| Age | Commit message (Collapse) | Author |
|---|
|
Make the systemSupportsMemoryTagging() function return even on system
that don't support memory tagging. This avoids the need to always check
if memory tagging is supported before calling the function.
Modify iterateOverChunks() to call useMemoryTagging<>(Options) to
determine if mte is supported. This already uses the cached check of
systemSupportsMemoryTagging() rather than directly calling that
function.
Updated the code that calls systemSupportsMemoryTagging().
|
|
(#169008)
|
|
arguments (#152192)" (#168812)
This partially reverts #152192, keeping updated tests and
some code reordering in clang/lib/CodeGen/CGExpr.cpp.
compiler-rt/lib/ubsan_minimal/ubsan_minimal_handlers.cpp is exact revert
(with followup #152419)
We don't have a good use case for that, so revert it before we are stuck
maintaining this API.
21.x does not have this patch.
This reverts commit a1209d868632b8aea10450cd2323848ab0b6776a.
|
|
Reverts llvm/llvm-project#168643
|
|
|
|
(#163468)
Document a define to allow library developers to support disabling
AddressSanitizer's container overflow detection in template code at
compile time.
The primary motivation is to reduce false positives in environments
where
libraries and frameworks that cannot be recompiled with sanitizers
enabled
are called from application code. This supports disabling checks when
the
runtime environment cannot be reliably controlled to use ASAN_OPTIONS.
Key changes:
- Use the define `__SANITIZER_DISABLE_CONTAINER_OVERFLOW__` to disable
instrumentation at compile time
- Implemented redefining the container overflow APIs in
common_interface_defs.h
to use define to provide null implementation when define is present
- Update documentation in AddressSanitizer.rst to suggest and illustrate
use of the define
- Add details of the define in PrintContainerOverflowHint()
- Add test disable_container_overflow_checks to verify new hints on the
error and fill the testing gap that
ASAN_OPTIONS=detect_container_overflow=0
works
- Add tests demonstrating the issue around closed source libraries and
instrumented apps that both modify containers
This requires no compiler changes and should be supportable cross
compiler toolchains.
An RFC has been opened to discuss:
https://discourse.llvm.org/t/rfc-add-fsanitize-address-disable-container-overflow-flag-to-addresssanitizer/88349
|
|
|
|
Adds some general changes for supporting asan on AIX.
Issue: #138916
|
|
Post-commit fix of #164794 reported at
https://github.com/llvm/llvm-project/pull/164794#issuecomment-3536253493
`LLVM_LIBRARY_OUTPUT_INTDIR` and `LLVM_RUNTIME_OUTPUT_INTDIR` is used by
`AddLLVM.cmake` as output directories. Unless we are in a
bootstrapping-build, It must not point to directories found by
`find_package(LLVM)` which may be read-only directories. MLIR for
instance sets thesese variables to its own build output
directory, so should the runtimes.
|
|
(Reland of #161546, fixing three build and test issues)
This commit adds optimized assembly versions of single-precision float
multiplication and division. Both functions are implemented in a style
that can be assembled as either of Arm and Thumb2; for multiplication, a
separate implementation is provided for Thumb1. Also, extensive new
tests are added for multiplication and division.
These implementations can be removed from the build by defining the
cmake variable COMPILER_RT_ARM_OPTIMIZED_FP=OFF.
Outlying parts of the functionality which are not on the fast path, such
as NaN handling and underflow, are handled in helper functions written
in C. These can be shared between the Arm/Thumb2 and Thumb1
implementations, and also reused by other optimized assembly functions
we hope to add in future.
|
|
Some linux versions might not support the mlock call, so skip that part
of the test if the mlock fails.
|
|
|
|
As in title. AVX10.x doesn't distinguish between available vector
lengths.
-mattr=avx10.x-512 and defining of macros with _512 is kept for compatibility.
Bit-positions of avx10.1/2 features in compiler-rt and X86TargetParser
are synced to match those in the gcc.
|
|
ASAN and TSAN need to strip tags in order to compute the correct shadow
addresses.
rdar://163518624
|
|
2) (#167800)
This re-lands #166005, which was reverted due to the issue described in
#167797.
There are 4 small changes:
- Fix LoadedModule leak by calling Clear() on the modules list
- Fix internal_strncpy calls that are not null-terminated
- Improve test to accept the dylib being loaded from a different path
than compiled `{{.*}}[[DYLIB]]`
- strcmp => internal_strncmp
This should not be merged until after #167797.
rdar://163149325
|
|
The fixes a TOCTOU bug in the code that initializes shadow memory in
ASAN:
https://github.com/llvm/llvm-project/blob/4b05581bae0e3432cfa514788418fb2fc2144904/compiler-rt/lib/asan/asan_shadow_setup.cpp#L66-L91
1. During initialization, we call `FindDynamicShadowStart` to search the
memory mapping for enough space to dynamically allocate shadow memory.
2. We call `MemoryRangeIsAvailable(shadow_start, kHighShadowEnd);`,
which goes into `MemoryMappingLayout`.
3. We actually map the shadow with `ReserveShadowMemoryRange`.
In step 2, `MemoryMappingLayout` makes various allocations using the
internal allocator. This can cause the allocator to map more memory! In
some cases, this can actually allocate memory that overlaps with the
shadow region returned by` FindDynamicShadowStart` in step 1. This is
not actually fatal, but it memory corruption; MAP_FIXED is allowed to
overlap other regions, and the effect is any overlapping memory is
zeroed.
------
To address this, this PR implements `MemoryRangeIsAvailable` on Darwin
without any heap allocations:
- Move `IntervalsAreSeparate` into sanitizer_common.h
- Guard existing sanitizer_posix implementation of
`MemoryRangeIsAvailable` behind !SANITIZER_APPLE
- `IsAddressInMappedRegion` in sanitizer_mac becomes
`MemoryRangeIsAvailable`, which also checks for overlap with the DYLD
shared cache.
After this fix, it should be possible to re-land #166005, which
triggered this issue on the x86 iOS simulators.
rdar://164208439
|
|
If a caller has locked memory, then the madvise call will fail. In that
case, zero the memory so that we don't return non-zeroed memory for
calloc calls since we thought the memory had been released.
|
|
Reverts llvm/llvm-project#161546
One of the buildbots reported a cmake error I don't understand, and
which I didn't get in my own test builds:
```
CMake Error at /var/lib/buildbot/fuchsia-x86_64-linux/llvm-project/compiler-rt/cmake/Modules/CheckAssemblerFlag.cmake:23 (try_compile):
COMPILE_DEFINITIONS specified on a srcdir type TRY_COMPILE
```
My best guess is that the thing I did in `CheckAssemblerFlag.cmake` only
works on some versions of cmake. But I don't understand the problem well
enough to fix it quickly, so I'm reverting the whole patch and will
reland it later.
|
|
This commit adds optimized assembly versions of single-precision float
multiplication and division. Both functions are implemented in a style
that can be assembled as either of Arm and Thumb2; for multiplication, a
separate implementation is provided for Thumb1. Also, extensive new
tests are added for multiplication and division.
These implementations can be removed from the build by defining the
cmake variable COMPILER_RT_ARM_OPTIMIZED_FP=OFF.
Outlying parts of the functionality which are not on the fast path, such
as NaN handling and underflow, are handled in helper functions written
in C. These can be shared between the Arm/Thumb2 and Thumb1
implementations, and also reused by other optimized assembly functions
we hope to add in future.
|
|
This reverts parts of commit 885d7b759b5c166c07c07f4c58c6e0ba110fb0c2,
and adds verbose comments explaining all the variants of this
function, for clarity for future readers.
It turns out that those functions actually weren't misnamed or
unused after all: Apparently Clang doesn't match GCC when it comes
to what stack probe function is referenced on i386 mingw. GCC < 4.6
references a symbol named "___chkstk", with three leading underscores,
and GCC >= 4.6 references "___chkstk_ms".
Restore these functions, to allow linking object files built with
GCC with compiler-rt.
|
|
This reverts commit 1f9eff100ce8faea1284d68b779d844c6e019b77.
This is done in preparation of reverting parts of
885d7b759b5c166c07c07f4c58c6e0ba110fb0c2.
|
|
When landing 141c2b I didn't realize that none of these files actually
got built either locally or by premerge. I had some minor syntax
mistakes that caused the build to fail. This patch fixes those issues
and has been verified on a Windows machine.
|
|
These instructions show up when building asan in the premerge container
and do not on other bots, likely due to different standard library
versions.
|
|
(#167649)
Revert #166005 due to breaking x86 iOS sims
We're sometimes hitting a allocator assert when running x86 iOS sim
tests. I don't believe this PR is at fault, but there's probably a
memory safety / allocator issue somewhere which the allocation pattern
here is exposing.
|
|
Windows doesn't support `pthread_attr`, which was introduced to
asan_test.cpp in #165198, so this change `#ifdef`s out the changes made
in that PR.
Originally reported by Chrome as https://crbug.com/459880605.
|
|
Asan test `ThreadedStressStackReuseTest ` fails on AIX due to smaller
default thread stack size. Set thread stack size to a minimum of 128KB
to ensure reliable test behavior across platforms (platforms with
smaller default thread stack size).
---------
Co-authored-by: Riyaz Ahmad <riyaz.ahmad@ibm.com>
|
|
Reverts llvm/llvm-project#166860
The local static variable causes build failures.
|
|
Make the systemSupportsMemoryTagging() function return even on system
that don't support memory tagging. This avoids the need to always check
if memory tagging is supported before calling th function.
Make systemSupportsMemoryTagging() cache the getauxval return value
instead of calling the function every time.
Updated the code that calls systemSupportsMemoryTagging().
|
|
AArch64 (#140555)
For a full toolchain supporting execute-only code generation the runtime
libraries also need to be pre-compiled with it enabled. The generic
`RUNTIMES_EXECUTE_ONLY_CODE` CMake option can now be used during build
configuration to enable execute-only code generation in compiler-rt.
The build option can only be enabled for a runtimes build of
compiler-rt, because a recent version of Clang is needed to correctly
compile assembly files with execute-only code support.
Related RFC:
https://discourse.llvm.org/t/rfc-execute-only-code-support-for-runtime-libraries-on-aarch64/86180
|
|
This fixes two problems:
- dyld itself resides within the shared cache. MemoryMappingLayout
incorrectly computes the slide for dyld's segments, causing them to
(appear to) overlap with other modules. This can cause symbolication
issues.
- The MemoryMappingLayout ranges on Darwin are not disjoint due to the
fact that the LINKEDIT segments overlap for each module. We now ignore
these segments to ensure the mapping is disjoint.
This adds a check for disjointness, and a runtime warning if this is
ever violated (as that suggests issues in the sanitizer memory mapping).
There is now a test to ensure that these problems do not recur.
rdar://163149325
|
|
This will fix some symbolication failures on arm64e machines when the
symbolicator passes the (wrong) architecture string to atos.
|
|
fixes https://github.com/llvm/llvm-project/issues/164932
Signed-off-by: Kushal Pal <kushpal@qti.qualcomm.com>
Co-authored-by: Saleem Abdulrasool <compnerd@compnerd.org>
|
|
We currently do not handle errors in task_set_exc_guard_behavior. If
this fails, mmap can unexpectedly crash.
We also do not currently provide a clear warning if no external
symbolizers are found.
rdar://163798535
|
|
Currently, Scudo always returns the exact size allocated when calling
getUsableSize. This can be a performance issue where some programs will
get the usable size and do unnecessary calls to realloc since they think
there isn't enough space in the allocation. By default, usable size will
still return the exact size of the allocation.
Note that if the exact behavior is disabled and MTE is on, then the code
will still give an exact usable size.
|
|
(#166197)
…arget de…"
This reverts commit 47c54d55c9fac5ea7c87881e00f96e8c12b18174.
|
|
assumed alignment
|
|
Added a command line option to use function calls rather than inline
checks for TySan instrumentation.
|
|
The default config is too large for arm64 Android devices, which are
typically configured with 39-bit address space. This change brings it
inline with sanitizer_allocator_test.cpp.
|
|
This reverts commit 2f869c427b6c800f37147458ac03d1fa6f9ad9d3.
Breaks build on some configurations
|
|
-Wmissing-designated-field-initializers (#163401)
Currently we receive a warning when initializing a ThreadEventCallbacks
when compiling with this flag:
```
llvm-project/compiler-rt/lib/tsan/rtl/tsan_platform_mac.cpp:252:3: warning: missing field 'start' initializer [-Wmissing-designated-field-initializers]
252 | };
| ^
```
This patch explicitly initializes the missing fields to null, fixing the
warning.
rdar://162074310
|
|
Now that llvm-libc has `nextafterf128`.
|
|
(#165048)
Typed enums are c23 features and are too new to be used. This PR
restores the types in the `__processor_model` struct back to `unsigned
int`, removes typed enums, and uses the enum in the function as a
variable that's later assigned to a struct in order to prevent errors
fixed initially here: #164713
See https://github.com/llvm/llvm-project/pull/165034 for more background
|
|
|
|
Before this change, the code would scan the entire set of cached entries
to find ones to be released. Now, it uses the LRUEntries list to iterate
over the live cached entries. In addition, remove the OldestTime
variable and replace it with OldestPresentEntry which will always be the
oldest entry in the LRU that has Time non-zero.
|
|
https://github.com/llvm/llvm-project/pull/164906 converted a
-Wpointer-bool-conversion warning into a -Wtautological-pointer-compare
warning. Avoid both by using the bool cast.
|
|
The current code may trigger a compiler warning:
```
address of function 'wcsnlen' will always evaluate to 'true' [-Wpointer-bool-conversion]
```
Fix this by comparing to nullptr. The same fix is applied to strnlen for
future-proofing.
|
|
Follow up to #162028
`SANITIZER_INTERCEPT_WCSNLEN` is not defined, so `internal_wcsnlen` is
always used instead of using `REAL(wcsnlen)` if intercepted.
|
|
The `INTEL_CLEARWATERFOREST` belongs to `ProcessorTypes` enum, but it
was assigned to `Subtype` value, leading to cpu_specific/cpu_dispatch
not recognizing CWF. The type for `Subtype` and `Type` are changed to
respective enums to guard against these sort of errors in the future
|
|
This adds guards on the ptrauth feature checks so that they are only
performed if __has_feature is actually available.
|
|
c208a23643231d0b19c6f795895a16dfe6797340 added the directive
`.att_syntax` when building for x86 architectures. However, when
building for arm64ec (a Windows target, for an ABI compatible with
x86_64), the defines for `__x86_64__` (and similar ones like
`__amd64__`) are still defined, so we need to check for `__arm64ec__`
here as well to skip it for such targets.
This matches similar existing ifdefs for x86_64/aarch64 in compiler-rt
builtins.
|
