MetaMap::ResetRange/FreeRange rounds the range up to at least kMetaShadowSize.
This is requried for e.g. free(malloc(0)). However, munmap returns EINVAL
and do not unmap any memory when length arguments is equal to 0.
So don't free meta shadow in this case as well.
llvm-svn: 234145
Munmap interceptor did not reset meta shadow for the range,
and __tsan_java_move crashed because it encountered
non-zero meta shadow for the destination.
llvm-svn: 232029
The problem is that without SA_RESTORER flag, kernel ignores the handler. So tracer actually did not setup any handler.
Add SA_RESTORER flag when setting up handlers.
Add a test that causes SIGSEGV in stoptheworld callback.
Move SignalContext from asan to sanitizer_common to print better diagnostics about signal in the tracer thread.
http://reviews.llvm.org/D8005
llvm-svn: 230978
SuppressionContext is no longer a singleton, shared by all sanitizers,
but a regular class. Each of ASan, LSan, UBSan and TSan now have their
own SuppressionContext, which only parses suppressions specific to
that sanitizer.
"suppressions" flag is moved away from common flags into tool-specific
flags, so the user now may pass
ASAN_OPTIONS=suppressions=asan_supp.txt LSAN_OPIONS=suppressions=lsan_supp.txt
in a single invocation.
llvm-svn: 230026
Let each LibIgnore user (for now it's only TSan) manually go
through SuppressionContext and pass ignored library templates to
LibIgnore.
llvm-svn: 229924
signal handler reads sa_sigaction when a concurrent sigaction call can modify it
as the result in could try to call SIG_DFL or a partially overwritten function pointer
llvm-svn: 224530
Summary:
Turn "allocator_may_return_null" common flag into an
Allocator::may_return_null bool flag. We want to make sure
that common flags are immutable after initialization. There
are cases when we want to change this flag in the allocator
at runtime: e.g. in unit tests and during ASan activation
on Android.
Test Plan: regression test suite, real-life applications
Reviewers: kcc, eugenis
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D6623
llvm-svn: 224148
Summary:
This change removes `__tsan::StackTrace` class. There are
now three alternatives:
# Lightweight `__sanitizer::StackTrace`, which doesn't own a buffer
of PCs. It is used in functions that need stack traces in read-only
mode, and helps to prevent unnecessary allocations/copies (e.g.
for StackTraces fetched from StackDepot).
# `__sanitizer::BufferedStackTrace`, which stores buffer of PCs in
a constant array. It is used in TraceHeader (non-Go version)
# `__tsan::VarSizeStackTrace`, which owns buffer of PCs, dynamically
allocated via TSan internal allocator.
Test Plan: compiler-rt test suite
Reviewers: dvyukov, kcc
Reviewed By: kcc
Subscribers: llvm-commits, kcc
Differential Revision: http://reviews.llvm.org/D6004
llvm-svn: 221194
The current handling (manual execution of atexit callbacks)
is overly complex and leads to constant problems due to mutual ordering of callbacks.
Instead simply wrap callbacks into our wrapper to establish
the necessary synchronization.
Fixes issue https://code.google.com/p/thread-sanitizer/issues/detail?id=80
llvm-svn: 219675
On some tests we see that signals are not delivered
when a thread is blocked in epoll_wait. The hypothesis
is that the signal is delivered right before epoll_wait
call. The signal is queued as in_blocking_func is not set
yet, and then the thread just blocks in epoll_wait forever.
So double check pending signals *after* setting
in_blocking_func. This way we either queue a signal
and handle it in the beginning of a blocking func,
or process the signal synchronously if it's delivered
when in_blocking_func is set.
llvm-svn: 218070
There interceptors do not seem to be strictly necessary for tsan.
But we see cases where the interceptors consume 70% of execution time.
Memory blocks passed to fgetgrent_r are "written to" by tsan several times.
First, there is some recursion (getgrnam_r calls fgetgrent_r), and each
function "writes to" the buffer. Then, the same memory is "written to"
twice, first as buf and then as pwbufp (both of them refer to the same addresses).
llvm-svn: 216904
Convert TSan and LSan to the new interface. More changes will follow:
1) "suppressions" should become a common runtime flag.
2) Code for parsing suppressions file should be moved to SuppressionContext::Init().
llvm-svn: 214334
The former used to crash with a null deref if it was given a not owned pointer,
while the latter returned 0. Now they both return 0. This is still not the best possible
behavior: it is better to print an error report with a stack trace, pointing
to the error in user code, as we do in ASan.
llvm-svn: 212112
The new storage (MetaMap) is based on direct shadow (instead of a hashmap + per-block lists).
This solves a number of problems:
- eliminates quadratic behaviour in SyncTab::GetAndLock (https://code.google.com/p/thread-sanitizer/issues/detail?id=26)
- eliminates contention in SyncTab
- eliminates contention in internal allocator during allocation of sync objects
- removes a bunch of ad-hoc code in java interface
- reduces java shadow from 2x to 1/2x
- allows to memorize heap block meta info for Java and Go
- allows to cleanup sync object meta info for Go
- which in turn enabled deadlock detector for Go
llvm-svn: 209810
The refactoring makes suppressions more flexible
and allow to suppress based on arbitrary number of stacks.
In particular it fixes:
https://code.google.com/p/thread-sanitizer/issues/detail?id=64
"Make it possible to suppress deadlock reports by any stack (not just first)"
llvm-svn: 209757
This way does not require a __sanitizer_cov_dump() call. That's
important on Android, where apps can be killed at arbitrary time.
We write raw PCs to disk instead of module offsets; we also write
memory layout to a separate file. This increases dump size by the
factor of 2 on 64-bit systems.
llvm-svn: 209653
Move fflush and fclose interceptors to sanitizer_common.
Use a metadata map to keep information about the external locations
that must be updated when the file is written to.
llvm-svn: 208676
We do not detect errno spoiling for SIGTERM,
because some SIGTERM handlers do spoil errno but reraise SIGTERM,
tsan reports false positive in such case.
It's difficult to properly detect this situation (reraise),
because in async signal processing case (when handler is called directly
from rtl_generic_sighandler) we have not yet received the reraised
signal; and it looks too fragile to intercept all ways to reraise a signal.
llvm-svn: 200742
Also rename internal_sigaction() into internal_sigaction_norestorer(), as this function doesn't fully
implement the sigaction() functionality on Linux.
This change is a part of refactoring intended to have common signal handling behavior in all tools.
llvm-svn: 200535
allow SIGABRT to spoil errno, because some real programs
reset SIGABRT handler in the handler, re-raise SIGABRT and return from the handler
llvm-svn: 200304
We left ignore_interceptors>0 when calling signal handlers
from blocking interceptors, this leads to missing synchronization in such signal handler.
llvm-svn: 200003
Currently correct programs can deadlock after fork, because atomic operations and async-signal-safe calls are not async-signal-safe under tsan.
With this change:
- if a single-threaded program forks, the child continues running with verification enabled (the tsan background thread is recreated as well)
- if a multi-threaded program forks, then the child runs with verification disabled (memory accesses, atomic operations and interceptors are disabled); it's expected that it will exec soon anyway
- if the child tries to create more threads after multi-threaded fork, the program aborts with error message
- die_after_fork flag is added that allows to continue running, but all bets are off
http://llvm-reviews.chandlerc.com/D2614
llvm-svn: 199993
This is intended to address the following problem.
Episodically we see CHECK-failures when recursive interceptors call back into user code. Effectively we are not "in_rtl" at this point, but it's very complicated and fragile to properly maintain in_rtl property. Instead get rid of it. It was used mostly for sanity CHECKs, which basically never uncover real problems.
Instead introduce ignore_interceptors flag, which is used in very few narrow places to disable recursive interceptors (e.g. during runtime initialization).
llvm-svn: 197979
Currently data-race-test unittests fail with the following false positive:
WARNING: ThreadSanitizer: data race (pid=20365)
Write of size 8 at 0x7da000008050 by thread T54:
#0 close tsan_interceptors.cc:1483 (racecheck_unittest-linux-amd64-O0+0x0000000eb34a)
#1 NegativeTests_epoll::Worker2() unittest/posix_tests.cc:1148 (racecheck_unittest-linux-amd64-O0+0x0000000cc6b1)
#2 MyThread::ThreadBody(MyThread*) unittest/./thread_wrappers_pthread.h:367 (racecheck_unittest-linux-amd64-O0+0x000000097500)
Previous read of size 8 at 0x7da000008050 by thread T49:
#0 epoll_ctl tsan_interceptors.cc:1646 (racecheck_unittest-linux-amd64-O0+0x0000000e9fee)
#1 NegativeTests_epoll::Worker1() unittest/posix_tests.cc:1140 (racecheck_unittest-linux-amd64-O0+0x0000000cc5b5)
#2 MyThread::ThreadBody(MyThread*) unittest/./thread_wrappers_pthread.h:367 (racecheck_unittest-linux-amd64-O0+0x000000097500)
llvm-svn: 192448
LibIgnore allows to ignore all interceptors called from a particular set
of dynamic libraries. LibIgnore remembers all "called_from_lib" suppressions
from the provided SuppressionContext; finds code ranges for the libraries;
and checks whether the provided PC value belongs to the code ranges.
Also make malloc and friends interceptors use SCOPED_INTERCEPTOR_RAW instead of
SCOPED_TSAN_INTERCEPTOR, because if they are called from an ignored lib,
then must call our internal allocator instead of libc malloc.
llvm-svn: 191897
It is required for chromium sandboxing code.
From the description it seems to be indeed synchronous -- called back on syscall with incorrect arguments,
but seems to be unused in practice. So this should be fine.
llvm-svn: 186579
Before, we had an unused internal_getpid function for Linux, and a
platform-independent GetPid function. To make the naming conventions
consistent for syscall-like functions, the GetPid syscall wrapper
in sanitizer_posix.cc is moved to sanitizer_mac.cc, and GetPid is
renamed to internal_getpid, bringing the Linux variant into use.
llvm-svn: 182132
Dmitry Vyukov