27 Commits

Author SHA1 Message Date
Vitaly Buka
c92631a59a [sanitizer] Fix VReport of symbol version
Version is already a string and does not need stringizing.
2021-08-25 14:32:15 -07:00
Michael Jones
40067b88c0 [compiler-rt] change internal internal libc invariants
llvm-libc is expected to be built with sanitizers and not use interceptors in
the long run. For now though, we have a hybrid process, where functions
implemented in llvm-libc are instrumented, and glibc fills and sanitizer
interceptors fill in the rest.

Current sanitizers have an invariant that the REAL(...) function called from
inside of an interceptor is uninstrumented. A lot of interceptors call strlen()
in order to figure out the size of the region to check/poison. Switch these
callsites over to the internal, unsanitized implementation.

Reviewed By: hctim, vitalybuka

Differential Revision: https://reviews.llvm.org/D108316
2021-08-24 16:41:15 +00:00
Dmitry Vyukov
123c58ea26 sanitizer_common: enable format string checking
Enable -Wformat in sanitizer_common now that it's
cleaned up from existing warnings.
But disable it in all sanitizers for now since
they are not cleaned up yet, but inherit sanitizer_common CFLAGS.

Depends on D107980.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D107981
2021-08-13 13:44:52 +02:00
Dmitry Vyukov
56debbf52e sanitizers: switch BlockingMutex(LINKER_INITIALIZED) to Mutex
Mutex does not support LINKER_INITIALIZED support.
As preparation to switching BlockingMutex to Mutex,
proactively replace all BlockingMutex(LINKER_INITIALIZED) to Mutex.
All of these are objects with static storage duration and Mutex ctor
is constexpr, so it should be equivalent.

Reviewed By: melver

Differential Revision: https://reviews.llvm.org/D106944
2021-07-28 15:09:34 +02:00
Dmitry Vyukov
dfd9808b6c sanitizer_common: add simpler ThreadRegistry ctor
Currently ThreadRegistry is overcomplicated because of tsan,
it needs tid quarantine and reuse counters. Other sanitizers
don't need that. It also seems that no other sanitizer now
needs max number of threads. Asan used to need 2^24 limit,
but it does not seem to be needed now. Other sanitizers blindly
copy-pasted that without reasons. Lsan also uses quarantine,
but I don't see why that may be potentially needed.

Add a ThreadRegistry ctor that does not require any sizes
and use it in all sanitizers except for tsan.
In preparation for new tsan runtime, which won't need
any of these parameters as well.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D105713
2021-07-13 22:52:25 -07:00
Vitaly Buka
b4a6fa12d1 Revert "sanitizer_common: add simpler ThreadRegistry ctor"
Breaks https://lab.llvm.org/buildbot/#/builders/sanitizer-x86_64-linux-android

This reverts commit 6062c672bc5e560a4c3dc73741f9e82b39d08527.
This reverts commit 8e489b4b96e31cfb004e03cfa1393c425c504013.
2021-07-12 12:04:12 -07:00
Dmitry Vyukov
0da172b176 sanitizer_common: add thread safety annotations
Enable clang Thread Safety Analysis for sanitizers:
https://clang.llvm.org/docs/ThreadSafetyAnalysis.html

Thread Safety Analysis can detect inconsistent locking,
deadlocks and data races. Without GUARDED_BY annotations
it has limited value. But this does all the heavy lifting
to enable analysis and allows to add GUARDED_BY incrementally.

Reviewed By: melver

Differential Revision: https://reviews.llvm.org/D105716
2021-07-12 11:46:49 +02:00
Dmitry Vyukov
8e489b4b96 sanitizer_common: add simpler ThreadRegistry ctor
Currently ThreadRegistry is overcomplicated because of tsan,
it needs tid quarantine and reuse counters. Other sanitizers
don't need that. It also seems that no other sanitizer now
needs max number of threads. Asan used to need 2^24 limit,
but it does not seem to be needed now. Other sanitizers blindly
copy-pasted that without reasons. Lsan also uses quarantine,
but I don't see why that may be potentially needed.

Add a ThreadRegistry ctor that does not require any sizes
and use it in all sanitizers except for tsan.
In preparation for new tsan runtime, which won't need
any of these parameters as well.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D105713
2021-07-11 12:36:28 +02:00
Dmitry Vyukov
2721e27c3a sanitizer_common: deduplicate CheckFailed
We have some significant amount of duplication around
CheckFailed functionality. Each sanitizer copy-pasted
a chunk of code. Some got random improvements like
dealing with recursive failures better. These improvements
could benefit all sanitizers, but they don't.

Deduplicate CheckFailed logic across sanitizers and let each
sanitizer only print the current stack trace.
I've tried to dedup stack printing as well,
but this got me into cmake hell. So let's keep this part
duplicated in each sanitizer for now.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D102221
2021-05-12 08:50:53 +02:00
Dmitry Vyukov
92a3a2dc3e sanitizer_common: introduce kInvalidTid/kMainTid
Currently we have a bit of a mess related to tids:
 - sanitizers re-declare kInvalidTid multiple times
 - some call it kUnknownTid
 - implicit assumptions that main tid is 0
 - asan/memprof claim their tids need to fit into 24 bits,
   but this does not seem to be true anymore
 - inconsistent use of u32/int to store tids

Introduce kInvalidTid/kMainTid in sanitizer_common
and use them consistently.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D101428
2021-04-30 15:58:05 +02:00
Jianzhou Zhao
75be3681d1 [msan] Remove dead function/fields
To see how to extract a shared allocator interface for D101204,
found some unused code. Tests passed. Are they safe to remove?

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D101559
2021-04-29 23:08:39 +00:00
Nico Weber
0e92cbd6a6 Revert "[sanitizer] Simplify GetTls with dl_iterate_phdr on Linux"
This reverts commit ec575e3b0a462ff7a3d23d0f39a22147606050de.
Still doesn't work, see https://crbug.com/1196037
2021-04-05 19:00:18 -04:00
Fangrui Song
ec575e3b0a [sanitizer] Simplify GetTls with dl_iterate_phdr on Linux
This was reverted by f176803ef1f4050a350e01868d64fe09a674d3bf due to
Ubuntu 16.04 x86-64 glibc 2.23 problems.
This commit additionally calls `__tls_get_addr({modid,0})` to work around the
dlpi_tls_data==NULL issues for glibc<2.25
(https://sourceware.org/bugzilla/show_bug.cgi?id=19826)

GetTls is the range of

* thread control block and optional TLS_PRE_TCB_SIZE
* static TLS blocks plus static TLS surplus

On glibc, lsan requires the range to include
`pthread::{specific_1stblock,specific}` so that allocations only referenced by
`pthread_setspecific` can be scanned.

This patch uses `dl_iterate_phdr` to collect TLS blocks. Find the one
with `dlpi_tls_modid==1` as one of the initially loaded module, then find
consecutive ranges. The boundaries give us addr and size.

This allows us to drop the glibc internal `_dl_get_tls_static_info` and
`InitTlsSize` entirely. Use the simplified method with non-Android Linux for
now, but in theory this can be used with *BSD and potentially other ELF OSes.

This simplification enables D99566 for TLS Variant I architectures.

See https://reviews.llvm.org/D93972#2480556 for analysis on GetTls usage
across various sanitizers.

Differential Revision: https://reviews.llvm.org/D98926
2021-04-04 15:35:53 -07:00
Nico Weber
f176803ef1 Revert "[sanitizer] Simplify GetTls with dl_iterate_phdr"
This reverts commit 9be8f8b34d9b150cd1811e3556fe9d0cd735ae29.
This breaks tsan on Ubuntu 16.04:

    $ cat tiny_race.c
    #include <pthread.h>
    int Global;
    void *Thread1(void *x) {
      Global = 42;
      return x;
    }
    int main() {
      pthread_t t;
      pthread_create(&t, NULL, Thread1, NULL);
      Global = 43;
      pthread_join(t, NULL);
      return Global;
    }
    $ out/gn/bin/clang -fsanitize=thread -g -O1 tiny_race.c --sysroot ~/src/chrome/src/build/linux/debian_sid_amd64-sysroot/
    $ docker run -v $PWD:/foo ubuntu:xenial /foo/a.out
    FATAL: ThreadSanitizer CHECK failed: ../../compiler-rt/lib/tsan/rtl/tsan_platform_linux.cpp:447 "((thr_beg)) >= ((tls_addr))" (0x7fddd76beb80, 0xfffffffffffff980)
        #0 <null> <null> (a.out+0x4960b6)
        #1 <null> <null> (a.out+0x4b677f)
        #2 <null> <null> (a.out+0x49cf94)
        #3 <null> <null> (a.out+0x499bd2)
        #4 <null> <null> (a.out+0x42aaf1)
        #5 <null> <null> (libpthread.so.0+0x76b9)
        #6 <null> <null> (libc.so.6+0x1074dc)

(Get the sysroot from here: https://commondatastorage.googleapis.com/chrome-linux-sysroot/toolchain/500976182686961e34974ea7bdc0a21fca32be06/debian_sid_amd64_sysroot.tar.xz)

Also reverts follow-on commits:
This reverts commit 58c62fd9768594ec8dd57e8320ba2396bf8b87e5.
This reverts commit 31e541e37587100a5b21378380f54c028fda2d04.
2021-04-02 18:19:17 -04:00
Fangrui Song
9be8f8b34d [sanitizer] Simplify GetTls with dl_iterate_phdr
GetTls is the range of

* thread control block and optional TLS_PRE_TCB_SIZE
* static TLS blocks plus static TLS surplus

On glibc, lsan requires the range to include
`pthread::{specific_1stblock,specific}` so that allocations only referenced by
`pthread_setspecific` can be scanned.

This patch uses `dl_iterate_phdr` to collect TLS ranges. Find the one
with `dlpi_tls_modid==1` as one of the initially loaded module, then find
consecutive ranges. The boundaries give us addr and size.

This allows us to drop the glibc internal `_dl_get_tls_static_info` and
`InitTlsSize` entirely. Use the simplified method with non-Android Linux for
now, but in theory this can be used with *BSD and potentially other ELF OSes.

In the future, we can move `ThreadDescriptorSize` code to lsan (and consider
intercepting `pthread_setspecific`) to avoid hacks in generic code.

See https://reviews.llvm.org/D93972#2480556 for analysis on GetTls usage
across various sanitizers.

Differential Revision: https://reviews.llvm.org/D98926
2021-03-25 21:55:27 -07:00
Vitaly Buka
e0dadf3de2 [sanitizer] Remove max_len parameter from InternalScopedString
InternalScopedString uses InternalMmapVector internally
so it can be resized dynamically as needed.

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D98751
2021-03-17 16:57:09 -07:00
Alex Richardson
ad294e572b [sanitizers] Fix interception of GLibc regexec
Previously, on GLibc systems, the interceptor was calling __compat_regexec
(regexec@GLIBC_2.2.5) insead of the newer __regexec (regexec@GLIBC_2.3.4).
The __compat_regexec strips the REG_STARTEND flag but does not report an
error if other flags are present. This can result in infinite loops for
programs that use REG_STARTEND to find all matches inside a buffer (since
ignoring REG_STARTEND means that the search always starts from the first
character).

The underlying issue is that GLibc's dlsym(RTLD_NEXT, ...) appears to
always return the oldest versioned symbol instead of the default. This
means it does not match the behaviour of dlsym(RTLD_DEFAULT, ...) or the
behaviour documented in the manpage.

It appears a similar issue was encountered with realpath and worked around
in 77ef78a0a5dbaa364529bd05ed7a7bd9a71dd8d4.

See also https://sourceware.org/bugzilla/show_bug.cgi?id=14932 and
https://sourceware.org/bugzilla/show_bug.cgi?id=1319.

Fixes https://github.com/google/sanitizers/issues/1371

Reviewed By: #sanitizers, vitalybuka, marxin

Differential Revision: https://reviews.llvm.org/D96348
2021-03-08 10:53:55 +00:00
Fangrui Song
fde3ae88ee [asan][memprof] Declare _DYNAMIC and fix -Wparentheses
Declare `extern ElfW(Dyn) _DYNAMIC[];` so that it will trivially work on musl.
2020-12-27 20:28:59 -08:00
Jeroen Dobbelaere
d7e71b5db8 [compiler-rt santizer] Use clock_gettime instead of timespec_get
On RH66, timespec_get is not available. Use clock_gettime instead.

This problem was introduced with D87120

Reviewed By: tejohnson

Differential Revision: https://reviews.llvm.org/D91687
2020-12-08 10:10:17 -08:00
Teresa Johnson
a75b2e87e6 [MemProf] Add interface to dump profile
Add an interface so that the profile can be dumped on demand.

Differential Revision: https://reviews.llvm.org/D91768
2020-11-19 10:21:53 -08:00
Vitaly Buka
4cd0927306 [memprof] Don't protect destructor in final 2020-11-03 11:33:33 -08:00
Vitaly Buka
d48f2d7c02 [sanitizer] Cleanup -Wnon-virtual-dtor warnings 2020-11-02 20:30:50 -08:00
Vitaly Buka
8b37a4e6ca [sanitizer] Make destructors protected 2020-11-02 18:00:43 -08:00
Petr Hosek
6db314e86b [CMake] Remove cxx-headers from runtime deps
Part of D88922
2020-10-30 20:03:38 -07:00
Petr Hosek
ed4fbe6d9c [CMake] Replace ctime with time.h in memprof
Part of D88922
2020-10-30 20:02:53 -07:00
Teresa Johnson
5c20d7db9f [MemProf] Allow the binary to specify the profile output filename
This will allow the output directory to be specified by a build time
option, similar to the directory specified for regular PGO profiles via
-fprofile-generate=. The memory profiling instrumentation pass will
set up the variable. This is the same mechanism used by the PGO
instrumentation and runtime.

Depends on D87120 and D89629.

Differential Revision: https://reviews.llvm.org/D89086
2020-10-22 08:30:19 -07:00
Teresa Johnson
3d4bba302d [MemProf] Memory profiling runtime support
See RFC for background:
http://lists.llvm.org/pipermail/llvm-dev/2020-June/142744.html

Follow on companion to the clang/llvm instrumentation support in D85948
and committed earlier.

This patch adds the compiler-rt runtime support for the memory
profiling.

Note that much of this support was cloned from asan (and then greatly
simplified and renamed). For example the interactions with the
sanitizer_common allocators, error handling, interception, etc.

The bulk of the memory profiling specific code can be found in the
MemInfoBlock, MemInfoBlockCache, and related classes defined and used
in memprof_allocator.cpp.

For now, the memory profile is dumped to text (stderr by default, but
honors the sanitizer_common log_path flag). It is dumped in either a
default verbose format, or an optional terse format.

This patch also adds a set of tests for the core functionality.

Differential Revision: https://reviews.llvm.org/D87120
2020-10-16 09:47:02 -07:00