Summary:
This change change the instrumentation to allow users to view the registers at the point at which tag mismatch occured. Most of the heavy lifting is done in the runtime library, where we save the registers to the stack and emit unwind information. This allows us to reduce the overhead, as very little additional work needs to be done in each __hwasan_check instance.
In this implementation, the fast path of __hwasan_check is unmodified. There are an additional 4 instructions (16B) emitted in the slow path in every __hwasan_check instance. This may increase binary size somewhat, but as most of the work is done in the runtime library, it's manageable.
The failure trace now contains a list of registers at the point of which the failure occured, in a format similar to that of Android's tombstones. It currently has the following format:
Registers where the failure occurred (pc 0x0055555561b4):
x0 0000000000000014 x1 0000007ffffff6c0 x2 1100007ffffff6d0 x3 12000056ffffe025
x4 0000007fff800000 x5 0000000000000014 x6 0000007fff800000 x7 0000000000000001
x8 12000056ffffe020 x9 0200007700000000 x10 0200007700000000 x11 0000000000000000
x12 0000007fffffdde0 x13 0000000000000000 x14 02b65b01f7a97490 x15 0000000000000000
x16 0000007fb77376b8 x17 0000000000000012 x18 0000007fb7ed6000 x19 0000005555556078
x20 0000007ffffff768 x21 0000007ffffff778 x22 0000000000000001 x23 0000000000000000
x24 0000000000000000 x25 0000000000000000 x26 0000000000000000 x27 0000000000000000
x28 0000000000000000 x29 0000007ffffff6f0 x30 00000055555561b4
... and prints after the dump of memory tags around the buggy address.
Every register is saved exactly as it was at the point where the tag mismatch occurs, with the exception of x16/x17. These registers are used in the tag mismatch calculation as scratch registers during __hwasan_check, and cannot be saved without affecting the fast path. As these registers are designated as scratch registers for linking, there should be no important information in them that could aid in debugging.
Reviewers: pcc, eugenis
Reviewed By: pcc, eugenis
Subscribers: srhines, kubamracek, mgorny, javed.absar, krytarowski, kristof.beyls, hiraditya, jdoerfert, llvm-commits, #sanitizers
Tags: #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D58857
llvm-svn: 355738
On Linux (and other non-Darwin platforms) we need to initialize
interceptors. Since tsan_libdispatch.cc is compiled optionally, add a
weak default implementation of `InitializeLibdispatchInterceptors`.
Reviewed By: dvyukov
Differential Revision: https://reviews.llvm.org/D59113
llvm-svn: 355717
r355343 was landed and was reverted in r355363 due to build breakage.
This patch adds Linux/Windows support on top of r355343.
In this patch, Darwin should be working with testing case. Linux should be working,
I will enable the testing case in a follwup diff. Windows/Other should be building.
Correct implementation for Other platforms will be added.
Thanks David for reviewing the original diff, helping me with issues on Linux, and
giving suggestions for adding support for Other platforms.
llvm-svn: 355701
Summary:
This adds simple local & global stats classes to be used by the Primary
and Secondary, and associated test. Note that we don't need the strict
atomicity of the addition & subtraction (as is in sanitizer_common) so
we just use load & store.
Reviewers: morehouse, vitalybuka, eugenis, flowerhack, dmmoore415
Reviewed By: morehouse, vitalybuka
Subscribers: mgorny, delcypher, jfb, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D59031
llvm-svn: 355643
Summary:
ShadowCallStack on x86_64 suffered from the same racy security issues as
Return Flow Guard and had performance overhead as high as 13% depending
on the benchmark. x86_64 ShadowCallStack was always an experimental
feature and never shipped a runtime required to support it, as such
there are no expected downstream users.
Reviewers: pcc
Reviewed By: pcc
Subscribers: mgorny, javed.absar, hiraditya, jdoerfert, cfe-commits, #sanitizers, llvm-commits
Tags: #clang, #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D59034
llvm-svn: 355624
Most libdispatch functions come in two variants: callbacks can be
specified via blocks or function pointers. Some of our interceptors for
the block variant actually forward to the function variant. However, on
Linux, `DECLARE_REAL(name)` has to appear before `REAL(name)`.
This patch reorders _f variant interceptors before _b variants
where possible and forward declares the _f variant in the remaining
cases (cyclic dependency between _f and _b interceptors).
Also rename macro to DISPATCH_INTERCEPT_ASYNC_F for better consistency.
Reviewed By: dvyukov
Differential Revision: https://reviews.llvm.org/D59067
llvm-svn: 355619
Add new sets of tests (copy instead of move existing tests) because
there could be subtle differences between C/Obj-C and with/without
Foundation etc.
Reviewed By: dvyukov
Differential Revision: https://reviews.llvm.org/D59047
llvm-svn: 355618
This is a new attempt for bringing TSan libdispatch support to Linux.
The main issue with the last patch (https://reviews.llvm.org/D53171) was
that we want to avoid building a separate library.
The updated plan is as follows:
1) Hide libdispatch support behind a flag: true on Darwin, false
elsewhere. If flag is specified, assume that libdispatch header and
-flbocks is available for building. This way we can directly include
the libdispatch header and rely on blocks runtime for our
implementation.
2) Optionally/weakly intercept libdispatch API functions.
This patch accomplishes 1). It compiles (without the flag enabled) on
Linux. Follow-up patches will provide 2) and enabling of tests on Linux.
Reviewed By: dvyukov
Differential Revision: https://reviews.llvm.org/D58935
llvm-svn: 355538
Summary:
The bytemap classes will be used by the primary32 allocator to associate
classes with memory regions. It's similar to the sanitizer_common one
except for the fact that the base (level1) maps are mapped instead of
being static to reduce the memory footprint of an uninitialized allocator.
Reviewers: vitalybuka, eugenis, morehouse, flowerhack, dmmoore415, mcgrathr
Reviewed By: vitalybuka, morehouse
Subscribers: mgorny, delcypher, jfb, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D58723
llvm-svn: 355416
The TraceLoggingProvider.h header does work with clang-cl in general
these days with Win SDK 10.0.17763.0, but when compiled in 32 bit x86
mode, with the -Z7 flag, compilation fails with the following error:
fatal error: error in backend: assembler label '' can not be undefined
With older Win SDKs, there are other build failures (regardless of
architecture or the -Z7 flag).
Differential Revision: https://reviews.llvm.org/D58958
llvm-svn: 355397
Cleanup ASan's __sanitizer::BufferedStackTrace::UnwindImpl (formerly
GetStackTrace) implementation. Start with ASan because it is the most
complex implementation.
GetStackTrace implementations seem to have started out as exact copies
of the original implementation in ASan, but have diverged in subtle
ways. My goal is to parameterize this algorithm (via templating or
callbacks) so we can share the implementation and get rid of the
inversed dependency (sanitizer_common depends on concrete
implementations in asan, ubsan, etc.). This should also help us to avoid
those pesky linker errors caused by undefined, duplicate, and weak
symbols on Windows.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D58861
llvm-svn: 355355
Summary:
They simply shuffle bits. MSan needs to do the same with shadow bits,
after making sure that the shuffle mask is fully initialized.
Reviewers: pcc, vitalybuka
Subscribers: hiraditya, #sanitizers, llvm-commits
Tags: #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D58858
llvm-svn: 355348
Summary:
The current install-clang-headers target installs clang's resource
directory headers. This is different from the install-llvm-headers
target, which installs LLVM's API headers. We want to introduce the
corresponding target to clang, and the natural name for that new target
would be install-clang-headers. Rename the existing target to
install-clang-resource-headers to free up the install-clang-headers name
for the new target, following the discussion on cfe-dev [1].
I didn't find any bots on zorg referencing install-clang-headers. I'll
send out another PSA to cfe-dev to accompany this rename.
[1] http://lists.llvm.org/pipermail/cfe-dev/2019-February/061365.html
Reviewers: beanz, phosek, tstellar, rnk, dim, serge-sans-paille
Subscribers: mgorny, javed.absar, jdoerfert, #sanitizers, openmp-commits, lldb-commits, cfe-commits, llvm-commits
Tags: #clang, #sanitizers, #lldb, #openmp, #llvm
Differential Revision: https://reviews.llvm.org/D58791
llvm-svn: 355340
Breaks TSan on Mac, which does
return REAL(func)(...
in COMMON_INTERCEPTOR_ENTER, which is not OK when REAL(func) has return
type of void.
llvm-svn: 355256
macOS has implementation of LogFullErrorReport and
INLINE void LogFullErrorReport(const char *buffer) {}
was causing
> compiler-rt/lib/sanitizer_common/sanitizer_mac.cc:658:6: error: redefinition of 'LogFullErrorReport'
Fixup for r355236.
rdar://problem/48526020
llvm-svn: 355244
Replace remaining uses of old Unwind API in unit tests.
Allows us to remove the old API and WillUseFastUnwind can be made
private.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D58754
llvm-svn: 355242
Building compiler-rt standalone outside of the main llvm
tree is supported, and in this case, the llvm cmake modules
are unavailable. (And even if they are available, it requires
including LLVMProcessSources.cmake, which currently isn't
included.)
This fixes building compiler-rt standalone with MSVC/clang-cl.
Differential Revision: https://reviews.llvm.org/D58767
llvm-svn: 355237
mingw-w64 currently is lacking the headers for this feature.
Make the include lowercase at the same time. We consistently
use lowercase for windows header includes, as windows itself is
case insensitive, the SDK headers (in general, not necessarily
considering this particular header) aren't consistent among themselves
about what the proper canonical capitalization for headers are,
and MinGW uses all lowercase names for the headers (as it is often
used on case sensitive filesystems).
In case mingw-w64 later gets this header, we can revert this
(but keep the include lowercased).
Differential Revision: https://reviews.llvm.org/D58765
llvm-svn: 355236
GetStackTrace is a implementation detail of BufferedStackTrace. Make it
a private method.
Reviewed By: vitalybuka
Differential-Revision: https://reviews.llvm.org/D58753
llvm-svn: 355232
Mitch Phillips