This is an archive of the discontinued LLVM Phabricator instance.

test/lsan/TestCases/swapcontext.cc
7	The point here is that this test fails on arm with SIGBUS due to child_stack is unaligned: bash-3.2# LSAN_OPTIONS=log_pointers=1 /build/llvm/projects/compiler-rt/test/lsan/ARMLsanConfig/TestCases/Output/swapcontext.cc.tmp fooChild stack: 0x7e9ee5f3 Bus error I can align it manually or use malloc/aligned_alloc instead of new[] to avoid the issue.

Updating according to Yura's nits.

rengolin edited edge metadata.Feb 6 2017, 10:48 AM

This comment was removed by rengolin.

You seem to be enabling it on soft and hard float. Did you test on both environments? What type of hardware did you test this?

lib/sanitizer_common/sanitizer_linux.cc
1269	This sequence doesn't coincide with the order of parameters above, and can lead to unexpected results. Why do you need to reserve the registers in this code at all?

ygribov added inline comments.Feb 6 2017, 11:13 AM

lib/sanitizer_common/sanitizer_linux.cc
1269	Why should it? The sole purpose of register annotations is to pass arguments to swi call below.

rengolin added inline comments.Feb 6 2017, 1:37 PM

lib/sanitizer_common/sanitizer_linux.cc
1269	Right, I just realised the compiler will do the necessary moves. This code is really opaque, can you add some comments like the ones above?
1284	If this is ARMv4T and no interwork, this will fail, as `blx` was introduced in ARMv5. Check `compiler-rt/lib/builtins/assembly.h` for more info on the multiple ways to return.

ygribov added inline comments.Feb 6 2017, 9:55 PM

lib/sanitizer_common/sanitizer_linux.cc
1269	Note that that's how it's done for other cores, including AArch64. All comments is given for x86 internal_clone implementation above (it basically says that this hairy code is inspired by Glibc clone implementation).

Updating with a little bit more comments.

In D29586#668050, @rengolin wrote:

You seem to be enabling it on soft and hard float. Did you test on both environments? What type of hardware did you test this?

I've tested the patch on two configurations:

Linaro Ubuntu 14.04 (Trusty) on Arndale board. It's a hard float system, right?
I've built a softfp sysroot and tested the patch there on the same Arndale board (just chrooted to new root).

m.ostapenko added inline comments.Feb 7 2017, 12:37 AM

lib/sanitizer_common/sanitizer_linux.cc
1269	Yeah, the reason we have all that stuff is explained in x86_64 port. Anyway, I've added several comments to inline asm to improve readability. Looks better now?
1284	Ah, OK, thanks. Fixed now.

zatrazz added inline comments.Feb 7 2017, 12:16 PM

lib/sanitizer_common/sanitizer_linux.cc
1315	I think you could simplify to just: #ifdef ARCH_HAS_BX # ifdef ARCH_HAS_BLX # define BLX(R) "blx " #R # else # define BLX(R) "mov lr, pc; bx" #R # endif #else # define BLX(R) "mov lr, pc; mov pc," #R #endif And then on inline assembly just call BLX(ip).
lib/sanitizer_common/sanitizer_linux_libcdep.cc
249	This is not what I am seeing on my environment: 2.25 - 1216 2.24 - 1216 2.23 - 1216 2.22 - 1120 2.21 - 1120 2.20 - 1120 The 2.22 to 2.23 change (cause by 3e2ee6f0e3471ce commit) removed HAVE_FORCED_UNWIND and thus 'struct pthread' adds a 'struct _Unwind_Exception' regardless if architecture defined or not HAVE_FORCED_UNWIND.

m.ostapenko updated this revision to Diff 87612.Feb 8 2017, 1:25 AM

m.ostapenko added inline comments.Feb 8 2017, 1:28 AM

lib/sanitizer_common/sanitizer_linux_libcdep.cc
202	I don't really like this change . Perhaps we can create some white list of terminator symbols, or just drop the check?
249	Oh, my bad, should be fixed.

In D29586#668769, @m.ostapenko wrote:

In D29586#668050, @rengolin wrote:

You seem to be enabling it on soft and hard float. Did you test on both environments? What type of hardware did you test this?

I've tested the patch on two configurations:

Linaro Ubuntu 14.04 (Trusty) on Arndale board. It's a hard float system, right?

Oh, things become more complicated... I see many test failures with host GCC 4.8 because fast unwinder failed to get backtraces for mallocs. This happens because __interceptor_malloc, compiled by GCC 4.8, didn't properly save frame pointer register:

00000000 <__interceptor_malloc>:
   0:   e92d 47f0       stmdb   sp!, {r4, r5, r6, r7, r8, r9, sl, lr}
   4:   f5ad 6d85       sub.w   sp, sp, #1064   ; 0x428
   8:   4d29            ldr     r5, [pc, #164]  ; (b0 <__interceptor_malloc+0xb0>)
   a:   4b2a            ldr     r3, [pc, #168]  ; (b4 <__interceptor_malloc+0xb4>)
   c:   af04            add     r7, sp, #16
   e:   447d            add     r5, pc

But if compile with clang (3.3, 3.5 or trunk) or GCC 4.9, the fp is saved properly:

00000000 <__interceptor_malloc>:
   0:   e92d4ff0        push    {r4, r5, r6, r7, r8, r9, sl, fp, lr}
   4:   e28db01c        add     fp, sp, #28
   8:   e24dd024        sub     sp, sp, #36     ; 0x24
   c:   e24ddb01        sub     sp, sp, #1024   ; 0x400
  10:   e1a08000        mov     r8, r0

So, it seems that LSan's operability depends on what compiler is used to build it :(.

In D29586#672157, @m.ostapenko wrote:
In D29586#668769, @m.ostapenko wrote:

In D29586#668050, @rengolin wrote:

You seem to be enabling it on soft and hard float. Did you test on both environments? What type of hardware did you test this?

I've tested the patch on two configurations:

Linaro Ubuntu 14.04 (Trusty) on Arndale board. It's a hard float system, right?

Oh, things become more complicated... I see many test failures with host GCC 4.8 because fast unwinder failed to get backtraces for mallocs. This happens because __interceptor_malloc, compiled by GCC 4.8, didn't properly save frame pointer register:
00000000 <__interceptor_malloc>:
   0:   e92d 47f0       stmdb   sp!, {r4, r5, r6, r7, r8, r9, sl, lr}
   4:   f5ad 6d85       sub.w   sp, sp, #1064   ; 0x428
   8:   4d29            ldr     r5, [pc, #164]  ; (b0 <__interceptor_malloc+0xb0>)
   a:   4b2a            ldr     r3, [pc, #168]  ; (b4 <__interceptor_malloc+0xb4>)
   c:   af04            add     r7, sp, #16
   e:   447d            add     r5, pc
But if compile with clang (3.3, 3.5 or trunk) or GCC 4.9, the fp is saved properly:
00000000 <__interceptor_malloc>:
   0:   e92d4ff0        push    {r4, r5, r6, r7, r8, r9, sl, fp, lr}
   4:   e28db01c        add     fp, sp, #28
   8:   e24dd024        sub     sp, sp, #36     ; 0x24
   c:   e24ddb01        sub     sp, sp, #1024   ; 0x400
  10:   e1a08000        mov     r8, r0
So, it seems that LSan's operability depends on what compiler is used to build it :(.

It is a know issue [1] [2] and in fact it a little more complicated, it depends on the flags used as well:
if you mix thumb and arm code fast unwinder won't work. I am not sure which option would be better,
but I am afraid to get a reliable stacktrack on arm (with mixed objects and function built with different compilers)
we will need to use a external unwinder (maybe libunwinder). But it will have the side-effect of making
backtrace way slower.

[1] https://llvm.org/bugs/show_bug.cgi?id=22741
[2] https://llvm.org/bugs/show_bug.cgi?id=18505

In D29586#672380, @zatrazz wrote:
In D29586#672157, @m.ostapenko wrote:
In D29586#668769, @m.ostapenko wrote:

In D29586#668050, @rengolin wrote:

You seem to be enabling it on soft and hard float. Did you test on both environments? What type of hardware did you test this?

I've tested the patch on two configurations:

Linaro Ubuntu 14.04 (Trusty) on Arndale board. It's a hard float system, right?

Oh, things become more complicated... I see many test failures with host GCC 4.8 because fast unwinder failed to get backtraces for mallocs. This happens because __interceptor_malloc, compiled by GCC 4.8, didn't properly save frame pointer register:
00000000 <__interceptor_malloc>:
   0:   e92d 47f0       stmdb   sp!, {r4, r5, r6, r7, r8, r9, sl, lr}
   4:   f5ad 6d85       sub.w   sp, sp, #1064   ; 0x428
   8:   4d29            ldr     r5, [pc, #164]  ; (b0 <__interceptor_malloc+0xb0>)
   a:   4b2a            ldr     r3, [pc, #168]  ; (b4 <__interceptor_malloc+0xb4>)
   c:   af04            add     r7, sp, #16
   e:   447d            add     r5, pc
But if compile with clang (3.3, 3.5 or trunk) or GCC 4.9, the fp is saved properly:
00000000 <__interceptor_malloc>:
   0:   e92d4ff0        push    {r4, r5, r6, r7, r8, r9, sl, fp, lr}
   4:   e28db01c        add     fp, sp, #28
   8:   e24dd024        sub     sp, sp, #36     ; 0x24
   c:   e24ddb01        sub     sp, sp, #1024   ; 0x400
  10:   e1a08000        mov     r8, r0
So, it seems that LSan's operability depends on what compiler is used to build it :(.
It is a know issue [1] [2] and in fact it a little more complicated, it depends on the flags used as well:
if you mix thumb and arm code fast unwinder won't work. I am not sure which option would be better,
but I am afraid to get a reliable stacktrack on arm (with mixed objects and function built with different compilers)
we will need to use a external unwinder (maybe libunwinder). But it will have the side-effect of making
backtrace way slower.

[1] https://llvm.org/bugs/show_bug.cgi?id=22741
[2] https://llvm.org/bugs/show_bug.cgi?id=18505

Right, but I thought it affects only Thumb (that might be mixed with arm) but it seems that even arm mode is affected depending on GCC version. This complicates enabling tests on arm targets, but still, It would be nice to have LSan available on arm.

In D29586#672507, @m.ostapenko wrote:

In D29586#672380, @zatrazz wrote:

In D29586#672157, @m.ostapenko wrote:

So, it seems that LSan's operability depends on what compiler is used to build it :(.

It is a know issue [1] [2] and in fact it a little more complicated, it depends on the flags used as well:
if you mix thumb and arm code fast unwinder won't work. I am not sure which option would be better,
but I am afraid to get a reliable stacktrack on arm (with mixed objects and function built with different compilers)
we will need to use a external unwinder (maybe libunwinder). But it will have the side-effect of making
backtrace way slower.

[1] https://llvm.org/bugs/show_bug.cgi?id=22741
[2] https://llvm.org/bugs/show_bug.cgi?id=18505

Right, but I thought it affects only Thumb (that might be mixed with arm) but it seems that even arm mode is affected depending on GCC version. This complicates enabling tests on arm targets, but still, It would be nice to have LSan available on arm.

My only concern is what kind of information user will see when potentially use with different libraries and systems.
We can constrain testing on a working environment, but it does not help when real usercase won't get meaningful
stacktraces.

Other projects usually rely on dwarf CFI for get arm stacktraces (valgrind, glibc) and I think we might need to actually
use it or rely on external libraries for arm (libunwind, etc.). Valgrind even tries to add some instructions scanning
to get around the thumb issues (coregrind/m_stacktrace.c) but it even states that it results in bad output.

One option would be to enable lsan as is and try to improve sanitizer stacktrace on arm
(lib/sanitizer_common/sanitizer_stacktrace.cc).

In D29586#675262, @zatrazz wrote:

In D29586#672507, @m.ostapenko wrote:

In D29586#672380, @zatrazz wrote:

In D29586#672157, @m.ostapenko wrote:

So, it seems that LSan's operability depends on what compiler is used to build it :(.

It is a know issue [1] [2] and in fact it a little more complicated, it depends on the flags used as well:
if you mix thumb and arm code fast unwinder won't work. I am not sure which option would be better,
but I am afraid to get a reliable stacktrack on arm (with mixed objects and function built with different compilers)
we will need to use a external unwinder (maybe libunwinder). But it will have the side-effect of making
backtrace way slower.

[1] https://llvm.org/bugs/show_bug.cgi?id=22741
[2] https://llvm.org/bugs/show_bug.cgi?id=18505

Right, but I thought it affects only Thumb (that might be mixed with arm) but it seems that even arm mode is affected depending on GCC version. This complicates enabling tests on arm targets, but still, It would be nice to have LSan available on arm.

My only concern is what kind of information user will see when potentially use with different libraries and systems.
We can constrain testing on a working environment, but it does not help when real usercase won't get meaningful
stacktraces.

Yeah, users will need to compile all their code with -marm -fno-omit-frame-pointer to get stacktraces (ASan would benefit from this too) or use slow unwinder with small context (e.g. 5) but this would significantly slow down application under test.

Other projects usually rely on dwarf CFI for get arm stacktraces (valgrind, glibc) and I think we might need to actually
use it or rely on external libraries for arm (libunwind, etc.). Valgrind even tries to add some instructions scanning
to get around the thumb issues (coregrind/m_stacktrace.c) but it even states that it results in bad output.

One option would be to enable lsan as is and try to improve sanitizer stacktrace on arm
(lib/sanitizer_common/sanitizer_stacktrace.cc).

Perhaps we can enable slow unwinder for LSan tests on ARM (compile with -funwind-tables and run with 'fast_unwind_on_malloc=false')? This would make almost all tests pass except few ones (e.g. use_tls_pthread_specific_dynamic.cc) where slow unwinder might be unable to get caller PC (e.g. from libpthread.so).

Updating. I've enabled slow unwinder for LSan tests on ARM to make them pass regardless of arm/thumb mode and compiler that was used to build LSan runtime.

In D29586#677564, @m.ostapenko wrote:

Updating. I've enabled slow unwinder for LSan tests on ARM to make them pass regardless of arm/thumb mode and compiler that was used to build LSan runtime.

That's pretty bad.
Yes, the tests will pass, but the tool will be utterly useless in real life. Slow unwinder is just too slow.
And setting fast_unwind_on_malloc=false in the test config means we are not testing what the users are going to use.

In D29586#679101, @kcc wrote:

In D29586#677564, @m.ostapenko wrote:

Updating. I've enabled slow unwinder for LSan tests on ARM to make them pass regardless of arm/thumb mode and compiler that was used to build LSan runtime.

That's pretty bad.
Yes, the tests will pass, but the tool will be utterly useless in real life. Slow unwinder is just too slow.
And setting fast_unwind_on_malloc=false in the test config means we are not testing what the users are going to use.

I agree. ARM ABI is pretty bad -- in thumb mode we can't use fast unwinder because of known reasons, but I really don't know how can we reliably run LSAN tests on Arm without enabling slow unwinder. In any case, I cannot push these changes -- you are the code owner after all, but even with slow unwinder we got pretty fine results on our distributiive. Is there any way how we can enable LSAN for Arm?

One option is to force libasan and tests to compile to ARM (via -marm switch) which is known to work. I think common understanding is that fast unwinder is unfixable in Thumb mode.

lib/sanitizer_common/sanitizer_linux_libcdep.cc
202	Or just !isalpha(*end)?

BTW how is the situation different from Asan? Fast unwinder should have _exactly_ same problems there but I guess just decided to live with them.

In D29586#679736, @ygribov wrote:

BTW how is the situation different from Asan? Fast unwinder should have _exactly_ same problems there but I guess just decided to live with them.

As far as I can see, ASan tests that rely on fast unwinder are just disabled on ARM (e.g. use-after-free.cc) via REQUIRES: stable-runtime.

In D29586#679711, @ygribov wrote:

One option is to force libasan and tests to compile to ARM (via -marm switch) which is known to work. I think common understanding is that fast unwinder is unfixable in Thumb mode.

I'm afraid this isn't enough, consider two following cases:

If LSan itself is compiled with Thumb fast unwinder would be unable to leave first frame.
Likewise, if LSan is compiled with GCC 4.8, fast unwinder would be unable to leave first frame due to __interceptor_malloc's frame doesn't contain saved fp (see objdump output several comments above).

Disabling slow unwinder in tests.
Still, if compile LSan with thumb, the whole LSan testsuite would fail. Can we somehow disable it on thumb targets? E.g. check for '-mthumb' flag into lit configs and enable/disable tests accordingly?

E.g. check for '-mthumb' flag into lit configs and enable/disable tests accordingly?

Something like REQUIRES: fast-unwinder-works.

Rebased. I've also disabled LSan tests on Thumb targets filtering them out by presence of -mthumb flag.

Gentle ping. Is there any chance that LSan for ARM will be accepted?

Aleksey is looking at lsan now, hopefully he can help review this.

Rebased. Gentle reminder.

Rebased. Ping.

I have no further comments and defer lgtm to folks who know something about the unwinder stuff.

lib/lsan/lsan_common.h
149	IsItaniumABIArrayCookie
160	IsARMABIArrayCookie
lib/sanitizer_common/sanitizer_linux.cc
1265	Isn't stack 4 bytes aligned on arm32?
1293	Why do we push them to stack? Aren't all the params for swi passed in registers?

Updating according to Aleksey's comments.

Going back to the issue with interceptor_malloc not saving FP when built with GCC. In clang a function using builtin_frame_address(0) automatically gets a proper frame pointer. As far as I can see, arm-gcc in the android ndk (version 4.9) behaves the same way on a simple test case. Is that some new optimization where a frame address is computed on the fly?

lib/sanitizer_common/sanitizer_linux_libcdep.cc
202	what exactly are we trying to avoid here? Something like 1.2abc ? This is where is comes from: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60038
test/lsan/TestCases/swapcontext.cc
28	should it not be 16 for x86_64?

In D29586#718621, @eugenis wrote:

Going back to the issue with interceptor_malloc not saving FP when built with GCC. In clang a function using builtin_frame_address(0) automatically gets a proper frame pointer. As far as I can see, arm-gcc in the android ndk (version 4.9) behaves the same way on a simple test case. Is that some new optimization where a frame address is computed on the fly?

No, I just missed that GCC 4.8 emits thumb code by default on my Linaro Ubuntu 14.04 (configured with --with-mode=thumb switch). Passing -marm resolves the issue.

lib/sanitizer_common/sanitizer_linux_libcdep.cc
202	Yeah, just filter out "strange" Glibc configurations.
test/lsan/TestCases/swapcontext.cc
28	Yeah, x86_64 needs 16 here (not sure why did this work on my x86_64 box, perhaps my machine we OK with unaligned access).

LGTM with the aligned(16) change

test/lsan/TestCases/swapcontext.cc
28	This only matters for some sse instructions which can appear out of thin air, like an inlined memcpy of a stack-allocated buffer. I guess it did not happen in you case. Still, better be safe.

This revision is now accepted and ready to land.Apr 5 2017, 1:33 PM

Closed by commit rL299923: [lsan] Enable LSan for arm Linux (authored by chefmax). · Explain WhyApr 11 2017, 1:26 AM

This revision was automatically updated to reflect the committed changes.

This breaks bootstrap builds. I put the error message in the revert commit description: http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20170410/444101.html

In D29586#723623, @thakis wrote:

This breaks bootstrap builds. I put the error message in the revert commit description: http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20170410/444101.html

Yeeks, sorry about this. The problem seems to be here (missing space between bx and #R):

#  define BLX(R) "mov lr, pc; bx" #R "\n"

I'll re-land the patch with this fix.

Revision Contents

Path

Size

cmake/

config-ix.cmake

2 lines

lib/

asan/

tests/

asan_test.cc

8 lines

lsan/

lsan_allocator.cc

5 lines

lsan_common.h

33 lines

sanitizer_common/

sanitizer_linux.h

3 lines

sanitizer_linux.cc

61 lines

sanitizer_linux_libcdep.cc

16 lines

sanitizer_platform.h

6 lines

sanitizer_stoptheworld_linux_libcdep.cc

5 lines

test/

asan/

TestCases/

Linux/

clang_gcc_abi.cc

2 lines

lit.cfg

5 lines

lsan/

TestCases/

large_allocation_leak.cc

2 lines

swapcontext.cc

8 lines

use_registers.cc

5 lines

lit.common.cfg

7 lines

sanitizer_common/

print_address.h

2 lines

Diff 93117

cmake/config-ix.cmake

	Show First 20 Lines • Show All 165 Lines • ▼ Show 20 Lines
	set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64})			set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64})

	# Darwin does not support 32-bit thread-local storage on ios versions			# Darwin does not support 32-bit thread-local storage on ios versions
	# below 9.0. Until the min ios version is bumped to 9.0, lsan will			# below 9.0. Until the min ios version is bumped to 9.0, lsan will
	# not build for 32-bit darwin targets.			# not build for 32-bit darwin targets.
	if(APPLE)			if(APPLE)
	set(ALL_LSAN_SUPPORTED_ARCH ${X86_64} ${ARM64})			set(ALL_LSAN_SUPPORTED_ARCH ${X86_64} ${ARM64})
	else()			else()
	set(ALL_LSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${MIPS64} ${ARM64})			set(ALL_LSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${MIPS64} ${ARM64} ${ARM32})
	endif()			endif()
	set(ALL_MSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${PPC64})			set(ALL_MSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${PPC64})
	set(ALL_PROFILE_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${PPC64}			set(ALL_PROFILE_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${PPC64}
	${MIPS32} ${MIPS64} ${S390X})			${MIPS32} ${MIPS64} ${S390X})
	set(ALL_TSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${PPC64})			set(ALL_TSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${PPC64})
	set(ALL_UBSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64}			set(ALL_UBSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64}
	${MIPS32} ${MIPS64} ${PPC64} ${S390X})			${MIPS32} ${MIPS64} ${PPC64} ${S390X})
	set(ALL_SAFESTACK_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM64} ${MIPS32} ${MIPS64})			set(ALL_SAFESTACK_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM64} ${MIPS32} ${MIPS64})
	▲ Show 20 Lines • Show All 374 Lines • Show Last 20 Lines

lib/asan/tests/asan_test.cc

Show First 20 Lines • Show All 678 Lines • ▼ Show 20 Lines	void ThreadStackReuseFunc1(void unused) {
return 0;		return 0;
}		}

void ThreadStackReuseFunc2(void unused) {		void ThreadStackReuseFunc2(void unused) {
TouchStackFunc();		TouchStackFunc();
return 0;		return 0;
}		}

		#if !defined(__thumb__)
TEST(AddressSanitizer, ThreadStackReuseTest) {		TEST(AddressSanitizer, ThreadStackReuseTest) {
pthread_t t;		pthread_t t;
PTHREAD_CREATE(&t, 0, ThreadStackReuseFunc1, 0);		PTHREAD_CREATE(&t, 0, ThreadStackReuseFunc1, 0);
PTHREAD_JOIN(t, 0);		PTHREAD_JOIN(t, 0);
PTHREAD_CREATE(&t, 0, ThreadStackReuseFunc2, 0);		PTHREAD_CREATE(&t, 0, ThreadStackReuseFunc2, 0);
PTHREAD_JOIN(t, 0);		PTHREAD_JOIN(t, 0);
}		}
		#endif

#if defined(__SSE2__)		#if defined(__SSE2__)
#include <emmintrin.h>		#include <emmintrin.h>
TEST(AddressSanitizer, Store128Test) {		TEST(AddressSanitizer, Store128Test) {
char a = Ident((char)malloc(Ident(12)));		char a = Ident((char)malloc(Ident(12)));
char *p = a;		char *p = a;
if (((uintptr_t)a % 16) != 0)		if (((uintptr_t)a % 16) != 0)
p = a + 8;		p = a + 8;
▲ Show 20 Lines • Show All 383 Lines • ▼ Show 20 Lines	TEST(AddressSanitizer, ThreadedStressStackReuseTest) {
for (int i = 0; i < kNumThreads; i++) {		for (int i = 0; i < kNumThreads; i++) {
PTHREAD_CREATE(&t[i], 0, (void* ()(void x))LotsOfStackReuse, 0);		PTHREAD_CREATE(&t[i], 0, (void* ()(void x))LotsOfStackReuse, 0);
}		}
for (int i = 0; i < kNumThreads; i++) {		for (int i = 0; i < kNumThreads; i++) {
PTHREAD_JOIN(t[i], 0);		PTHREAD_JOIN(t[i], 0);
}		}
}		}

		// pthread_exit tries to perform unwinding stuff that leads to dlopen'ing
		// libgcc_s.so. dlopen in its turn calls malloc to store "libgcc_s.so" string
		// that confuses LSan on Thumb because it fails to understand that this
		// allocation happens in dynamic linker and should be ignored.
		#if !defined(__thumb__)
static void PthreadExit(void a) {		static void PthreadExit(void a) {
pthread_exit(0);		pthread_exit(0);
return 0;		return 0;
}		}

TEST(AddressSanitizer, PthreadExitTest) {		TEST(AddressSanitizer, PthreadExitTest) {
pthread_t t;		pthread_t t;
for (int i = 0; i < 1000; i++) {		for (int i = 0; i < 1000; i++) {
PTHREAD_CREATE(&t, 0, PthreadExit, 0);		PTHREAD_CREATE(&t, 0, PthreadExit, 0);
PTHREAD_JOIN(t, 0);		PTHREAD_JOIN(t, 0);
}		}
}		}
		#endif

// FIXME: Why does clang-cl define __EXCEPTIONS?		// FIXME: Why does clang-cl define __EXCEPTIONS?
#if defined(__EXCEPTIONS) && !defined(_WIN32)		#if defined(__EXCEPTIONS) && !defined(_WIN32)
NOINLINE static void StackReuseAndException() {		NOINLINE static void StackReuseAndException() {
int large_stack[1000];		int large_stack[1000];
Ident(large_stack);		Ident(large_stack);
ASAN_THROW(1);		ASAN_THROW(1);
}		}
▲ Show 20 Lines • Show All 216 Lines • Show Last 20 Lines

lib/lsan/lsan_allocator.cc

Show All 31 Lines	#if SANITIZER_WORDSIZE == 64
uptr requested_size : 54;		uptr requested_size : 54;
#else		#else
uptr requested_size : 32;		uptr requested_size : 32;
uptr padding : 22;		uptr padding : 22;
#endif		#endif
u32 stack_trace_id;		u32 stack_trace_id;
};		};

#if defined(__mips64) \|\| defined(__aarch64__) \|\| defined(__i386__)		#if defined(__mips64) \|\| defined(__aarch64__) \|\| defined(__i386__) \|\| \
#if defined(__i386__)		defined(__arm__)
		#if defined(__i386__) \|\| defined(__arm__)
static const uptr kMaxAllowedMallocSize = 1UL << 30;		static const uptr kMaxAllowedMallocSize = 1UL << 30;
#else		#else
static const uptr kMaxAllowedMallocSize = 4UL << 30;		static const uptr kMaxAllowedMallocSize = 4UL << 30;
#endif		#endif
static const uptr kRegionSizeLog = 20;		static const uptr kRegionSizeLog = 20;
static const uptr kNumRegions = SANITIZER_MMAP_RANGE_SIZE >> kRegionSizeLog;		static const uptr kNumRegions = SANITIZER_MMAP_RANGE_SIZE >> kRegionSizeLog;
typedef TwoLevelByteMap<(kNumRegions >> 12), 1 << 12> ByteMap;		typedef TwoLevelByteMap<(kNumRegions >> 12), 1 << 12> ByteMap;
typedef CompactSizeClassMap SizeClassMap;		typedef CompactSizeClassMap SizeClassMap;
▲ Show 20 Lines • Show All 235 Lines • Show Last 20 Lines

lib/lsan/lsan_common.h

	Show All 28 Lines
	// (e.g. x86), see https://github.com/google/sanitizers/issues/403.			// (e.g. x86), see https://github.com/google/sanitizers/issues/403.
	// To enable LeakSanitizer on new architecture, one need to implement			// To enable LeakSanitizer on new architecture, one need to implement
	// internal_clone function as well as (probably) adjust TLS machinery for			// internal_clone function as well as (probably) adjust TLS machinery for
	// new architecture inside sanitizer library.			// new architecture inside sanitizer library.
	#if (SANITIZER_LINUX && !SANITIZER_ANDROID \|\| CAN_SANITIZE_LEAKS_MAC) \			#if (SANITIZER_LINUX && !SANITIZER_ANDROID \|\| CAN_SANITIZE_LEAKS_MAC) \
	&& (SANITIZER_WORDSIZE == 64) && (defined(__x86_64__) \			&& (SANITIZER_WORDSIZE == 64) && (defined(__x86_64__) \
	\|\| defined(__mips64) \|\| defined(__aarch64__))			\|\| defined(__mips64) \|\| defined(__aarch64__))
	#define CAN_SANITIZE_LEAKS 1			#define CAN_SANITIZE_LEAKS 1
	#elif SANITIZER_LINUX && !SANITIZER_ANDROID && defined(__i386__)			#elif SANITIZER_LINUX && !SANITIZER_ANDROID \
				&& (defined(__i386__) \|\| defined(__arm__))
	#define CAN_SANITIZE_LEAKS 1			#define CAN_SANITIZE_LEAKS 1
	#else			#else
	#define CAN_SANITIZE_LEAKS 0			#define CAN_SANITIZE_LEAKS 0
	#endif			#endif

	namespace __sanitizer {			namespace __sanitizer {
	class FlagParser;			class FlagParser;
	struct DTLS;			struct DTLS;
	▲ Show 20 Lines • Show All 92 Lines • ▼ Show 20 Lines
	void EnableInThisThread();			void EnableInThisThread();
	// Can be used to ignore memory allocated by an intercepted			// Can be used to ignore memory allocated by an intercepted
	// function.			// function.
	struct ScopedInterceptorDisabler {			struct ScopedInterceptorDisabler {
	ScopedInterceptorDisabler() { DisableInThisThread(); }			ScopedInterceptorDisabler() { DisableInThisThread(); }
	~ScopedInterceptorDisabler() { EnableInThisThread(); }			~ScopedInterceptorDisabler() { EnableInThisThread(); }
	};			};

	// Special case for "new T[0]" where T is a type with DTOR.			// According to Itanium C++ ABI array cookie is a one word containing
	// new T[0] will allocate one word for the array size (0) and store a pointer			// size of allocated array.
	// to the end of allocated chunk.			static inline bool IsItaniumABICookie(uptr chunk_beg, uptr chunk_size,
				alekseyshlUnsubmitted Not Done Reply Inline Actions IsItaniumABIArrayCookie alekseyshl: IsItaniumABIArrayCookie
	inline bool IsSpecialCaseOfOperatorNew0(uptr chunk_beg, uptr chunk_size,
	uptr addr) {			uptr addr) {
	return chunk_size == sizeof(uptr) && chunk_beg + chunk_size == addr &&			return chunk_size == sizeof(uptr) && chunk_beg + chunk_size == addr &&
	reinterpret_cast<uptr >(chunk_beg) == 0;			reinterpret_cast<uptr >(chunk_beg) == 0;
	}			}

				// According to ARM C++ ABI array cookie consists of two words:
				// struct array_cookie {
				// std::size_t element_size; // element_size != 0
				// std::size_t element_count;
				// };
				static inline bool IsARMABICookie(uptr chunk_beg, uptr chunk_size, uptr addr) {
				alekseyshlUnsubmitted Not Done Reply Inline Actions IsARMABIArrayCookie alekseyshl: IsARMABIArrayCookie
				return chunk_size == 2 * sizeof(uptr) && chunk_beg + chunk_size == addr &&
				reinterpret_cast<uptr >(chunk_beg + sizeof(uptr)) == 0;
				}

				// Special case for "new T[0]" where T is a type with DTOR.
				// new T[0] will allocate a cookie (one or two words) for the array size (0)
				// and store a pointer to the end of allocated chunk. The actual cookie layout
				// varies between platforms according to their C++ ABI implementation.
				inline bool IsSpecialCaseOfOperatorNew0(uptr chunk_beg, uptr chunk_size,
				uptr addr) {
				#if defined(__arm__)
				return IsARMABICookie(chunk_beg, chunk_size, addr);
				#else
				return IsItaniumABICookie(chunk_beg, chunk_size, addr);
				#endif
				}

	// The following must be implemented in the parent tool.			// The following must be implemented in the parent tool.

	void ForEachChunk(ForEachChunkCallback callback, void *arg);			void ForEachChunk(ForEachChunkCallback callback, void *arg);
	// Returns the address range occupied by the global allocator object.			// Returns the address range occupied by the global allocator object.
	void GetAllocatorGlobalRange(uptr begin, uptr end);			void GetAllocatorGlobalRange(uptr begin, uptr end);
	// Wrappers for allocator's ForceLock()/ForceUnlock().			// Wrappers for allocator's ForceLock()/ForceUnlock().
	void LockAllocator();			void LockAllocator();
	void UnlockAllocator();			void UnlockAllocator();
	▲ Show 20 Lines • Show All 49 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_linux.h

	Show First 20 Lines • Show All 42 Lines • ▼ Show 20 Lines
	// internal_sigaction instead.			// internal_sigaction instead.
	int internal_sigaction_norestorer(int signum, const void act, void oldact);			int internal_sigaction_norestorer(int signum, const void act, void oldact);
	#if (defined(__x86_64__) \|\| SANITIZER_MIPS64) && !SANITIZER_GO			#if (defined(__x86_64__) \|\| SANITIZER_MIPS64) && !SANITIZER_GO
	// Uses a raw system call to avoid interceptors.			// Uses a raw system call to avoid interceptors.
	int internal_sigaction_syscall(int signum, const void act, void oldact);			int internal_sigaction_syscall(int signum, const void act, void oldact);
	#endif			#endif
	void internal_sigdelset(__sanitizer_sigset_t *set, int signum);			void internal_sigdelset(__sanitizer_sigset_t *set, int signum);
	#if defined(__x86_64__) \|\| defined(__mips__) \|\| defined(__aarch64__) \			#if defined(__x86_64__) \|\| defined(__mips__) \|\| defined(__aarch64__) \
	\|\| defined(__powerpc64__) \|\| defined(__s390__) \|\| defined(__i386__)			\|\| defined(__powerpc64__) \|\| defined(__s390__) \|\| defined(__i386__) \
				\|\| defined(__arm__)
	uptr internal_clone(int (fn)(void ), void child_stack, int flags, void arg,			uptr internal_clone(int (fn)(void ), void child_stack, int flags, void arg,
	int parent_tidptr, void newtls, int *child_tidptr);			int parent_tidptr, void newtls, int *child_tidptr);
	#endif			#endif
	#endif // SANITIZER_LINUX			#endif // SANITIZER_LINUX

	// This class reads thread IDs from /proc/<pid>/task using only syscalls.			// This class reads thread IDs from /proc/<pid>/task using only syscalls.
	class ThreadLister {			class ThreadLister {
	public:			public:
	Show All 34 Lines

lib/sanitizer_common/sanitizer_linux.cc

Show First 20 Lines • Show All 1,250 Lines • ▼ Show 20 Lines	#endif
: "a"(SYSCALL(clone)), "i"(SYSCALL(exit)),		: "a"(SYSCALL(clone)), "i"(SYSCALL(exit)),
"c"(child_stack),		"c"(child_stack),
"d"(parent_tidptr),		"d"(parent_tidptr),
"S"(newtls),		"S"(newtls),
"D"(child_tidptr)		"D"(child_tidptr)
: "memory");		: "memory");
return res;		return res;
}		}
		#elif defined(__arm__) && SANITIZER_LINUX
		uptr internal_clone(int (fn)(void ), void child_stack, int flags, void arg,
		int parent_tidptr, void newtls, int *child_tidptr) {
		unsigned int res;
		if (!fn \|\| !child_stack)
		return -EINVAL;
		CHECK_EQ(0, (uptr)child_stack % 16);
		alekseyshlUnsubmitted Not Done Reply Inline Actions Isn't stack 4 bytes aligned on arm32? alekseyshl: Isn't stack 4 bytes aligned on arm32?
		child_stack = (char )child_stack - 2 sizeof(unsigned int);
		((unsigned int *)child_stack)[0] = (uptr)fn;
		((unsigned int *)child_stack)[1] = (uptr)arg;
		register int r0 __asm__("r0") = flags;
		rengolinUnsubmitted Not Done Reply Inline Actions This sequence doesn't coincide with the order of parameters above, and can lead to unexpected results. Why do you need to reserve the registers in this code at all? rengolin: This sequence doesn't coincide with the order of parameters above, and can lead to unexpected…
		ygribovUnsubmitted Not Done Reply Inline Actions Why should it? The sole purpose of register annotations is to pass arguments to swi call below. ygribov: Why should it? The sole purpose of register annotations is to pass arguments to swi call below.
		rengolinUnsubmitted Not Done Reply Inline Actions Right, I just realised the compiler will do the necessary moves. This code is really opaque, can you add some comments like the ones above? rengolin: Right, I just realised the compiler will do the necessary moves. This code is really opaque…
		ygribovUnsubmitted Not Done Reply Inline Actions Note that that's how it's done for other cores, including AArch64. All comments is given for x86 internal_clone implementation above (it basically says that this hairy code is inspired by Glibc clone implementation). ygribov: Note that that's how it's done for other cores, including AArch64. All comments is given for…
		m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions Yeah, the reason we have all that stuff is explained in x86_64 port. Anyway, I've added several comments to inline asm to improve readability. Looks better now? m.ostapenko: Yeah, the reason we have all that stuff is explained in x86_64 port. Anyway, I've added several…
		register void *r1 __asm__("r1") = child_stack;
		register int *r2 __asm__("r2") = parent_tidptr;
		register void *r3 __asm__("r3") = newtls;
		register int *r4 __asm__("r4") = child_tidptr;
		register int r7 __asm__("r7") = __NR_clone;

		#if __ARM_ARCH > 4 \|\| defined (__ARM_ARCH_4T__)
		# define ARCH_HAS_BX
		#endif
		#if __ARM_ARCH > 4
		# define ARCH_HAS_BLX
		#endif

		#ifdef ARCH_HAS_BX
		# ifdef ARCH_HAS_BLX
		rengolinUnsubmitted Not Done Reply Inline Actions If this is ARMv4T and no interwork, this will fail, as `blx` was introduced in ARMv5. Check `compiler-rt/lib/builtins/assembly.h` for more info on the multiple ways to return. rengolin: If this is ARMv4T and no interwork, this will fail, as `blx` was introduced in ARMv5. Check…
		m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions Ah, OK, thanks. Fixed now. m.ostapenko: Ah, OK, thanks. Fixed now.
		# define BLX(R) "blx " #R "\n"
		# else
		# define BLX(R) "mov lr, pc; bx" #R "\n"
		# endif
		#else
		# define BLX(R) "mov lr, pc; mov pc," #R "\n"
		#endif

		__asm__ __volatile__("push {r4, r7}\n"
		alekseyshlUnsubmitted Not Done Reply Inline Actions Why do we push them to stack? Aren't all the params for swi passed in registers? alekseyshl: Why do we push them to stack? Aren't all the params for swi passed in registers?

		/* Do the system call */
		"swi 0x0\n"

		/* if (%r0 != 0)
		* return %r0;
		*/
		"cmp r0, #0\n"
		"bne 1f\n"

		/* In the child, now. Call "fn(arg)". */
		"ldr r0, [sp, #4]\n"
		"ldr ip, [sp], #8\n"
		BLX(ip)
		/* Call _exit(%r0). */
		"mov r7, %7\n"
		"swi 0x0\n"
		"1:\n"
		"pop {r4, r7}\n"
		"mov %0, r0\n"
		: "=r"(res)
		: "r"(r0), "r"(r1), "r"(r2), "r"(r3), "r"(r4), "r"(r7),
		zatrazzUnsubmitted Not Done Reply Inline Actions I think you could simplify to just: #ifdef ARCH_HAS_BX # ifdef ARCH_HAS_BLX # define BLX(R) "blx " #R # else # define BLX(R) "mov lr, pc; bx" #R # endif #else # define BLX(R) "mov lr, pc; mov pc," #R #endif And then on inline assembly just call BLX(ip). zatrazz: I think you could simplify to just: ``` #ifdef ARCH_HAS_BX # ifdef ARCH_HAS_BLX # define BLX…
		"i"(__NR_exit)
		: "memory");
		return res;
		}
#endif // defined(__x86_64__) && SANITIZER_LINUX		#endif // defined(__x86_64__) && SANITIZER_LINUX

#if SANITIZER_ANDROID		#if SANITIZER_ANDROID
#if __ANDROID_API__ < 21		#if __ANDROID_API__ < 21
extern "C" __attribute__((weak)) int dl_iterate_phdr(		extern "C" __attribute__((weak)) int dl_iterate_phdr(
int ()(struct dl_phdr_info , size_t, void ), void );		int ()(struct dl_phdr_info , size_t, void ), void );
#endif		#endif

▲ Show 20 Lines • Show All 237 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_linux_libcdep.cc

Show First 20 Lines • Show All 177 Lines • ▼ Show 20 Lines	if (tls_align < kStackAlign)
tls_align = kStackAlign;		tls_align = kStackAlign;
g_tls_size = RoundUpTo(tls_size, tls_align);		g_tls_size = RoundUpTo(tls_size, tls_align);
}		}
#else		#else
void InitTlsSize() { }		void InitTlsSize() { }
#endif // !SANITIZER_FREEBSD && !SANITIZER_ANDROID && !SANITIZER_GO		#endif // !SANITIZER_FREEBSD && !SANITIZER_ANDROID && !SANITIZER_GO

#if (defined(__x86_64__) \|\| defined(__i386__) \|\| defined(__mips__) \		#if (defined(__x86_64__) \|\| defined(__i386__) \|\| defined(__mips__) \
\|\| defined(__aarch64__) \|\| defined(__powerpc64__) \|\| defined(__s390__)) \		\|\| defined(__aarch64__) \|\| defined(__powerpc64__) \|\| defined(__s390__) \
&& SANITIZER_LINUX && !SANITIZER_ANDROID		\|\| defined(__arm__)) && SANITIZER_LINUX && !SANITIZER_ANDROID
		ygribovUnsubmitted Not Done Reply Inline Actions Misleading indent. ygribov: Misleading indent.
// sizeof(struct pthread) from glibc.		// sizeof(struct pthread) from glibc.
static atomic_uintptr_t kThreadDescriptorSize;		static atomic_uintptr_t kThreadDescriptorSize;

uptr ThreadDescriptorSize() {		uptr ThreadDescriptorSize() {
uptr val = atomic_load(&kThreadDescriptorSize, memory_order_relaxed);		uptr val = atomic_load(&kThreadDescriptorSize, memory_order_relaxed);
if (val)		if (val)
return val;		return val;
#if defined(__x86_64__) \|\| defined(__i386__)		#if defined(__x86_64__) \|\| defined(__i386__) \|\| defined(__arm__)
#ifdef _CS_GNU_LIBC_VERSION		#ifdef _CS_GNU_LIBC_VERSION
char buf[64];		char buf[64];
uptr len = confstr(_CS_GNU_LIBC_VERSION, buf, sizeof(buf));		uptr len = confstr(_CS_GNU_LIBC_VERSION, buf, sizeof(buf));
if (len < sizeof(buf) && internal_strncmp(buf, "glibc 2.", 8) == 0) {		if (len < sizeof(buf) && internal_strncmp(buf, "glibc 2.", 8) == 0) {
char *end;		char *end;
int minor = internal_simple_strtoll(buf + 8, &end, 10);		int minor = internal_simple_strtoll(buf + 8, &end, 10);
if (end != buf + 8 && (end == '\0' \|\| end == '.')) {		if (end != buf + 8 && (end == '\0' \|\| end == '.' \|\| *end == '-')) {
		m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions I don't really like this change . Perhaps we can create some white list of terminator symbols, or just drop the check? m.ostapenko: I don't really like this change . Perhaps we can create some white list of terminator symbols…
		ygribovUnsubmitted Not Done Reply Inline Actions Or just !isalpha(end)? ygribov:* Or just !isalpha(*end)?
		eugenisUnsubmitted Not Done Reply Inline Actions what exactly are we trying to avoid here? Something like 1.2abc ? This is where is comes from: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60038 eugenis: what exactly are we trying to avoid here? Something like 1.2abc ? This is where is comes from…
		m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions Yeah, just filter out "strange" Glibc configurations. m.ostapenko: Yeah, just filter out "strange" Glibc configurations.
int patch = 0;		int patch = 0;
if (*end == '.')		if (*end == '.')
// strtoll will return 0 if no valid conversion could be performed		// strtoll will return 0 if no valid conversion could be performed
patch = internal_simple_strtoll(end + 1, nullptr, 10);		patch = internal_simple_strtoll(end + 1, nullptr, 10);

/* sizeof(struct pthread) values from various glibc versions. */		/* sizeof(struct pthread) values from various glibc versions. */
if (SANITIZER_X32)		if (SANITIZER_X32)
val = 1728; // Assume only one particular version for x32.		val = 1728; // Assume only one particular version for x32.
		// For ARM sizeof(struct pthread) changed in Glibc 2.23.
		else if (SANITIZER_ARM)
		val = minor <= 22 ? 1120 : 1216;
else if (minor <= 3)		else if (minor <= 3)
val = FIRST_32_SECOND_64(1104, 1696);		val = FIRST_32_SECOND_64(1104, 1696);
else if (minor == 4)		else if (minor == 4)
val = FIRST_32_SECOND_64(1120, 1728);		val = FIRST_32_SECOND_64(1120, 1728);
else if (minor == 5)		else if (minor == 5)
val = FIRST_32_SECOND_64(1136, 1728);		val = FIRST_32_SECOND_64(1136, 1728);
else if (minor <= 9)		else if (minor <= 9)
val = FIRST_32_SECOND_64(1136, 1712);		val = FIRST_32_SECOND_64(1136, 1712);
Show All 19 Lines	#elif defined(__mips__)
return val;		return val;
#elif defined(__aarch64__)		#elif defined(__aarch64__)
// The sizeof (struct pthread) is the same from GLIBC 2.17 to 2.22.		// The sizeof (struct pthread) is the same from GLIBC 2.17 to 2.22.
val = 1776;		val = 1776;
atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);		atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);
return val;		return val;
#elif defined(__powerpc64__)		#elif defined(__powerpc64__)
val = 1776; // from glibc.ppc64le 2.20-8.fc21		val = 1776; // from glibc.ppc64le 2.20-8.fc21
atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);		atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);
		zatrazzUnsubmitted Not Done Reply Inline Actions This is not what I am seeing on my environment: 2.25 - 1216 2.24 - 1216 2.23 - 1216 2.22 - 1120 2.21 - 1120 2.20 - 1120 The 2.22 to 2.23 change (cause by 3e2ee6f0e3471ce commit) removed HAVE_FORCED_UNWIND and thus 'struct pthread' adds a 'struct _Unwind_Exception' regardless if architecture defined or not HAVE_FORCED_UNWIND. zatrazz: This is not what I am seeing on my environment: 2.25 - 1216 2.24 - 1216 2.23 - 1216 2.22 …
		m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions Oh, my bad, should be fixed. m.ostapenko: Oh, my bad, should be fixed.
return val;		return val;
#elif defined(__s390__)		#elif defined(__s390__)
val = FIRST_32_SECOND_64(1152, 1776); // valid for glibc 2.22		val = FIRST_32_SECOND_64(1152, 1776); // valid for glibc 2.22
atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);		atomic_store(&kThreadDescriptorSize, val, memory_order_relaxed);
#endif		#endif
return 0;		return 0;
}		}

Show All 33 Lines	# elif defined(__mips__)
// TCB and the size of pthread_descr.		// TCB and the size of pthread_descr.
const uptr kTlsTcbOffset = 0x7000;		const uptr kTlsTcbOffset = 0x7000;
uptr thread_pointer;		uptr thread_pointer;
asm volatile(".set push;\		asm volatile(".set push;\
.set mips64r2;\		.set mips64r2;\
rdhwr %0,$29;\		rdhwr %0,$29;\
.set pop" : "=r" (thread_pointer));		.set pop" : "=r" (thread_pointer));
descr_addr = thread_pointer - kTlsTcbOffset - TlsPreTcbSize();		descr_addr = thread_pointer - kTlsTcbOffset - TlsPreTcbSize();
# elif defined(__aarch64__)		# elif defined(__aarch64__) \|\| defined(__arm__)
descr_addr = reinterpret_cast<uptr>(__builtin_thread_pointer()) -		descr_addr = reinterpret_cast<uptr>(__builtin_thread_pointer()) -
ThreadDescriptorSize();		ThreadDescriptorSize();
# elif defined(__s390__)		# elif defined(__s390__)
descr_addr = reinterpret_cast<uptr>(__builtin_thread_pointer());		descr_addr = reinterpret_cast<uptr>(__builtin_thread_pointer());
# elif defined(__powerpc64__)		# elif defined(__powerpc64__)
// PPC64LE uses TLS variant I. The thread pointer (in GPR 13)		// PPC64LE uses TLS variant I. The thread pointer (in GPR 13)
// points to the end of the TCB + 0x7000. The pthread_descr structure is		// points to the end of the TCB + 0x7000. The pthread_descr structure is
// immediately in front of the TCB. TlsPreTcbSize() includes the size of the		// immediately in front of the TCB. TlsPreTcbSize() includes the size of the
Show All 32 Lines
#if !SANITIZER_GO		#if !SANITIZER_GO
static void GetTls(uptr addr, uptr size) {		static void GetTls(uptr addr, uptr size) {
#if SANITIZER_LINUX && !SANITIZER_ANDROID		#if SANITIZER_LINUX && !SANITIZER_ANDROID
# if defined(__x86_64__) \|\| defined(__i386__) \|\| defined(__s390__)		# if defined(__x86_64__) \|\| defined(__i386__) \|\| defined(__s390__)
*addr = ThreadSelf();		*addr = ThreadSelf();
*size = GetTlsSize();		*size = GetTlsSize();
addr -= size;		addr -= size;
*addr += ThreadDescriptorSize();		*addr += ThreadDescriptorSize();
# elif defined(__mips__) \|\| defined(__aarch64__) \|\| defined(__powerpc64__)		# elif defined(__mips__) \|\| defined(__aarch64__) \|\| defined(__powerpc64__) \
		\|\| defined(__arm__)
*addr = ThreadSelf();		*addr = ThreadSelf();
*size = GetTlsSize();		*size = GetTlsSize();
# else		# else
*addr = 0;		*addr = 0;
*size = 0;		*size = 0;
# endif		# endif
#elif SANITIZER_FREEBSD		#elif SANITIZER_FREEBSD
void** segbase = ThreadSelfSegbase();		void** segbase = ThreadSelfSegbase();
▲ Show 20 Lines • Show All 200 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_platform.h

	Show First 20 Lines • Show All 156 Lines • ▼ Show 20 Lines
	#else			#else
	# define SANITIZER_PPC 0			# define SANITIZER_PPC 0
	# define SANITIZER_PPC32 0			# define SANITIZER_PPC32 0
	# define SANITIZER_PPC64 0			# define SANITIZER_PPC64 0
	# define SANITIZER_PPC64V1 0			# define SANITIZER_PPC64V1 0
	# define SANITIZER_PPC64V2 0			# define SANITIZER_PPC64V2 0
	#endif			#endif

				#if defined(__arm__)
				# define SANITIZER_ARM 1
				#else
				# define SANITIZER_ARM 0
				#endif

	// By default we allow to use SizeClassAllocator64 on 64-bit platform.			// By default we allow to use SizeClassAllocator64 on 64-bit platform.
	// But in some cases (e.g. AArch64's 39-bit address space) SizeClassAllocator64			// But in some cases (e.g. AArch64's 39-bit address space) SizeClassAllocator64
	// does not work well and we need to fallback to SizeClassAllocator32.			// does not work well and we need to fallback to SizeClassAllocator32.
	// For such platforms build this code with -DSANITIZER_CAN_USE_ALLOCATOR64=0 or			// For such platforms build this code with -DSANITIZER_CAN_USE_ALLOCATOR64=0 or
	// change the definition of SANITIZER_CAN_USE_ALLOCATOR64 here.			// change the definition of SANITIZER_CAN_USE_ALLOCATOR64 here.
	#ifndef SANITIZER_CAN_USE_ALLOCATOR64			#ifndef SANITIZER_CAN_USE_ALLOCATOR64
	# if SANITIZER_ANDROID && defined(__aarch64__)			# if SANITIZER_ANDROID && defined(__aarch64__)
	# define SANITIZER_CAN_USE_ALLOCATOR64 1			# define SANITIZER_CAN_USE_ALLOCATOR64 1
	▲ Show 20 Lines • Show All 84 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc

	Show All 10 Lines
	// This implementation was inspired by Markus Gutschke's linuxthreads.cc.			// This implementation was inspired by Markus Gutschke's linuxthreads.cc.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#include "sanitizer_platform.h"			#include "sanitizer_platform.h"

	#if SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__mips__) \|\| \			#if SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__mips__) \|\| \
	defined(__aarch64__) \|\| defined(__powerpc64__) \|\| \			defined(__aarch64__) \|\| defined(__powerpc64__) \|\| \
	defined(__s390__) \|\| defined(__i386__))			defined(__s390__) \|\| defined(__i386__) \|\| \
				defined(__arm__))

	#include "sanitizer_stoptheworld.h"			#include "sanitizer_stoptheworld.h"

	#include "sanitizer_platform_limits_posix.h"			#include "sanitizer_platform_limits_posix.h"
	#include "sanitizer_atomic.h"			#include "sanitizer_atomic.h"

	#include <errno.h>			#include <errno.h>
	#include <sched.h> // for CLONE_* definitions			#include <sched.h> // for CLONE_* definitions
	▲ Show 20 Lines • Show All 495 Lines • ▼ Show 20 Lines

	uptr SuspendedThreadsList::RegisterCount() {			uptr SuspendedThreadsList::RegisterCount() {
	return sizeof(regs_struct) / sizeof(uptr);			return sizeof(regs_struct) / sizeof(uptr);
	}			}
	} // namespace __sanitizer			} // namespace __sanitizer

	#endif // SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__mips__)			#endif // SANITIZER_LINUX && (defined(__x86_64__) \|\| defined(__mips__)
	// \|\| defined(__aarch64__) \|\| defined(__powerpc64__)			// \|\| defined(__aarch64__) \|\| defined(__powerpc64__)
	// \|\| defined(__s390__) \|\| defined(__i386__)			// \|\| defined(__s390__) \|\| defined(__i386__) \|\| defined(__arm__)

test/asan/TestCases/Linux/clang_gcc_abi.cc

	// RUN: %clangxx_asan -O0 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s			// RUN: %clangxx_asan -O0 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s
	// RUN: %clangxx_asan -O1 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s			// RUN: %clangxx_asan -O1 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s
	// RUN: %clangxx_asan -O2 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s			// RUN: %clangxx_asan -O2 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s
	// RUN: %clangxx_asan -O3 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s			// RUN: %clangxx_asan -O3 -x c %s -o %t && not %run %t 2>&1 \| FileCheck %s

	// REQUIRES: arm-target-arch			// REQUIRES: arm-target-arch, fast-unwinder-works
	// XFAIL: armv7l-unknown-linux-gnueabihf			// XFAIL: armv7l-unknown-linux-gnueabihf

	#include <stdlib.h>			#include <stdlib.h>

	__attribute__((noinline))			__attribute__((noinline))
	int boom() {			int boom() {
	volatile int three = 3;			volatile int three = 3;
	char * volatile s = (char *)malloc(three);			char * volatile s = (char *)malloc(three);
	Show All 31 Lines

test/asan/lit.cfg

	# -- Python --			# -- Python --

	import os			import os
	import platform			import platform
				import re

	import lit.formats			import lit.formats

	def get_required_attr(config, attr_name):			def get_required_attr(config, attr_name):
	attr_value = getattr(config, attr_name, None)			attr_value = getattr(config, attr_name, None)
	if attr_value == None:			if attr_value == None:
	lit_config.fatal(			lit_config.fatal(
	"No attribute %r in test configuration! You may need to run "			"No attribute %r in test configuration! You may need to run "
	▲ Show 20 Lines • Show All 192 Lines • ▼ Show 20 Lines
	config.substitutions.append( ("%dynamiclib", '%T/lib%xdynamiclib_namespec.so') )			config.substitutions.append( ("%dynamiclib", '%T/lib%xdynamiclib_namespec.so') )
	config.substitutions.append( ("%xdynamiclib_namespec", '$(basename %t).dynamic') )			config.substitutions.append( ("%xdynamiclib_namespec", '$(basename %t).dynamic') )

	# Allow tests to use REQUIRES=stable-runtime. For use when you cannot use XFAIL			# Allow tests to use REQUIRES=stable-runtime. For use when you cannot use XFAIL
	# because the test hangs. Adding armhf as we now have two modes.			# because the test hangs. Adding armhf as we now have two modes.
	if config.target_arch != 'arm' and config.target_arch != 'armhf' and config.target_arch != 'aarch64':			if config.target_arch != 'arm' and config.target_arch != 'armhf' and config.target_arch != 'aarch64':
	config.available_features.add('stable-runtime')			config.available_features.add('stable-runtime')

				# Fast unwinder doesn't work with Thumb
				if not re.match('-mthumb', config.target_cflags):
				config.available_features.add('fast-unwinder-works')

	# Turn on leak detection on 64-bit Linux.			# Turn on leak detection on 64-bit Linux.
	if config.host_os == 'Linux' and (config.target_arch == 'x86_64' or config.target_arch == 'i386'):			if config.host_os == 'Linux' and (config.target_arch == 'x86_64' or config.target_arch == 'i386'):
	config.available_features.add('leak-detection')			config.available_features.add('leak-detection')

	# Set LD_LIBRARY_PATH to pick dynamic runtime up properly.			# Set LD_LIBRARY_PATH to pick dynamic runtime up properly.
	push_dynamic_library_lookup_path(config, config.compiler_rt_libdir)			push_dynamic_library_lookup_path(config, config.compiler_rt_libdir)

	# GCC-ASan uses dynamic runtime by default.			# GCC-ASan uses dynamic runtime by default.
	Show All 32 Lines

test/lsan/TestCases/large_allocation_leak.cc

	// Test that LargeMmapAllocator's chunks aren't reachable via some internal data structure.			// Test that LargeMmapAllocator's chunks aren't reachable via some internal data structure.
	// RUN: LSAN_BASE="detect_leaks=1:report_objects=1:use_stacks=0:use_registers=0"			// RUN: LSAN_BASE="detect_leaks=1:report_objects=1:use_stacks=0:use_registers=0"
	// RUN: %clangxx_lsan %s -o %t			// RUN: %clangxx_lsan %s -o %t
	// RUN: LSAN_OPTIONS=$LSAN_BASE not %run %t 2>&1 \| FileCheck %s			// RUN: LSAN_OPTIONS=$LSAN_BASE not %run %t 2>&1 \| FileCheck %s

	// For 32 bit LSan it's pretty likely that large chunks are "reachable" from some			// For 32 bit LSan it's pretty likely that large chunks are "reachable" from some
	// internal data structures (e.g. Glibc global data).			// internal data structures (e.g. Glibc global data).
	// UNSUPPORTED: x86			// UNSUPPORTED: x86, arm

	#include <stdio.h>			#include <stdio.h>
	#include <stdlib.h>			#include <stdlib.h>
	#include "sanitizer_common/print_address.h"			#include "sanitizer_common/print_address.h"

	int main() {			int main() {
	// maxsize in primary allocator is always less than this (1 << 25).			// maxsize in primary allocator is always less than this (1 << 25).
	void *large_alloc = malloc(33554432);			void *large_alloc = malloc(33554432);
	print_address("Test alloc: ", 1, large_alloc);			print_address("Test alloc: ", 1, large_alloc);
	return 0;			return 0;
	}			}
	// CHECK: Test alloc: [[ADDR:0x[0-9,a-f]+]]			// CHECK: Test alloc: [[ADDR:0x[0-9,a-f]+]]
	// CHECK: LeakSanitizer: detected memory leaks			// CHECK: LeakSanitizer: detected memory leaks
	// CHECK: [[ADDR]] (33554432 bytes)			// CHECK: [[ADDR]] (33554432 bytes)
	// CHECK: SUMMARY: {{(Leak\|Address)}}Sanitizer:			// CHECK: SUMMARY: {{(Leak\|Address)}}Sanitizer:

test/lsan/TestCases/swapcontext.cc

	// We can't unwind stack if we're running coroutines on heap-allocated			// We can't unwind stack if we're running coroutines on heap-allocated
	// memory. Make sure we don't report these leaks.			// memory. Make sure we don't report these leaks.

	// RUN: %clangxx_lsan %s -o %t			// RUN: %clangxx_lsan %s -o %t
	// RUN: %run %t 2>&1			// RUN: LSAN_BASE="detect_leaks=1"
	// RUN: not %run %t foo 2>&1 \| FileCheck %s			// RUN: LSAN_OPTIONS=$LSAN_BASE %run %t 2>&1
				// RUN: LSAN_OPTIONS=$LSAN_BASE not %run %t foo 2>&1 \| FileCheck %s
				ygribovUnsubmitted Not Done Reply Inline Actions Deserves an explanation. ygribov: Deserves an explanation.
				m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions The point here is that this test fails on arm with SIGBUS due to child_stack is unaligned: bash-3.2# LSAN_OPTIONS=log_pointers=1 /build/llvm/projects/compiler-rt/test/lsan/ARMLsanConfig/TestCases/Output/swapcontext.cc.tmp fooChild stack: 0x7e9ee5f3 Bus error I can align it manually or use malloc/aligned_alloc instead of new[] to avoid the issue. m.ostapenko: The point here is that this test fails on arm with SIGBUS due to child_stack is unaligned…
				// UNSUPPORTED: arm

	#include <stdio.h>			#include <stdio.h>
	#if defined(__APPLE__)			#if defined(__APPLE__)
	// Note: ucontext.h is deprecated on OSX, so this test may stop working			// Note: ucontext.h is deprecated on OSX, so this test may stop working
	// someday. We define _XOPEN_SOURCE to keep using ucontext.h for now.			// someday. We define _XOPEN_SOURCE to keep using ucontext.h for now.
	#define _XOPEN_SOURCE 1			#define _XOPEN_SOURCE 1
	#endif			#endif
	#include <ucontext.h>			#include <ucontext.h>
	#include <unistd.h>			#include <unistd.h>

	const int kStackSize = 1 << 20;			const int kStackSize = 1 << 20;

	void Child() {			void Child() {
	int child_stack;			int child_stack;
	printf("Child: %p\n", &child_stack);			printf("Child: %p\n", &child_stack);
	int *leaked = new int[666];			int *leaked = new int[666];
	}			}

	int main(int argc, char *argv[]) {			int main(int argc, char *argv[]) {
	char stack_memory[kStackSize + 1];			char stack_memory[kStackSize + 1] __attribute__((aligned(4)));
				eugenisUnsubmitted Not Done Reply Inline Actions should it not be 16 for x86_64? eugenis: should it not be 16 for x86_64?
				m.ostapenkoAuthorUnsubmitted Not Done Reply Inline Actions Yeah, x86_64 needs 16 here (not sure why did this work on my x86_64 box, perhaps my machine we OK with unaligned access). m.ostapenko: Yeah, x86_64 needs 16 here (not sure why did this work on my x86_64 box, perhaps my machine we…
				eugenisUnsubmitted Not Done Reply Inline Actions This only matters for some sse instructions which can appear out of thin air, like an inlined memcpy of a stack-allocated buffer. I guess it did not happen in you case. Still, better be safe. eugenis: This only matters for some sse instructions which can appear out of thin air, like an inlined…
	char *heap_memory = new char[kStackSize + 1];			char *heap_memory = new char[kStackSize + 1];
	char *child_stack = (argc > 1) ? stack_memory : heap_memory;			char *child_stack = (argc > 1) ? stack_memory : heap_memory;

	printf("Child stack: %p\n", child_stack);			printf("Child stack: %p\n", child_stack);
	ucontext_t orig_context;			ucontext_t orig_context;
	ucontext_t child_context;			ucontext_t child_context;
	getcontext(&child_context);			getcontext(&child_context);
	child_context.uc_stack.ss_sp = child_stack;			child_context.uc_stack.ss_sp = child_stack;
	Show All 13 Lines

test/lsan/TestCases/use_registers.cc

Show All 27 Lines	asm ( "mov %0, %%r15"
:		:
: "r" (p)		: "r" (p)
);		);
#elif defined(__mips__)		#elif defined(__mips__)
asm ( "move $16, %0"		asm ( "move $16, %0"
:		:
: "r" (p)		: "r" (p)
);		);
		#elif defined(__arm__)
		asm ( "mov r5, %0"
		:
		: "r" (p)
		);
#else		#else
#error "Test is not supported on this architecture."		#error "Test is not supported on this architecture."
#endif		#endif
print_address("Test alloc: ", 1, p);		print_address("Test alloc: ", 1, p);
fflush(stderr);		fflush(stderr);
__sync_fetch_and_xor(sync, 1);		__sync_fetch_and_xor(sync, 1);
while (true)		while (true)
sched_yield();		sched_yield();
Show All 15 Lines

test/lsan/lit.common.cfg

# -- Python --		# -- Python --

# Common configuration for running leak detection tests under LSan/ASan.		# Common configuration for running leak detection tests under LSan/ASan.

import os		import os
		import re

import lit.util		import lit.util

def get_required_attr(config, attr_name):		def get_required_attr(config, attr_name):
attr_value = getattr(config, attr_name, None)		attr_value = getattr(config, attr_name, None)
if attr_value == None:		if attr_value == None:
lit_config.fatal(		lit_config.fatal(
"No attribute %r in test configuration! You may need to run "		"No attribute %r in test configuration! You may need to run "
Show All 33 Lines	def build_invocation(compile_flags):
return " " + " ".join([config.clang] + compile_flags) + " "		return " " + " ".join([config.clang] + compile_flags) + " "

config.substitutions.append( ("%clang ", build_invocation(clang_cflags)) )		config.substitutions.append( ("%clang ", build_invocation(clang_cflags)) )
config.substitutions.append( ("%clangxx ", build_invocation(clang_cxxflags)) )		config.substitutions.append( ("%clangxx ", build_invocation(clang_cxxflags)) )
config.substitutions.append( ("%clang_lsan ", build_invocation(clang_lsan_cflags)) )		config.substitutions.append( ("%clang_lsan ", build_invocation(clang_lsan_cflags)) )
config.substitutions.append( ("%clangxx_lsan ", build_invocation(clang_lsan_cxxflags)) )		config.substitutions.append( ("%clangxx_lsan ", build_invocation(clang_lsan_cxxflags)) )

# LeakSanitizer tests are currently supported on x86-64 Linux and mips64 Linux only.		# LeakSanitizer tests are currently supported on x86-64 Linux and mips64 Linux only.
if config.host_os not in ['Linux'] or config.host_arch not in ['x86_64', 'mips64']:		if config.host_os not in ['Linux'] or config.host_arch not in ['x86_64', 'mips64', 'arm', 'armhf']:
		config.unsupported = True

		# Don't support Thumb due to broken fast unwinder
		if re.match('-mthumb', config.target_cflags):
config.unsupported = True		config.unsupported = True

config.suffixes = ['.c', '.cc', '.cpp']		config.suffixes = ['.c', '.cc', '.cpp']

test/sanitizer_common/print_address.h

	#include <stdio.h>			#include <stdio.h>
	#include <stdarg.h>			#include <stdarg.h>

	void print_address(const char *str, int n, ...) {			void print_address(const char *str, int n, ...) {
	fprintf(stderr, "%s", str);			fprintf(stderr, "%s", str);
	va_list ap;			va_list ap;
	va_start(ap, n);			va_start(ap, n);
	while (n--) {			while (n--) {
	void p = va_arg(ap, void );			void p = va_arg(ap, void );
	#if defined(__x86_64__) \|\| defined(__aarch64__) \|\| defined(__powerpc64__)			#if defined(__x86_64__) \|\| defined(__aarch64__) \|\| defined(__powerpc64__)
	// On FreeBSD, the %p conversion specifier works as 0x%x and thus does not			// On FreeBSD, the %p conversion specifier works as 0x%x and thus does not
	// match to the format used in the diagnotic message.			// match to the format used in the diagnotic message.
	fprintf(stderr, "0x%012lx ", (unsigned long) p);			fprintf(stderr, "0x%012lx ", (unsigned long) p);
	#elif defined(__i386__)			#elif defined(__i386__) \|\| defined(__arm__)
	fprintf(stderr, "0x%8lx ", (unsigned long) p);			fprintf(stderr, "0x%8lx ", (unsigned long) p);
	#elif defined(__mips64)			#elif defined(__mips64)
	fprintf(stderr, "0x%010lx ", (unsigned long) p);			fprintf(stderr, "0x%010lx ", (unsigned long) p);
	#endif			#endif
	}			}
	fprintf(stderr, "\n");			fprintf(stderr, "\n");
	}			}

This is an archive of the discontinued LLVM Phabricator instance.

[lsan] Enable LSan for arm LinuxClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 93117

cmake/config-ix.cmake

lib/asan/tests/asan_test.cc

lib/lsan/lsan_allocator.cc

lib/lsan/lsan_common.h

lib/sanitizer_common/sanitizer_linux.h

lib/sanitizer_common/sanitizer_linux.cc

lib/sanitizer_common/sanitizer_linux_libcdep.cc

lib/sanitizer_common/sanitizer_platform.h

lib/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc

test/asan/TestCases/Linux/clang_gcc_abi.cc

test/asan/lit.cfg

test/lsan/TestCases/large_allocation_leak.cc

test/lsan/TestCases/swapcontext.cc

test/lsan/TestCases/use_registers.cc

test/lsan/lit.common.cfg

test/sanitizer_common/print_address.h

[lsan] Enable LSan for arm Linux
ClosedPublic