Compiler-rt internal feature table is synced with the one in libgcc
(common/config/i386/i386-cpuinfo.h).
LLVM internal feature table is refactored to include a field ABI_VALUE,
so we won't be relying on ordering to keep the values correct. The table
is also synced to the one in compiler-rt.
It is possible that a fork could occur while MutexTSDs is being held and
then cause a deadlock in a forked process when something attempts to
lock it again. Instead add it to the enable/disable list of mutexes.
When running the tests on other platforms, printing the stats on all of
the passing tests makes it hard to see failure output. Therefore, this
change only prints the stats if the test actually fails.
I've tested this locally, and the builtins build proceeds without a
hitch for m68k-none-none. This is part of a larger effort to establish a
working m68k baremetal toolchain.
Make the systemSupportsMemoryTagging() function return even on system
that don't support memory tagging. This avoids the need to always check
if memory tagging is supported before calling the function.
Modify iterateOverChunks() to call useMemoryTagging<>(Options) to
determine if mte is supported. This already uses the cached check of
systemSupportsMemoryTagging() rather than directly calling that
function.
Updated the code that calls systemSupportsMemoryTagging().
This partially reverts #152192, keeping updated tests and
some code reordering in clang/lib/CodeGen/CGExpr.cpp.
compiler-rt/lib/ubsan_minimal/ubsan_minimal_handlers.cpp is exact revert
(with followup #152419)
We don't have a good use case for that, so revert it before we are stuck
maintaining this API.
21.x does not have this patch.
This reverts commit a1209d8686.
Document a define to allow library developers to support disabling
AddressSanitizer's container overflow detection in template code at
compile time.
The primary motivation is to reduce false positives in environments
where
libraries and frameworks that cannot be recompiled with sanitizers
enabled
are called from application code. This supports disabling checks when
the
runtime environment cannot be reliably controlled to use ASAN_OPTIONS.
Key changes:
- Use the define `__SANITIZER_DISABLE_CONTAINER_OVERFLOW__` to disable
instrumentation at compile time
- Implemented redefining the container overflow APIs in
common_interface_defs.h
to use define to provide null implementation when define is present
- Update documentation in AddressSanitizer.rst to suggest and illustrate
use of the define
- Add details of the define in PrintContainerOverflowHint()
- Add test disable_container_overflow_checks to verify new hints on the
error and fill the testing gap that
ASAN_OPTIONS=detect_container_overflow=0
works
- Add tests demonstrating the issue around closed source libraries and
instrumented apps that both modify containers
This requires no compiler changes and should be supportable cross
compiler toolchains.
An RFC has been opened to discuss:
https://discourse.llvm.org/t/rfc-add-fsanitize-address-disable-container-overflow-flag-to-addresssanitizer/88349
Post-commit fix of #164794 reported at
https://github.com/llvm/llvm-project/pull/164794#issuecomment-3536253493
`LLVM_LIBRARY_OUTPUT_INTDIR` and `LLVM_RUNTIME_OUTPUT_INTDIR` is used by
`AddLLVM.cmake` as output directories. Unless we are in a
bootstrapping-build, It must not point to directories found by
`find_package(LLVM)` which may be read-only directories. MLIR for
instance sets thesese variables to its own build output
directory, so should the runtimes.
(Reland of #161546, fixing three build and test issues)
This commit adds optimized assembly versions of single-precision float
multiplication and division. Both functions are implemented in a style
that can be assembled as either of Arm and Thumb2; for multiplication, a
separate implementation is provided for Thumb1. Also, extensive new
tests are added for multiplication and division.
These implementations can be removed from the build by defining the
cmake variable COMPILER_RT_ARM_OPTIMIZED_FP=OFF.
Outlying parts of the functionality which are not on the fast path, such
as NaN handling and underflow, are handled in helper functions written
in C. These can be shared between the Arm/Thumb2 and Thumb1
implementations, and also reused by other optimized assembly functions
we hope to add in future.
As in title. AVX10.x doesn't distinguish between available vector
lengths.
-mattr=avx10.x-512 and defining of macros with _512 is kept for compatibility.
Bit-positions of avx10.1/2 features in compiler-rt and X86TargetParser
are synced to match those in the gcc.
This re-lands #166005, which was reverted due to the issue described in
#167797.
There are 4 small changes:
- Fix LoadedModule leak by calling Clear() on the modules list
- Fix internal_strncpy calls that are not null-terminated
- Improve test to accept the dylib being loaded from a different path
than compiled `{{.*}}[[DYLIB]]`
- strcmp => internal_strncmp
This should not be merged until after #167797.
rdar://163149325
The fixes a TOCTOU bug in the code that initializes shadow memory in
ASAN:
4b05581bae/compiler-rt/lib/asan/asan_shadow_setup.cpp (L66-L91)
1. During initialization, we call `FindDynamicShadowStart` to search the
memory mapping for enough space to dynamically allocate shadow memory.
2. We call `MemoryRangeIsAvailable(shadow_start, kHighShadowEnd);`,
which goes into `MemoryMappingLayout`.
3. We actually map the shadow with `ReserveShadowMemoryRange`.
In step 2, `MemoryMappingLayout` makes various allocations using the
internal allocator. This can cause the allocator to map more memory! In
some cases, this can actually allocate memory that overlaps with the
shadow region returned by` FindDynamicShadowStart` in step 1. This is
not actually fatal, but it memory corruption; MAP_FIXED is allowed to
overlap other regions, and the effect is any overlapping memory is
zeroed.
------
To address this, this PR implements `MemoryRangeIsAvailable` on Darwin
without any heap allocations:
- Move `IntervalsAreSeparate` into sanitizer_common.h
- Guard existing sanitizer_posix implementation of
`MemoryRangeIsAvailable` behind !SANITIZER_APPLE
- `IsAddressInMappedRegion` in sanitizer_mac becomes
`MemoryRangeIsAvailable`, which also checks for overlap with the DYLD
shared cache.
After this fix, it should be possible to re-land #166005, which
triggered this issue on the x86 iOS simulators.
rdar://164208439
If a caller has locked memory, then the madvise call will fail. In that
case, zero the memory so that we don't return non-zeroed memory for
calloc calls since we thought the memory had been released.
Reverts llvm/llvm-project#161546
One of the buildbots reported a cmake error I don't understand, and
which I didn't get in my own test builds:
```
CMake Error at /var/lib/buildbot/fuchsia-x86_64-linux/llvm-project/compiler-rt/cmake/Modules/CheckAssemblerFlag.cmake:23 (try_compile):
COMPILE_DEFINITIONS specified on a srcdir type TRY_COMPILE
```
My best guess is that the thing I did in `CheckAssemblerFlag.cmake` only
works on some versions of cmake. But I don't understand the problem well
enough to fix it quickly, so I'm reverting the whole patch and will
reland it later.
This commit adds optimized assembly versions of single-precision float
multiplication and division. Both functions are implemented in a style
that can be assembled as either of Arm and Thumb2; for multiplication, a
separate implementation is provided for Thumb1. Also, extensive new
tests are added for multiplication and division.
These implementations can be removed from the build by defining the
cmake variable COMPILER_RT_ARM_OPTIMIZED_FP=OFF.
Outlying parts of the functionality which are not on the fast path, such
as NaN handling and underflow, are handled in helper functions written
in C. These can be shared between the Arm/Thumb2 and Thumb1
implementations, and also reused by other optimized assembly functions
we hope to add in future.
This reverts parts of commit 885d7b759b,
and adds verbose comments explaining all the variants of this
function, for clarity for future readers.
It turns out that those functions actually weren't misnamed or
unused after all: Apparently Clang doesn't match GCC when it comes
to what stack probe function is referenced on i386 mingw. GCC < 4.6
references a symbol named "___chkstk", with three leading underscores,
and GCC >= 4.6 references "___chkstk_ms".
Restore these functions, to allow linking object files built with
GCC with compiler-rt.
When landing 141c2b I didn't realize that none of these files actually
got built either locally or by premerge. I had some minor syntax
mistakes that caused the build to fail. This patch fixes those issues
and has been verified on a Windows machine.
Revert #166005 due to breaking x86 iOS sims
We're sometimes hitting a allocator assert when running x86 iOS sim
tests. I don't believe this PR is at fault, but there's probably a
memory safety / allocator issue somewhere which the allocation pattern
here is exposing.
Windows doesn't support `pthread_attr`, which was introduced to
asan_test.cpp in #165198, so this change `#ifdef`s out the changes made
in that PR.
Originally reported by Chrome as https://crbug.com/459880605.
Asan test `ThreadedStressStackReuseTest ` fails on AIX due to smaller
default thread stack size. Set thread stack size to a minimum of 128KB
to ensure reliable test behavior across platforms (platforms with
smaller default thread stack size).
---------
Co-authored-by: Riyaz Ahmad <riyaz.ahmad@ibm.com>
Make the systemSupportsMemoryTagging() function return even on system
that don't support memory tagging. This avoids the need to always check
if memory tagging is supported before calling th function.
Make systemSupportsMemoryTagging() cache the getauxval return value
instead of calling the function every time.
Updated the code that calls systemSupportsMemoryTagging().
For a full toolchain supporting execute-only code generation the runtime
libraries also need to be pre-compiled with it enabled. The generic
`RUNTIMES_EXECUTE_ONLY_CODE` CMake option can now be used during build
configuration to enable execute-only code generation in compiler-rt.
The build option can only be enabled for a runtimes build of
compiler-rt, because a recent version of Clang is needed to correctly
compile assembly files with execute-only code support.
Related RFC:
https://discourse.llvm.org/t/rfc-execute-only-code-support-for-runtime-libraries-on-aarch64/86180
This fixes two problems:
- dyld itself resides within the shared cache. MemoryMappingLayout
incorrectly computes the slide for dyld's segments, causing them to
(appear to) overlap with other modules. This can cause symbolication
issues.
- The MemoryMappingLayout ranges on Darwin are not disjoint due to the
fact that the LINKEDIT segments overlap for each module. We now ignore
these segments to ensure the mapping is disjoint.
This adds a check for disjointness, and a runtime warning if this is
ever violated (as that suggests issues in the sanitizer memory mapping).
There is now a test to ensure that these problems do not recur.
rdar://163149325
We currently do not handle errors in task_set_exc_guard_behavior. If
this fails, mmap can unexpectedly crash.
We also do not currently provide a clear warning if no external
symbolizers are found.
rdar://163798535
Currently, Scudo always returns the exact size allocated when calling
getUsableSize. This can be a performance issue where some programs will
get the usable size and do unnecessary calls to realloc since they think
there isn't enough space in the allocation. By default, usable size will
still return the exact size of the allocation.
Note that if the exact behavior is disabled and MTE is on, then the code
will still give an exact usable size.
The default config is too large for arm64 Android devices, which are
typically configured with 39-bit address space. This change brings it
inline with sanitizer_allocator_test.cpp.
