Skip to content
  1. Jan 23, 2018
  3. Jan 20, 2018
  5. Jan 19, 2018
  7. Jan 18, 2018
  9. Jan 17, 2018
  11. Jan 12, 2018
    • Kamil Rytarowski's avatar
      Correct the setitimer interceptor on NetBSD · d6b30fff
      Kamil Rytarowski authored 
      Summary:
itimerval can contain padding that may be legitimately uninitialized.

On NetBSD there are four integers of type "long, int, long, int", the
int argument stands for __sanitizer_suseconds_t. Compiler adds extra
padding in this layout.

Check every field of struct itimerval separately.

Define __sanitizer_suseconds_t as long on FreeBSD, Linux and SmartOS,
and int on NetBSD. Define __sanitizer_timeval and __sanitizer_itimerval.

Sponsored by <The NetBSD Foundation>

Reviewers: eugenis, joerg, vitalybuka

Reviewed By: vitalybuka

Subscribers: emaste, kubamracek, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D41502

llvm-svn: 322399
      d6b30fff
  13. Jan 04, 2018
  15. Dec 29, 2017
  17. Dec 18, 2017
    • Maxim Ostapenko's avatar
      [asan] Add interceptor for printf_chk · de74bdb3
      Maxim Ostapenko authored 
      There could be a situation when a specific DSO was built with FORTIFY_SOURCE option. In case asan-ed binary link against that DSO,
libasan can't handle the possible memory error because it does not have interceptors for spinrtf_chk, snprintf_chk, vprintf_chk,
vsnprintf_chk, __fprintf_chk functions. Let's interceptors for them.

Patch by Denis Khalikov.

Differential Revision: https://reviews.llvm.org/D40951

llvm-svn: 320990
      de74bdb3
  19. Dec 14, 2017
    • Kamil Rytarowski's avatar
      [Sanitizers] Basic sanitizer Solaris support (PR 33274) · 271018d2
      Kamil Rytarowski authored 
      Summary:
This is the first mostly working version of the Sanitizer port to 32-bit Solaris/x86.
It is currently based on Solaris 11.4 Beta.

This part was initially developed inside libsanitizer in the GCC tree and should apply to
both.  Subsequent parts will address changes to clang, the compiler-rt build system
and testsuite.

I'm not yet sure what the right patch granularity is: if it's profitable to split the patch
up, I'd like to get guidance on how to do so.

Most of the changes are probably straightforward with a few exceptions:

* The Solaris syscall interface isn't stable, undocumented and can change within an
  OS release.  The stable interface is the libc interface, which I'm using here, if possible
  using the internal _-prefixed names.

* While the patch primarily target 32-bit x86, I've left a few sparc changes in.  They
  cannot currently be used with clang due to a backend limitation, but have worked
  fine inside the gcc tree.

* Some functions (e.g. largefile versions of functions like open64) only exist in 32-bit
  Solaris, so I've introduced a separate SANITIZER_SOLARIS32 to check for that.

The patch (with the subsequent ones to be submitted shortly) was tested
on i386-pc-solaris2.11.  Only a few failures remain, some of them analyzed, some
still TBD:

    AddressSanitizer-i386-sunos :: TestCases/Posix/concurrent_overflow.cc
    AddressSanitizer-i386-sunos :: TestCases/init-order-atexit.cc
    AddressSanitizer-i386-sunos :: TestCases/log-path_test.cc
    AddressSanitizer-i386-sunos :: TestCases/malloc-no-intercept.c
    AddressSanitizer-i386-sunos-dynamic :: TestCases/Posix/concurrent_overflow.cc
    AddressSanitizer-i386-sunos-dynamic :: TestCases/Posix/start-deactivated.cc
    AddressSanitizer-i386-sunos-dynamic :: TestCases/default_options.cc
    AddressSanitizer-i386-sunos-dynamic :: TestCases/init-order-atexit.cc
    AddressSanitizer-i386-sunos-dynamic :: TestCases/log-path_test.cc
    AddressSanitizer-i386-sunos-dynamic :: TestCases/malloc-no-intercept.c

   SanitizerCommon-Unit :: ./Sanitizer-i386-Test/MemoryMappingLayout.DumpListOfModules
    SanitizerCommon-Unit :: ./Sanitizer-i386-Test/SanitizerCommon.PthreadDestructorIterations

Maybe this is good enough the get the ball rolling.

Reviewers: kcc, alekseyshl

Reviewed By: alekseyshl

Subscribers: srhines, jyknight, kubamracek, krytarowski, fedor.sergeev, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D40898

llvm-svn: 320740
      271018d2
  21. Dec 13, 2017
    • Kostya Kortchinsky's avatar
      [sanitizer] Introduce a vDSO aware timing function · f50246da
      Kostya Kortchinsky authored 
      Summary:
See D40657 & D40679 for previous versions of this patch & description.

A couple of things were fixed here to have it not break some bots.
Weak symbols can't be used with `SANITIZER_GO` so the previous version was
breakin TsanGo. I set up some additional local tests and those pass now.

I changed the workaround for the glibc vDSO issue: `__progname` is initialized
after the vDSO and is actually public and of known type, unlike
`__vdso_clock_gettime`. This works better, and with all compilers.

The rest is the same.

Reviewers: alekseyshl

Reviewed By: alekseyshl

Subscribers: srhines, kubamracek, krytarowski, llvm-commits, #sanitizers

Differential Revision: https://reviews.llvm.org/D41121

llvm-svn: 320594
      f50246da
  23. Dec 11, 2017
    • Kostya Kortchinsky's avatar
      [sanitizer] Revert rL320409 · ab5f6aaa
      Kostya Kortchinsky authored 
      Summary: D40679 broke a couple of builds, reverting while investigating.

Reviewers: alekseyshl

Reviewed By: alekseyshl

Subscribers: srhines, kubamracek, krytarowski, llvm-commits, #sanitizers

Differential Revision: https://reviews.llvm.org/D41088

llvm-svn: 320417
      ab5f6aaa
    • Kostya Kortchinsky's avatar
      [sanitizer] Introduce a vDSO aware time function, and use it in the allocator [redo] · d276d724
      Kostya Kortchinsky authored 
      Summary:
Redo of D40657, which had the initial discussion. The initial code had to move
into a libcdep file, and things had to be shuffled accordingly.

`NanoTime` is a time sink when checking whether or not to release memory to
the OS. While reducing the amount of calls to said function is in the works,
another solution that was found to be beneficial was to use a timing function
that can leverage the vDSO.

We hit a couple of snags along the way, like the fact that the glibc crashes
when clock_gettime is called from a preinit_array, or the fact that
`__vdso_clock_gettime` is mangled (for security purposes) and can't be used
directly, and also that clock_gettime can be intercepted.

The proposed solution takes care of all this as far as I can tell, and
significantly improve performances and some Scudo load tests with memory
reclaiming enabled.

@mcgrathr: please feel free to follow up on
https://reviews.llvm.org/D40657#940857 here. I posted a reply at
https://reviews.llvm.org/D40657#940974.

Reviewers: alekseyshl, krytarowski, flowerhack, mcgrathr, kubamracek

Reviewed By: alekseyshl, krytarowski

Subscribers: #sanitizers, mcgrathr, srhines, llvm-commits, kubamracek

Differential Revision: https://reviews.llvm.org/D40679

llvm-svn: 320409
      d276d724
  25. Dec 09, 2017
  27. Dec 04, 2017
    • Kamil Rytarowski's avatar
      Handle NetBSD symbol renaming in sanitizer_common_interceptors.inc · 8e0eca0e
      Kamil Rytarowski authored 
      Summary:
NetBSD renames symbols for historical and compat reasons.

Add required symbol renames in sanitizer_common_interceptors.inc:

 - clock_gettime -> __clock_gettime50
 - clock_getres -> __clock_getres50
 - clock_settime -> __clock_settime50
 - setitimer -> __setitimer50
 - getitimer -> __getitimer50
 - opendir -> __opendir30
 - readdir -> __readdir30
 - time -> __time50
 - localtime_r -> __localtime_r50
 - gmtime_r -> __gmtime_r50
 - gmtime -> __gmtime50
 - ctime -> __ctime50
 - ctime_r -> __ctime_r50
 - mktime -> __mktime50
 - getpwnam -> __getpwnam50
 - getpwuid -> __getpwuid50
 - getpwnam_r -> __getpwnam_r50
 - getpwuid_r -> __getpwuid_r50
 - getpwent -> __getpwent50
 - glob -> __glob30
 - wait3 -> __wait350
 - wait4 -> __wait450
 - readdir_r -> __readdir_r30
 - setlocale -> __setlocale50
 - scandir -> __scandir30
 - sigtimedwait -> __sigtimedwait50
 - sigemptyset -> __sigemptyset14
 - sigfillset -> __sigfillset14
 - sigpending -> __sigpending14
 - sigprocmask -> __sigprocmask14
 - shmctl -> __shmctl50
 - times -> __times13
 - stat -> __stat50
 - getutent -> __getutent50
 - getutxent -> __getutxent50
 - getutxid -> __getutxid50
 - getutxline -> __getutxline50

Sponsored by <The NetBSD Foundation>

Reviewers: joerg, vitalybuka, cryptoad, dvyukov

Reviewed By: cryptoad

Subscribers: llvm-commits, kubamracek, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D40765

llvm-svn: 319670
      8e0eca0e
  29. Nov 29, 2017
  31. Nov 20, 2017
    • Kamil Rytarowski's avatar
      Correct return types of NetBSD specific functions · 24194525
      Kamil Rytarowski authored 
      The __libc_mutex_lock, __libc_mutex_unlock and __libc_thr_setcancelstate
functions return int, not void.

This does not seem to introduce a functional change, however it looks
better with fixed the function prototype.

Sponsored by <The NetBSD Foundation>

llvm-svn: 318654
      24194525
    • Kamil Rytarowski's avatar
      Handle NetBSD specific indirection of libpthread functions · 86bff788
      Kamil Rytarowski authored 
      Summary:
Correct handling of three libpthread(3) functions on NetBSD:

 - pthread_mutex_lock(3),
 - pthread_mutex_unlock(3),
 - pthread_setcancelstate(3).

Code out of the libpthread(3) context uses the libc symbols:

 - __libc_mutex_lock,
 - __libc_mutex_unlock,
 - __libc_thr_setcancelstate.

The threading library (libpthread(3)) defines strong aliases:

 - __strong_alias(__libc_mutex_lock,pthread_mutex_lock)
 - __strong_alias(__libc_mutex_unlock,pthread_mutex_unlock)
 - __strong_alias(__libc_thr_setcancelstate,pthread_setcancelstate)

This caused that these functions were invisible to sanitizers on NetBSD.
Intercept the libc-specific ones and add them as NetBSD-specific aliases
for the common pthread(3) ones.

NetBSD needs to intercept both functions, as the regularly named ones
are used internally in libpthread(3).

Sponsored by <The NetBSD Foundation>

Reviewers: joerg, dvyukov, vitalybuka

Reviewed By: dvyukov

Subscribers: llvm-commits, kubamracek, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D40241

llvm-svn: 318646
      86bff788
  33. Nov 06, 2017
  35. Oct 25, 2017
    • Kamil Rytarowski's avatar
      Add NetBSD improvements in sanitizers · 9c1eeaca
      Kamil Rytarowski authored 
      Summary:
Changes:

 * Add initial msan stub support.
 * Handle NetBSD specific pthread_setname_np(3).
 * NetBSD supports __attribute__((tls_model("initial-exec"))),
   define it in SANITIZER_TLS_INITIAL_EXEC_ATTRIBUTE.
 * Add ReExec() specific bits for NetBSD.
 * Simplify code and add syscall64 and syscall_ptr for !NetBSD.
 * Correct bunch of syscall wrappers for NetBSD.
 * Disable test/tsan/map32bit on NetBSD as not applicable.
 * Port test/tsan/strerror_r to a POSIX-compliant OSes.
 * Disable __libc_stack_end on NetBSD.
 * Disable ReadNullSepFileToArray() on NetBSD.
 * Define struct_ElfW_Phdr_sz, detected missing symbol by msan.
 * Change type of __sanitizer_FILE from void to char. This helps
   to reuse this type as an array. Long term it will be properly
   implemented along with SANITIZER_HAS_STRUCT_FILE setting to 1.
 * Add initial NetBSD support in lib/tsan/go/buildgo.sh.
 * Correct referencing stdout and stderr in tsan_interceptors.cc
   on NetBSD.
 * Document NetBSD x86_64 specific virtual memory layout in
   tsan_platform.h.
 * Port tests/rtl/tsan_test_util_posix.cc to NetBSD.
 * Enable NetBSD tests in test/msan/lit.cfg.
 * Enable NetBSD tests in test/tsan/lit.cfg.

Sponsored by <The NetBSD Foundation>

Reviewers: joerg, vitalybuka, eugenis, kcc, dvyukov

Reviewed By: dvyukov

Subscribers: #sanitizers, llvm-commits, kubamracek

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D39124

llvm-svn: 316591
      9c1eeaca
  37. Sep 26, 2017
  39. Sep 05, 2017
    • Evgeniy Stepanov's avatar
      [msan] Check sigset_t and sigaction arguments. · 8b80b328
      Evgeniy Stepanov authored 
      Summary:
Check sigset_t arguments in ppoll, sig*wait*, sigprocmask
interceptors, and the entire "struct sigaction" in sigaction. This
can be done because sigemptyset/sigfullset are intercepted and
signal masks should be correctly marked as initialized.

Reviewers: vitalybuka

Subscribers: kubamracek, llvm-commits

Differential Revision: https://reviews.llvm.org/D37367

llvm-svn: 312576
      8b80b328
  41. Jul 31, 2017
    • Vitaly Buka's avatar
      [sanitizer_common] Rename SI_NOT_WINDOWS to SI_POSIX · 8c809eb7
      Vitaly Buka authored 
      Summary:
New systems might be neither Windows nor POSIX.  The SI_NOT_WINDOWS
macro in sanitizer_platform_interceptors.h was already effectively
the same as SI_POSIX, so just use SI_POSIX instead.

Submitted on behalf of Roland McGrath.

Reviewers: vitalybuka, alekseyshl, kcc

Reviewed By: vitalybuka

Subscribers: phosek, filcab, llvm-commits, kubamracek

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D36038

llvm-svn: 309536
      8c809eb7
  43. Jul 06, 2017
  45. Jun 29, 2017
    • Reid Kleckner's avatar
      Fix WinASan after moving wcslen interceptor to sanitizer_common · 4acf36be
      Reid Kleckner authored 
      Do this by removing SANITIZER_INTERCEPT_WCSLEN and intercept wcslen
everywhere. Before this change, we were already intercepting wcslen on
Windows, but the interceptor was in asan, not sanitizer_common. After
this change, we stopped intercepting wcslen on Windows, which broke
asan_dll_thunk.c, which attempts to thunk to __asan_wcslen in the ASan
runtime.

llvm-svn: 306706
      4acf36be
  47. Jun 28, 2017
  49. Jun 07, 2017
  51. Jun 01, 2017
  53. May 18, 2017
  55. May 11, 2017
  57. May 03, 2017
  59. May 02, 2017
  61. Apr 24, 2017
  63. Apr 21, 2017
    • Vitaly Buka's avatar
      [asan] Optimize strchr for strict_string_checks=false · 9703df2b
      Vitaly Buka authored 
      Summary:
strchr interceptor does not need to call strlen if strict_string_checks is not
enabled. Unnecessary strlen calls affect python parser performance.

Reviewers: eugenis, kcc

Subscribers: llvm-commits, kubamracek

Differential Revision: https://reviews.llvm.org/D32264

llvm-svn: 301027
      9703df2b
    • Diana Picus's avatar
      Revert r300889, r300906, r300935, r300939 · 1f043e1c
      Diana Picus authored 
      At least one of the ARM bots is still broken:
Command Output (stderr):
--
/home/buildslave/buildslave/clang-cmake-armv7-a15-full/llvm/projects/compiler-rt/test/asan/TestCases/Posix/strchr.c:31:12: error: expected string not found in input
 // CHECK: strchr.c:[[@LINE-2]]
           ^
<stdin>:3:59: note: scanning from here
==16297==ERROR: AddressSanitizer: SEGV on unknown address 0xb5add000 (pc 0xb6dccaa4 bp 0xbe8c19c8 sp 0xbe8c1570 T0)
                                                          ^
<stdin>:3:59: note: with expression "@LINE-2" equal to "29"
==16297==ERROR: AddressSanitizer: SEGV on unknown address 0xb5add000 (pc 0xb6dccaa4 bp 0xbe8c19c8 sp 0xbe8c1570 T0)
                                                          ^
<stdin>:5:57: note: possible intended match here
 #0 0xb6dccaa3 in strlen /build/glibc-f8FFOS/glibc-2.23/string/../sysdeps/arm/armv6t2/strlen.S:82

Try to fix by reverting r300889 and subsequent fixes:
Revert "[asan] Fix test by removing "The signal is caused" check."
Revert "[asan] Fix test on ppc64le-linux by checking "UNKNOWN memory access""
Revert "[asan] Match BUS and SIGV to fix test on Darwin"
Revert "[asan] Optimize strchr for strict_string_checks=false"

llvm-svn: 300955
      1f043e1c