it, and reaching at thread-exit time.
In this change we also have an explicit test for two consecutive
sessions for FDR mode tracing, and ensuring both sessions succeed.
Reviewers: kpw, eizan
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D49359
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337341 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Code now exists to track number of mutations that are used in fuzzing in total
and ones that produce new coverage. The stats are currently being dumped to the
command line.
Patch by Kodé Williams (@kodewilliams).
Reviewers: metzman, Dor1s, morehouse, kcc
Reviewed By: Dor1s, morehouse, kcc
Subscribers: delcypher, kubamracek, kcc, morehouse, llvm-commits, #sanitizers, mgorny
Differential Revision: https://reviews.llvm.org/D48054
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337324 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This function is available for linking in from kernel32.dll, but
it's not allowed to link that function from there in Windows Store
apps.
Differential Revision: https://reviews.llvm.org/D49055
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337313 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This is a fix for bug 37047.
https://bugs.llvm.org/show_bug.cgi?id=37047
Implemented by basically reversing the logic. Previously all strings
were considered, with some operations excluded. Now strings are excluded
by default, and only strings during the CB considered.
Patch By: pdknsk
Differential Revision: https://reviews.llvm.org/D48800
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337296 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
STL can cause MSan false positives if lib[std]c++ isn't instrumented
with MSan.
Reviewers: kcc
Reviewed By: kcc
Subscribers: Dor1s, llvm-commits
Differential Revision: https://reviews.llvm.org/D49404
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337224 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337206 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to test deps for libfuzzer when they're not supported by the platform
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337203 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
We no longer pass CLANG_DEFAULT_CXX_STDLIB to the runtimes build
as it was causing issues so we can no longer use this variable. We
instead use cxx-headers as a dependency whenever this is available
since both XRay and libFuzzer are built as static libraries so this
is sufficient.
Differential Revision: https://reviews.llvm.org/D49346
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337199 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Code now exists to track number of mutations that are used in fuzzing in total
and ones that produce new coverage. The stats are currently being dumped to the
command line.
Patch by Kodé Williams (@kodewilliams).
Reviewers: metzman, Dor1s, morehouse, kcc
Reviewed By: Dor1s, morehouse, kcc
Subscribers: delcypher, kubamracek, kcc, morehouse, llvm-commits, #sanitizers, mgorny
Differential Revision: https://reviews.llvm.org/D48054
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337194 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Required now that we have tests using MSan and DFSan.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337193 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
unstable edges.
Summary:
Created a -print_unstable_stats flag.
When -print_unstable_stats=1, we run it 2 more times on interesting inputs poisoning unstable edges in an array.
On program termination, we run PrintUnstableStats() which will print a line with a stability percentage like AFL does.
Patch by Kyungtak Woo (@kevinwkt).
Reviewers: metzman, Dor1s, kcc, morehouse
Reviewed By: metzman, Dor1s, morehouse
Subscribers: delcypher, llvm-commits, #sanitizers, kcc, morehouse, Dor1s
Differential Revision: https://reviews.llvm.org/D49212
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337187 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
changes.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337180 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337178 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337176 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
unstable edges.
Summary:
Created a -print_unstable_stats flag.
When -print_unstable_stats=1, we run it 2 more times on interesting inputs poisoning unstable edges in an array.
On program termination, we run PrintUnstableStats() which will print a line with a stability percentage like AFL does.
Patch by Kyungtak Woo (@kevinwkt).
Reviewers: metzman, Dor1s, kcc, morehouse
Reviewed By: metzman, Dor1s, morehouse
Subscribers: delcypher, llvm-commits, #sanitizers, kcc, morehouse, Dor1s
Differential Revision: https://reviews.llvm.org/D49212
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337175 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
without exceptions enabled.
Test for https://bugs.llvm.org/show_bug.cgi?id=38066.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337174 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
appropriate for us.
Reviewers: eugenis, pcc, kcc
Subscribers: delcypher, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49252
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337170 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Test for https://bugs.llvm.org/show_bug.cgi?id=38067.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337150 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Fix a TODO in CMake config for XRay tests to use the detected C++ ABI
library in the tests.
Also make the tests depend on the llvm-xray target when built in-tree.
Reviewers: kpw, eizan
Reviewed By: eizan
Subscribers: mgorny, llvm-commits
Differential Revision: https://reviews.llvm.org/D49358
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337142 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This changes the name and the type to what it was prior to r333037
which matches the name of the flag used in other runtimes: libc++,
libc++abi and libunwind. We don't need the type to be a string since
there's only binary choice between libgcc and compiler-rt unlike in
the case of C++ library where there're multiple options.
Differential Revision: https://reviews.llvm.org/D49325
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337116 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
That flag has been introduced in https://reviews.llvm.org/D48660 for
suppressing UIO error messages in an efficient way. The main motivation is to
be able to use UIO checks in builds used for fuzzing as it might provide an
interesting signal to a fuzzing engine such as libFuzzer.
See https://github.com/google/oss-fuzz/issues/910 for more information.
Reviewers: morehouse, kcc
Reviewed By: morehouse
Subscribers: kubamracek, delcypher, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49324
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337068 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Duplicate __get_unsafe_stack_bottom instead of using an alias for
platforms that don't suppport it like Darwin.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337044 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Introduce built-ins to read the unsafe stack top and bottom. The unsafe
stack top is required to implement garbage collection scanning for
Oilpan. Currently there is already a built-in 'get_unsafe_stack_start'
to read the bottom of the unsafe stack, but I chose to duplicate this
API because 'start' is ambiguous (e.g. Oilpan uses WTF::GetStackStart to
read the safe stack top.)
Reviewers: pcc
Reviewed By: pcc
Subscribers: llvm-commits, kcc
Differential Revision: https://reviews.llvm.org/D49152
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337037 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
These are not necessarily correct, just because Clang is configured
to use libc++ or compiler-rt as defaults doesn't mean that the host
compiler uses these as defaults as well. A more correct solution
would be to test the host compiler to check what the default actually
is as attempted in D46857.
Part of PR-38025.
Differential Revision: https://reviews.llvm.org/D49272
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337033 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Use `-Wl,-z,global` for all Sanitizer shared libraries on
Android. We want them to be in the global group
(https://android.googlesource.com/platform/bionic/+/master/android-changes-for-ndk-developers.md#changes-to-library-search-order)
to avoid any alloc/dealloc mismatch between the libc allocator & said library.
`audioserver` was one of the binary that exhibited the problem with Scudo,
this seems to fix it.
[edited for accuracy]
Reviewers: eugenis, alekseyshl
Reviewed By: eugenis
Subscribers: kubamracek, srhines, mgorny, delcypher, #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D49198
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337010 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Test for https://bugs.llvm.org/show_bug.cgi?id=38065.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336996 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
This test invokes undocumented behaviour that could change in
the future. Given this, it's probably best to just remove the
test.
rdar://problem/42022283
Reviewers: kubamracek
Subscribers: llvm-commits, #sanitizers
Differential Revision: https://reviews.llvm.org/D49269
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336977 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
record entry in FDR mode
Summary:
llvm-xray changes:
- account-mode - process-id {...} shows after thread-id
- convert-mode - process {...} shows after thread
- parses FDR and basic mode pid entries
- Checks version number for FDR log parsing.
Basic logging changes:
- Update header version from 2 -> 3
FDR logging changes:
- Update header version from 2 -> 3
- in writeBufferPreamble, there is an additional PID Metadata record (after thread id record and tsc record)
Test cases changes:
- fdr-mode.cc, fdr-single-thread.cc, fdr-thread-order.cc modified to catch process id output in the log.
Reviewers: dberris
Reviewed By: dberris
Subscribers: hiraditya, llvm-commits, #sanitizers
Differential Revision: https://reviews.llvm.org/D49153
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336974 91177308-0d34-0410-b5e6-96231b3b80d8
|