| Age | Commit message (Collapse) | Author |
|---|
|
This commit contains the trivial portion of the port of ASan to
Myriad RTEMS.
- Whitelist platform in sanitizer_platform.h, ubsan_platform.h
- Turn off general interception
- Use memset for FastPoisonShadow
- Define interception wrappers
- Set errno symbol correctly
- Enable ASAN_LOW_MEMORY
- Enable preinit array
- Disable slow unwinding
- Use fuchsia offline symbolizer
- Disable common code for: InitializeShadowMemory, CreateMainThread,
AsanThread::ThreadStart, StartReportDeadlySignal,
MaybeReportNonExecRegion.
Differential Revision: https://reviews.llvm.org/D46454
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@332681 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This gives us something to insert into the shadow gap for systems that
don't have memory protection turned on there (i.e. on Myriad).
Differential Revision: https://reviews.llvm.org/D46457
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@332557 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
This is a pure refactoring change. It paves the way for OS-specific
implementations, such as Fuchsia's, that can do most of the
per-thread bookkeeping work in the creator thread before the new
thread actually starts. This model is simpler and cleaner, avoiding
some race issues that the interceptor code for thread creation has
to do for the existing OS-specific implementations.
Submitted on behalf of Roland McGrath.
Reviewers: vitalybuka, alekseyshl, kcc
Reviewed By: alekseyshl
Subscribers: phosek, filcab, llvm-commits, kubamracek
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D36385
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@310432 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Submitted on behalf of Roland McGrath.
Reviewers: vitalybuka, alekseyshl, kcc
Subscribers: kubamracek, mgorny, phosek, filcab, llvm-commits
Tags: #sanitizers
Differential Revision: https://reviews.llvm.org/D36037
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@309542 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
On iOS/AArch64, the address space is very limited and has a dynamic maximum address based on the configuration of the device. We're already using a dynamic shadow, and we find a large-enough "gap" in the VM where we place the shadow memory. In some cases and some device configuration, we might not be able to find a large-enough gap: E.g. if the main executable is linked against a large number of libraries that are not part of the system, these libraries can fragment the address space, and this happens before ASan starts initializing.
This patch has a solution, where we have a "backup plan" when we cannot find a large-enough gap: We will restrict the address space (via MmapFixedNoAccess) to a limit, for which the shadow limit will fit.
Differential Revision: https://reviews.llvm.org/D35098
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@307865 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary: On windows 10, the ucrt DLL is performing allocations before the function hooking and there are multiple allocations not handled by Asan. When a free occur at the end of the process, asan is reporting desallocations not malloc-ed.
Reviewers: rnk, kcc
Reviewed By: rnk, kcc
Subscribers: kcc, llvm-commits, kubamracek, chrisha, dberris
Differential Revision: https://reviews.llvm.org/D25946
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@295730 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Differential Revision: https://reviews.llvm.org/D29459
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@293956 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
asan to sanitizer_common.
Reviewers: eugenis
Subscribers: kubabrecka, dberris, llvm-commits
Differential Revision: https://reviews.llvm.org/D28074
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@290626 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Experiments show that on Android the current values result in too much
of the memory consumption for all quarantined chunks.
Reviewers: kcc, eugenis
Subscribers: mgorny, danalbert, srhines, llvm-commits, kubabrecka
Patch by Aleksey Shlyapnikov.
Differential Revision: https://reviews.llvm.org/D27873
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@290218 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary: Keep reifying other errors.
Reviewers: kcc, samsonov
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23873
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@280930 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@279790 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary: This value is never used.
Reviewers: kcc, eugenis
Subscribers: llvm-commits, kubabrecka
Differential Revision: https://reviews.llvm.org/D23631
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@279010 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Memory will be committed on demand when exception happens while accessing
shadow memeory region.
Patch by: Wei Wang
Differential Revision: http://reviews.llvm.org/D21942
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@275107 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
__sanitizer_install_malloc_and_free_hooks
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@272943 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Some known issues are:
When "head" include instructions that involve branching, the "cut and paste" approach may break down in a way that function interception still work but calling back the original function does not work.
The jmp [rip -8] saves some bytes in the "head" but finding the safe zone of 0xCC is not implemented yet. So it may stomp on preceding codes.
The shadow offset is not working yet on Win64. More complexity maybe involved since there are some differences regarding virtual address space between Window 8 and Windows 8.1/10.
Patch by: Wang Wei
Differential Revision: http://reviews.llvm.org/D20884
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@271915 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change introduces routines that register and unregister all
instrumented globals in a loaded executable image.
These routines are only implemented on Darwin, where globals metadata
is expected to be placed in the __DATA,__asan_globals section.
Review: http://reviews.llvm.org/D16841
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@264644 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@259451 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
In AddressSanitizer, we have the MaybeReexec method to detect when we're running without DYLD_INSERT_LIBRARIES (in which case interceptors don't work) and re-execute with the environment variable set. On OS X 10.11+, this is no longer necessary, but to have ThreadSanitizer supported on older versions of OS X, let's use the same method as well. This patch moves the implementation from `asan/` into `sanitizer_common/`.
Differential Revision: http://reviews.llvm.org/D15123
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@254600 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
all sanitizers.
Summary:
Merge "exitcode" flag from ASan, LSan, TSan and "exit_code" from MSan
into one entity. Additionally, make sure sanitizer_common now uses the
value of common_flags()->exitcode when dying on error, so that this
flag will automatically work for other sanitizers (UBSan and DFSan) as
well.
User-visible changes:
* "exit_code" MSan runtime flag is now deprecated. If explicitly
specified, this flag will take precedence over "exitcode".
The users are encouraged to migrate to the new version.
* __asan_set_error_exit_code() and __msan_set_exit_code() functions
are removed. With few exceptions, we don't support changing runtime
flags during program execution - we can't make them thread-safe.
The users should use __sanitizer_set_death_callback()
that would call _exit() with proper exit code instead.
* Plugin tools (LSan and UBSan) now inherit the exit code of the parent
tool. In particular, this means that ASan would now crash the program
with exit code "1" instead of "23" if it detects leaks.
Reviewers: kcc, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12120
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245734 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
handle SIGFPE crashes same as SIGSEV crashes, patch by Karl Skomski. This time the test is enabled only on x86-64 (it broke on ARM)
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@244234 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
handle SIGFPE crashes same as SIGSEV crashes, patch by Karl Skomski"
This reverts commit r244136, it was breaking the ARM bots for too long. We should investigate it offline.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@244210 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
crashes same as SIGSEV crashes, patch by Karl Skomski
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@244136 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Since the CoreFoundation allocator replacement was moved in r173134, all
implementations of this function have been empty.
Reviewers: samsonov
Differential Revision: http://reviews.llvm.org/D11375
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@242811 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This is done by creating a named shared memory region, unlinking it
and setting up a private (i.e. copy-on-write) mapping of that instead
of a regular anonymous mapping. I've experimented with regular
(sparse) files, but they can not be scaled to the size of MSan shadow
mapping, at least on Linux/X86_64 and ext3 fs.
Controlled by a common flag, decorate_proc_maps, disabled by default.
This patch has a few shortcomings:
* not all mappings are annotated, especially in TSan.
* our handling of memset() of shadow via mmap() puts small anonymous
mappings inside larger named mappings, which looks ugly and can, in
theory, hit the mapping number limit.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@238621 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
The problem is that without SA_RESTORER flag, kernel ignores the handler. So tracer actually did not setup any handler.
Add SA_RESTORER flag when setting up handlers.
Add a test that causes SIGSEGV in stoptheworld callback.
Move SignalContext from asan to sanitizer_common to print better diagnostics about signal in the tracer thread.
http://reviews.llvm.org/D8005
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@230978 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
We currently skip all "Noinst" unit tests on OS X, which was probably caused when we removed the "allow_reexec" flag. The MaybeReexec function fails to re-execute when the runtime is linked statically, because there is no dylib to use. This patch adds an explicit DisableReexec function that is used from asan_noinst_test.cc and the runtime then doesn't try to re-execute.
Reviewed at http://reviews.llvm.org/D7493
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@228740 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226636 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@225556 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224450 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Differential Revision: http://reviews.llvm.org/D6148
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@222756 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
instrumentation of variable-sized dynamic allocas. Patch by Max Ostapenko.
Reviewed at http://reviews.llvm.org/D6055
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@222520 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
(-fsanitize-address-field-padding=1). Note that all of this is still experimental; don't use unless you are brave.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@220013 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
favor of
a unified interface in <sanitizer/allocator_interface.h>.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@215469 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
PR19838 (Left OOB accesses on new[]-allocated arrays with array cookies are not detected). No tests yet. They will follow once I commit the clang part.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@214711 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
across sanitizers.
Get rid of ASAN_USE_PREINIT_ARRAY and LSAN_USE_PREINIT_ARRAY - just always
use .preinit_array if it's available. This mode seems stable enough, and
we've been relying on default values of these macro for a long time.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@213980 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Introduce new public header <sanitizer/allocator_interface.h> and a set
of functions __sanitizer_get_ownership(), __sanitizer_malloc_hook() etc.
that will eventually replace their tool-specific equivalents
(__asan_get_ownership(), __msan_get_ownership() etc.). Tool-specific
functions are now deprecated and implemented as stubs redirecting
to __sanitizer_ versions (which are implemented differently in each tool).
Replace all uses of __xsan_ versions with __sanitizer_ versions in unit
and lit tests.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@212469 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Don't fail if __libc_malloc_dispatch is missing; continue running
with normal linux interceptors instead.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@210322 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@208841 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
asan_cxx containts replacements for new/delete operators, and should
only be linked in C++ mode. We plan to start building this part
with exception support to make new more standard-compliant.
See https://code.google.com/p/address-sanitizer/issues/detail?id=295
for more details.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@208609 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@208530 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Based on http://llvm-reviews.chandlerc.com/D3042 by Yuri Gribov!
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@205308 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@200550 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change is a part of refactoring intended to have common signal handling behavior in all tools.
This particular CL moves InstallSignalHandlers() into sanitizer_common (making it InstallDeadlySignalHandlers()), but doesn't enable default signal handlers for any tool other than ASan.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@200542 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change is a part of refactoring intended to have common signal handling behavior in all tools.
Note that this particular change doesn't enable use_sigaltstack support in every tool.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@200310 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change is a part of refactoring intended to have common signal handling behavior in all tools.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@200295 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change adds ASAN_OPTIONS=start_deactivated=1 flag. When present, ASan will
start in "deactivated" mode, with no heap poisoning, no quarantine, no stack
trace gathering, and minimal redzones. All this features come back when
__asan_init is called for the constructor of an instrumented library.
The primary use case for this feature is Android. Code itself is not
Android-specific, and this patch includes a Linux test for it.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@199377 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@199370 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
addressed Alexey Samsonov's comments for r195011
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@195117 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Call AsanThread::Destroy() from a late-running TSD destructor.
Previously we called it before any user-registered TSD destructors, which caused
false positives in LeakSanitizer.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@192585 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
We don't want to report initialization-order bugs when a destructor of a global
variable accesses dynamically initialized global from another
(not necessarily initialized) module. We do this by intercepting __cxa_atexit and
registrering our own callback that unpoisons shadow for all dynamically initialized
global variables.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@182637 91177308-0d34-0410-b5e6-96231b3b80d8
|
