StopTheWorld() clones a child process (with shared virtual address space
and shared TLS) that calls ptrace before releasing a mutex; the parent
process yields until the mutex is unlocked. If seccomp kills the child
process, the parent process will silently hang. The parent process
cannot use waitpid to detect that the child process has been killed,
because the processes share errno.
This patch forks the process one-time to test whether ptrace is allowed.
If it fails, it prints an informational message (though it does not
abort the sanitizer).
Fixes https://github.com/llvm/llvm-project/issues/150380 and
https://github.com/google/sanitizers/issues/777
Sanitizer-specific tests don't use the sanitizer_common flags, but the
issues they address probably also apply to the individual sanitizers.
This was observed in #119071: moving a test from sanitizer_common to
msan broke it in builds with CMAKE_SYSROOT set, because the --sysroot
argument was no longer applied to the test.
When compiling TSan I currently get a handful of warnings like this:
"warning: format specifies type 'void *' but the argument has type 'X
*'". This patch adds the necessary casts to fix them.
Make clang calls using custom suffix to allow correct calls without
reading cfg.py. As I see tests for other other specific checks are doing
it too (e.g. %clangxx_asan).
Instead of writing out in native endian, write out the raw profile bytes
in little endian. Also update the MIB data in little endian. Also clean
up some lint and unused includes in rawprofile.cpp.
Add a new configuration option QuarantineDisabled that allows all of the
quarantine code to be compiled out.
Add new tests that verify that the code is removed properly.
On Android, this saves ~4000 bytes for 32 bit and ~6000 bytes for 64
bit.
On Android, I used some microbenchmarks that do malloc/free in a loop
and for allocations in the primary, the performance is about the same
for both 32 bit and 64 bit. For secondary allocations, I saw ~8% speed
up on 32 bit and ~3% on 64 bit speed up which feels like it could just
be code size improvements.
Reapply #147854 after fixes merged in #151398.
Change memory access histogram storage from uint64_t to uint16_t to
reduce profile size on disk. This change updates the raw profile format
to v5. Also add a histogram test in compiler-rt since we didn't have one
before. With this change the histogram memprof raw for the basic test
reduces from 75KB -> 20KB.
Add the necessary sanitizer interface decls required when the memprof
runtime is built in dynamic mode. This was a latent issue since we didn't
add tests for the histogram feature in compiler-rt. These tests are run
with `ninja check-memprof-dynamic`. I discovered this after the CI
failures for #147854.
Change memory access histogram storage from uint64_t to uint16_t to
reduce profile size on disk. This change updates the raw profile format
to v5. Also add a histogram test in compiler-rt since we didn't have one
before. With this change the histogram memprof raw for the basic test
reduces from 75KB -> 20KB.
This is the refactoring portion of:
https://github.com/llvm/llvm-project/pull/149516. My aim is for this
change to replicate current behaviour - just with Symbolization done
explicitly (and later than previously).
This change will enable us to perform symboliaztion after releasing the
locks in `OutputReport`; this is necessary on Apple platforms in order
to avoid a deadlock.
This reverts commit 3c3523c15850f3c42de35ae725288368414e4e91.
Keeping the directory structure the same as before fixes the failures.
They trivially reproduced locally and only passed before because I was
not cleaning up the temp test directory in between invocations.
%T has been deprecated for about seven years and use is to be avoided
given it doesn't actually create a unique test directory per test, which
can lead to races. Remove it from compiler-rt so we can hopefully remove
it from within llvm-lit.
This patch just touches the tests. There are still uses in some
substitutions defined in compiler-rt/test/lit.common.cfg.py that I want
to leave for a separate patch because it is quite a bit more thorny.
I was observing segfaults at executable exit in the rtsan instrumented
unit tests. Bisecting the offending test led to observing that this test
is not using our safe test fixture for anything involving a file
descriptor. Changing to use the fixture eliminated the segfault on exit.
When `ptrauth_calls` is present but `ptrauth_init_fini` is not, compiler
emits raw unsigned pointers in `.init_array`/`.fini_array` sections.
Previously, `__do_init`/`__do_fini` pointers, which are explicitly added
to the sections, were implicitly signed (due to the presense of
`ptrauth_calls`), while all the other pointers in the sections were
implicitly added by the compiler and thus non-signed.. As a result, the
sections contained a mix of unsigned function pointers and function
pointers signed with default signing schema.
This patch introduces use of inline assembly for this particular case,
so we can manually specify that we do not want to sign the pointers.
Note that we cannot use `__builtin_ptrauth_strip` for this purpose since
its result is not a constant expression.
The current code always unmaps a secondary allocation when MTE is
enabled. Fix this to match the comment, namely only unmap if MTE was
enabled and is no longer enabled after acquiring the lock.
In addition, allow quaratine to work in the secondary even if MTE is not
enabled.
Introduce the test from
https://github.com/llvm/llvm-project/issues/146120
For future readers of this PR, if this test causes a segfault please
comment out the line indicated by the comment (or revert this entire
commit).
My plan is to commit this, see if any test runners fail, then submit the
fix in a follow on.
I cannot repro this bug on my machine so I need some confirmation of the
bug being fixed as it is submitted.
Supplement to PR #144073
Previously, _msan_check_mem_is_initialized.cpp_ initialized a 32-byte
stack array, but checked the shadow for the offset range [12, 42),
exceeding the stack array size.
MSan does not guarantee that the shadow corresponding to the overflow
part is 0, so it is undefined to require the overflow part to be
unpoisoned.
glibc 2.42 made all usage of termios ioctl constants strictly internal
Therefore, we remove all usage for those removed constants.
This should only apply for Linux.
Fix#149103
Reference:
3d3572f590
@fweimer-rh @tstellar
ASan had a gap in coverage for wqthreads blocks submitted by
dispatch_apply
This adds interceptor for dispatch_apply and dispatch_apply_f and adds a
test that a failure in a dispatch apply block contains thread and stack
info.
rdar://139660648
`tid_t` is also defined in the AIX header `/usr/include/sys/types.h`
which is included by system `pthread.h`. The use of `tid_t` by AIX is
conforming according to
[POSIX](https://pubs.opengroup.org/onlinepubs/9799919799/functions/V2_chap02.html):
> Implementations may add symbols to the headers shown in the following
table [ ... ]
Do some refactoring to allocation/deallocation interceptors. Expose
explicit per-alloc_type functions and stop accepting explicit AllocType.
This ensures we do not accidentally mix.
NOTE: This change rejects attempts to call `operator new(<some_size>,
static_cast<std::align_val_t>(0))`.
For https://github.com/llvm/llvm-project/issues/144435
Signed-off-by: Justin King <jcking@google.com>
The script incorrectly checked ${LLVM_BUILD}/build.ninja to determine if
cached libcxx is available, while it should be checking the actual
libcxx build directory at ${LIBCXX_BUILD}/build.ninja.
Ran into the issue on Alpine when building with TSAN that
`__sanitizer_msghdr` and the `msghdr` provided by musl did not match.
This caused lots of tsan reports and an eventual termination of the
application by the oom during a `sendmsg`.
The sizes of the struct stat on MIPS64 differ in musl vs glibc.
See https://godbolt.org/z/qf9bcq8Y8 for the proof. Prior to this change,
compilation for MIPS64 musl would fail.
Signed-off-by: Jens Reidel <adrian@travitia.xyz>
287b24e1899eb6ce62eb9daef5a24faae5e66c1e moved the
`GetGlobalAddressInformation` call earlier, but this broke a chromium
test, so make this workaround for AIX only.
This updates the aligned version for version 26.
Note: This change is for correctness only and has no functional impact
currently. `get_macos_aligned_version` is currently only consumed when
substituting flags based on min version.
rdar://152851947
The original version of ResidentMemorySize could be a little flaky.
Replace the test with a version that verifies exactly how much of the
map is resident.
This reverts commit 0c0aa56cdcf1fe3970a5f3875db412530512fc07.
This time with the following fixes for buildbot failures:
- Add underscore prefixes to symbol names on Apple platforms.
- Modify the test so that it skips the crash tests on platforms where
they are not expected to pass:
- Platforms that implement FEAT_PAuth but not FEAT_FPAC (e.g.
Apple M1, Cortex-A78C)
- Platforms where DA key is disabled (e.g. older Linux kernels,
Linux kernels with PAC disabled, likely Windows)
Original commit message follows:
The emulated PAC runtime functions emulate the ARMv8.3a pointer
authentication instructions and are intended for use in heterogeneous
testing environments. For more information, see the associated RFC:
https://discourse.llvm.org/t/rfc-emulated-pac/85557
Reviewers: mstorsjo, pawosm-arm, atrosinenko
Reviewed By: atrosinenko
Pull Request: https://github.com/llvm/llvm-project/pull/148094
The previous test simply tried to double free the pointer in the
EXPECT_DEATH macro. Unfortunately, the gtest infrastructure can allocate
a pointer that happens to be the previously freed pointer. Thus the free
doesn't fail since the spawned process does not attempt to free all of
the pointers allocated in the original test.
NOTE: Scudo should be checked to make sure that the TSD is not always
returning pointers in the same order they are freed. Although this
appears to be a problem with a program that only does a small number of
allocations.
As well as followup "builtins: Speculative MSVC fix."
This reverts commits 5b1db59fb87b4146f827d17396f54ef30ae0dc40 and
f1c4df5b7bb79efb3e9be7fa5f8176506499d0a6.
Needs fixes for failing tests which will take time to implement.
