Age | Commit message (Collapse) | Author |
|
Summary: Part of https://github.com/google/sanitizers/issues/637
Reviewers: eugenis, alekseyshl
Subscribers: llvm-commits, kubamracek
Differential Revision: https://reviews.llvm.org/D39826
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@317864 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@317773 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Differential Revision: http://reviews.llvm.org/D19543
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@267795 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork(). ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected. Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.
Unfortunately, there's no reliable way to detect the fix without crashing
the kernel. So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work. In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.
Differential Revision: http://reviews.llvm.org/D19576
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@267747 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
CVE-2016-2143."
This reverts commit r266297.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@266470 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork(). ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected. Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.
Unfortunately, there's no reliable way to detect the fix without crashing
the kernel. So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work. In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.
Differential Revision: http://reviews.llvm.org/D18915
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@266297 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Introducing InitializeCommonFlags accross all sanitizers to simplify
common flags management.
Setting coverage=1 when html_cov_report is requested.
Differential Revision: http://reviews.llvm.org/D18273
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@263820 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Reviewers: eugenis
Subscribers: jaydeep, sagar, llvm-commits
Differential Revision: http://reviews.llvm.org/D17264
Differential Revision: http://reviews.llvm.org/D17563
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@261982 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Reviewers: eugenis
Subscribers: jaydeep, sagar, llvm-commits
Differential Revision: http://reviews.llvm.org/D17371
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@261513 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Now with variadic support for msan on aarch6 there is no need for
XFAIL signal_stress_test anymore. Also to garantee aligned stores
for the FP/SIMD arguments enforce the '__msan_va_arg_tls' alignment
to sizeof the SIMD register (16).
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@255496 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This patch unify the 39-bit and 42-bit mapping for aarch64 to use only
one instrumentation algorithm. A runtime check avoid mapping 42-bit
only segments for 39-bit kernels.
The mapping to use now is for 39 and 42-bits:
0x00000000000ULL-0x01000000000ULL MappingDesc::INVALID
0x01000000000ULL-0x02000000000ULL MappingDesc::SHADOW
0x02000000000ULL-0x03000000000ULL MappingDesc::ORIGIN
0x03000000000ULL-0x04000000000ULL MappingDesc::SHADOW
0x04000000000ULL-0x05000000000ULL MappingDesc::ORIGIN
0x05000000000ULL-0x06000000000ULL MappingDesc::APP
0x06000000000ULL-0x07000000000ULL MappingDesc::INVALID
0x07000000000ULL-0x08000000000ULL MappingDesc::APP
And only for 42-bits:
0x08000000000ULL-0x09000000000ULL MappingDesc::INVALID
0x09000000000ULL-0x0A000000000ULL MappingDesc::SHADOW
0x0A000000000ULL-0x0B000000000ULL MappingDesc::ORIGIN
0x0B000000000ULL-0x0F000000000ULL MappingDesc::INVALID
0x0F000000000ULL-0x10000000000ULL MappingDesc::APP
0x10000000000ULL-0x11000000000ULL MappingDesc::INVALID
0x11000000000ULL-0x12000000000ULL MappingDesc::APP
0x12000000000ULL-0x17000000000ULL MappingDesc::INVALID
0x17000000000ULL-0x18000000000ULL MappingDesc::SHADOW
0x18000000000ULL-0x19000000000ULL MappingDesc::ORIGIN
0x19000000000ULL-0x20000000000ULL MappingDesc::INVALID
0x20000000000ULL-0x21000000000ULL MappingDesc::APP
0x21000000000ULL-0x26000000000ULL MappingDesc::INVALID
0x26000000000ULL-0x27000000000ULL MappingDesc::SHADOW
0x27000000000ULL-0x28000000000ULL MappingDesc::ORIGIN
0x28000000000ULL-0x29000000000ULL MappingDesc::SHADOW
0x29000000000ULL-0x2A000000000ULL MappingDesc::ORIGIN
0x2A000000000ULL-0x2B000000000ULL MappingDesc::APP
0x2B000000000ULL-0x2C000000000ULL MappingDesc::INVALID
0x2C000000000ULL-0x2D000000000ULL MappingDesc::SHADOW
0x2D000000000ULL-0x2E000000000ULL MappingDesc::ORIGIN
0x2E000000000ULL-0x2F000000000ULL MappingDesc::APP
0x2F000000000ULL-0x39000000000ULL MappingDesc::INVALID
0x39000000000ULL-0x3A000000000ULL MappingDesc::SHADOW
0x3A000000000ULL-0x3B000000000ULL MappingDesc::ORIGIN
0x3B000000000ULL-0x3C000000000ULL MappingDesc::APP
0x3C000000000ULL-0x3D000000000ULL MappingDesc::INVALID
0x3D000000000ULL-0x3E000000000ULL MappingDesc::SHADOW
0x3E000000000ULL-0x3F000000000ULL MappingDesc::ORIGIN
0x3F000000000ULL-0x40000000000ULL MappingDesc::APP
And although complex it provides a better memory utilization that
previous one.
[1] http://reviews.llvm.org/D13817
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@251625 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Trim spaces.
- Use nullptr in place of 0 for pointer variables.
- Use '!p' in place of 'p == 0' for null pointer checks.
- Add blank lines to separate function definitions.
- Add 'extern "C"' or 'namespace foo' comments after the appropriate
closing brackets
This is a continuation of work from 409b7b82. The focus here is on the
various sanitizers (not sanitizer_common, as before).
Patch by Eugene Zelenko!
Differential Revision: http://reviews.llvm.org/D13225
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@248966 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Map MSan heap space early (in __msan_init) so that user code can not
accidentally (i.e. w/o MAP_FIXED) create a conflicting mapping.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@248829 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@247684 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This patch adds a runtime check for asan, dfsan, msan, and tsan for
architectures that support multiple VMA size (like aarch64). Currently
the check only prints a warning indicating which is the VMA built and
expected against the one detected at runtime.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@247413 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Previously we had to call __sanitizer_cov_dump() from tool-specific
callbacks - instead, let sanitizer_common library handle this in a
single place.
This is a re-application of r245770, with slightly different approach
taken.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245890 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This is required to properly re-apply r245770:
1) We should be able to dump coverage in __sanitizer::Die() if coverage
collection is turned on.
2) We don't want to explicitly do this in every single
sanitizer that supports it.
3) We don't want to link in coverage (and therefore symbolization) bits
into small sanitizers that don't support it (safestack).
The solution is to make InitializeCoverage() register its own Die()
callback that would call __sanitizer_cov_dump(). This callback should be
executed in addition to another tool-specific die callbacks (if there
are any).
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245889 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
These changes break both autoconf Mac OS X buildbot (linker errors
due to wrong Makefiles) and CMake buildbot (safestack test failures).
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245784 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Previously we had to call __sanitizer_cov_dump() from tool-specific
callbacks - instead, let sanitizer_common library handle this in a single place.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245770 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
__sanitizer_set_death_callback().
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245754 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
all sanitizers.
Summary:
Merge "exitcode" flag from ASan, LSan, TSan and "exit_code" from MSan
into one entity. Additionally, make sure sanitizer_common now uses the
value of common_flags()->exitcode when dying on error, so that this
flag will automatically work for other sanitizers (UBSan and DFSan) as
well.
User-visible changes:
* "exit_code" MSan runtime flag is now deprecated. If explicitly
specified, this flag will take precedence over "exitcode".
The users are encouraged to migrate to the new version.
* __asan_set_error_exit_code() and __msan_set_exit_code() functions
are removed. With few exceptions, we don't support changing runtime
flags during program execution - we can't make them thread-safe.
The users should use __sanitizer_set_death_callback()
that would call _exit() with proper exit code instead.
* Plugin tools (LSan and UBSan) now inherit the exit code of the parent
tool. In particular, this means that ASan would now crash the program
with exit code "1" instead of "23" if it detects leaks.
Reviewers: kcc, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12120
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@245734 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
include_if_exists=/path/to/sanitizer/options reads flags from the
file if it is present. "%b" in the include file path (for both
variants of the flag) is replaced with the basename of the main
executable.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@242853 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@242589 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Differential Revision: http://reviews.llvm.org/D10213
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@239020 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Fix 2 bugs in memory mapping setup:
- the invalid region at offset 0 was not protected because mmap at
address 0 fails with EPERM on most Linux systems. We did not
notice this because the check condition was flipped: the code was
checking that mprotect has failed. And the test that was supposed
to catch this was weakened by the mitigations in the mmap
interceptor.
- when running without origins, the origin shadow range was left
unprotected.
The new test ensures that mmap w/o MAP_FIXED always returns valid
application addresses.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@238109 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Embed UBSan runtime into TSan and MSan runtimes in the same as we do
in ASan. Extend UBSan test suite to also run tests for these
combinations.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@235954 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@235926 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@230639 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
These functions are always used to initialize singleton flags(), as
well as other global data (common_flags()).
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@228894 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@228893 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
By attaching an extra integer tag to heap origins, we are able
to distinguish between uninits
- created by heap allocation,
- created by heap deallocation (i.e. use-after-free),
- created by __msan_allocated_memory call,
- etc.
See https://code.google.com/p/memory-sanitizer/issues/detail?id=35.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226821 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Move a bunch of functions to a new source file and rename some of them for
consistency. No functional changes.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226673 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change removes some debug output in asan_flags.cc that
was reading the verbosity level before all the flags were parsed.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226566 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Print a warning at verbosity=1 and higher instead of dying immediately.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226458 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
InternalAlloc is quite complex and its behavior may depend on the values of
flags. As such, it should not be used while parsing flags.
Sadly, LowLevelAlloc does not support deallocation of memory.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226453 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
The new parser is a lot stricter about syntax, reports unrecognized
flags, and will make it easier to implemented some of the planned features.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@226169 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This mirrors r225239 to all the rest sanitizers:
ASan, DFSan, LSan, MSan, TSan, UBSan.
Now the runtime flag type, name, default value and
description is located in the single place in the
.inc file.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@225327 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
initialization.""
Fix test failures by introducing CommonFlags::CopyFrom() to make sure
compiler doesn't insert memcpy() calls into runtime code.
Original commit message:
Protect CommonFlags singleton by adding const qualifier to
common_flags() accessor. The only ways to modify the flags are
SetCommonFlagsDefaults(), ParseCommonFlagsFromString() and
OverrideCommonFlags() functions, which are only supposed to be
called during initialization.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@225088 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
We've got some internal users that either aren't compatible with this or
have found a bug with it. Either way, this is an isolated cleanup and so
I'm reverting it to un-block folks while we investigate. Alexey and
I will be working on fixing everything up so this can be re-committed
soon. Sorry for the noise and any inconvenience.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@225079 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This is a re-commit of r224838 + r224839, previously reverted in r224850.
Test failures were likely (still can not reproduce) caused by two lit tests
using the same name for an intermediate build target.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224853 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Flaky failures on the build bots.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224850 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224838 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Summary:
Protect CommonFlags singleton by adding const qualifier to
common_flags() accessor. The only ways to modify the flags are
SetCommonFlagsDefaults(), ParseCommonFlagsFromString() and
OverrideCommonFlags() functions, which are only supposed to be
called during initialization.
Test Plan: regression test suite
Reviewers: kcc, eugenis, glider
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6741
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224736 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Add CommonFlags::SetDefaults() and CommonFlags::ParseFromString(),
so that this object can be easily tested. Enforce
that ParseCommonFlagsFromString() and SetCommonFlagsDefaults()
work only with singleton CommonFlags, shared across all sanitizer
runtimes.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@224617 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
compiler-rt part
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@223314 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Previously, all origin ids were "chained" origins, i.e values of
ChainedOriginDepot. This added a level of indirection for simple
stack and heap allocation, which were represented as chains of
length 1. This costs both RAM and CPU, but provides a joined 2**29
origin id space. It also made function (any instrumented function)
entry non-async-signal-safe, but that does not really matter because
memory stores in track-origins=2 mode are not async-signal-safe anyway.
With this change, the type of the origin is encoded in origin id.
See comment in msan_origin.h for more details. This reduces chained and stack
origin id range to 2**28 each, but leaves extra 2**31 for heap origins.
This change should not have any user-visible effects.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@223233 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Differential Revision: http://reviews.llvm.org/D6387
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@222919 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
MSanDR is a dynamic instrumentation tool that can instrument the code
(prebuilt libraries and such) that could not be instrumented at compile time.
This code is unused (to the best of our knowledge) and unmaintained, and
starting to bit-rot.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@222232 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@221936 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@220637 91177308-0d34-0410-b5e6-96231b3b80d8
|