AAndrew Browne[DFSan] Remove deprecated flag from build-libc-list.py
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
[DFSan] Remove deprecated flag from build-libc-list.py Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D126429 | 3 年前 | |
Revert "sanitizers: increase .clang-format columns to 100" This reverts commit 5d1df6d220f1d6f726d9643848679d781750db64. There is a strong objection to this change: https://reviews.llvm.org/D106436#2905618 Reviewed By: dblaikie Differential Revision: https://reviews.llvm.org/D106847 | 4 年前 | |
sanitizer_common: enable format string checking Enable -Wformat in sanitizer_common now that it's cleaned up from existing warnings. But disable it in all sanitizers for now since they are not cleaned up yet, but inherit sanitizer_common CFLAGS. Depends on D107980. Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D107981 | 4 年前 | |
[DFSan] Print an error before calling null extern_weak functions, incase dfsan instrumentation optimized out a null check. Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D124051 | 4 年前 | |
[DFSan] Remove trampolines to unblock opaque pointers. (Reland with fix) https://github.com/llvm/llvm-project/issues/54172 Reviewed By: pcc Differential Revision: https://reviews.llvm.org/D121250 | 4 年前 | |
[dfsan] Propagate origins for callsites This is a part of https://reviews.llvm.org/D95835. Each customized function has two wrappers. The first one dfsw is for the normal shadow propagation. The second one dfso is used when origin tracking is on. It calls the first one, and does additional origin propagation. Which one to use can be decided at instrumentation time. This is to ensure minimal additional overhead when origin tracking is off. Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D97483 | 5 年前 | |
[sanitizer] Support IsRssLimitExceeded in all sanitizers Reviewed By: kstoimenov Differential Revision: https://reviews.llvm.org/D115000 | 4 年前 | |
[dfsan] Add a DFSan allocator This is a part of https://reviews.llvm.org/D101204 Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D101666 | 5 年前 | |
[dfsan] Add origin chain utils This is a part of https://reviews.llvm.org/D95835. The design is based on MSan origin chains. An 4-byte origin is a hash of an origin chain. An origin chain is a pair of a stack hash id and a hash to its previous origin chain. 0 means no previous origin chains exist. We limit the length of a chain to be 16. With origin_history_size = 0, the limit is removed. The change does not have any test cases yet. The following change will be adding test cases when the APIs are used. Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D96160 | 5 年前 | |
[dfsan] Add origin chain utils This is a part of https://reviews.llvm.org/D95835. The design is based on MSan origin chains. An 4-byte origin is a hash of an origin chain. An origin chain is a pair of a stack hash id and a hash to its previous origin chain. 0 means no previous origin chains exist. We limit the length of a chain to be 16. With origin_history_size = 0, the limit is removed. The change does not have any test cases yet. The following change will be adding test cases when the APIs are used. Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D96160 | 5 年前 | |
[DFSan] Remove trampolines to unblock opaque pointers. (Reland with fix) https://github.com/llvm/llvm-project/issues/54172 Reviewed By: pcc Differential Revision: https://reviews.llvm.org/D121250 | 4 年前 | |
[dfsan] Add origin chain utils This is a part of https://reviews.llvm.org/D95835. The design is based on MSan origin chains. An 4-byte origin is a hash of an origin chain. An origin chain is a pair of a stack hash id and a hash to its previous origin chain. 0 means no previous origin chains exist. We limit the length of a chain to be 16. With origin_history_size = 0, the limit is removed. The change does not have any test cases yet. The following change will be adding test cases when the APIs are used. Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D96160 | 5 年前 | |
[dfsan] Make warn_unimplemented off by default Because almost all internal use cases need to turn warn_unimplemented off. | 4 年前 | |
[sanitizer] Switch dlsym hack to internal_allocator Since glibc 2.34, dlsym does 1. malloc 1 2. malloc 2 3. free pointer from malloc 1 4. free pointer from malloc 2 These sequence was not handled by trivial dlsym hack. This fixes https://bugs.llvm.org/show_bug.cgi?id=52278 Reviewed By: eugenis, morehouse Differential Revision: https://reviews.llvm.org/D112588 | 4 年前 | |
[dfsan] Use the sanitizer allocator to reduce memory cost dfsan does not use sanitizer allocator as others. In practice, we let it use glibc's allocator since tcmalloc needs more work to be working with dfsan well. With glibc, we observe large memory leakage. This could relate to two things: 1) glibc allocator has limitation: for example, tcmalloc can reduce memory footprint 2x easily 2) glibc may call unmmap directly as an internal system call by using system call number. so DFSan has no way to release shadow spaces for those unmmap. Using sanitizer allocator addresses the above issues 1) its memory management is close to tcmalloc 2) we can register callback when sanitizer allocator calls unmmap, so dfsan can release shadow spaces correctly. Our experiment with internal server-based application proved that with the change, in a-few-day run, memory usage leakage is close to what tcmalloc does w/o dfsan. This change mainly follows MSan's code. 1) define allocator callbacks at dfsan_allocator.h|cpp 2) mark allocator APIs to be discard 3) intercept allocator APIs 4) make dfsan_set_label consistent with MSan's SetShadow when setting 0 labels, define dfsan_release_meta_memory when unmap is called 5) add flags about whether zeroing memory after malloc/free. dfsan works at byte-level, so bit-level oparations can cause reading undefined shadow. See D96842. zeroing memory after malloc helps this. About zeroing after free, reading after free is definitely UB, but if user code does so, it is hard to debug an overtainting caused by this w/o running MSan. So we add the flag to help debugging. This change will be split to small changes for review. Before that, a question is "this code shares a lot of with MSan, for example, dfsan_allocator.* and dfsan_new_delete.*. Does it make sense to unify the code at sanitizer_common? will that introduce some maintenance issue?" Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D101204 | 4 年前 | |
[dfsan] Add origin chain utils This is a part of https://reviews.llvm.org/D95835. The design is based on MSan origin chains. An 4-byte origin is a hash of an origin chain. An origin chain is a pair of a stack hash id and a hash to its previous origin chain. 0 means no previous origin chains exist. We limit the length of a chain to be 16. With origin_history_size = 0, the limit is removed. The change does not have any test cases yet. The following change will be adding test cases when the APIs are used. Reviewed-by: morehouse Differential Revision: https://reviews.llvm.org/D96160 | 5 年前 | |
[DFSan] Change shadow and origin memory layouts to match MSan. Previously on x86_64: +--------------------+ 0x800000000000 (top of memory) | application memory | +--------------------+ 0x700000008000 (kAppAddr) | | | unused | | | +--------------------+ 0x300000000000 (kUnusedAddr) | origin | +--------------------+ 0x200000008000 (kOriginAddr) | unused | +--------------------+ 0x200000000000 | shadow memory | +--------------------+ 0x100000008000 (kShadowAddr) | unused | +--------------------+ 0x000000010000 | reserved by kernel | +--------------------+ 0x000000000000 MEM_TO_SHADOW(mem) = mem & ~0x600000000000 SHADOW_TO_ORIGIN(shadow) = kOriginAddr - kShadowAddr + shadow Now for x86_64: +--------------------+ 0x800000000000 (top of memory) | application 3 | +--------------------+ 0x700000000000 | invalid | +--------------------+ 0x610000000000 | origin 1 | +--------------------+ 0x600000000000 | application 2 | +--------------------+ 0x510000000000 | shadow 1 | +--------------------+ 0x500000000000 | invalid | +--------------------+ 0x400000000000 | origin 3 | +--------------------+ 0x300000000000 | shadow 3 | +--------------------+ 0x200000000000 | origin 2 | +--------------------+ 0x110000000000 | invalid | +--------------------+ 0x100000000000 | shadow 2 | +--------------------+ 0x010000000000 | application 1 | +--------------------+ 0x000000000000 MEM_TO_SHADOW(mem) = mem ^ 0x500000000000 SHADOW_TO_ORIGIN(shadow) = shadow + 0x100000000000 Reviewed By: stephan.yichao.zhao, gbalats Differential Revision: https://reviews.llvm.org/D104896 | 4 年前 | |
[DFSan] Remove trampolines to unblock opaque pointers. (Reland with fix) https://github.com/llvm/llvm-project/issues/54172 Reviewed By: pcc Differential Revision: https://reviews.llvm.org/D121250 | 4 年前 | |
[DFSan] Remove trampolines to unblock opaque pointers. (Reland with fix) https://github.com/llvm/llvm-project/issues/54172 Reviewed By: pcc Differential Revision: https://reviews.llvm.org/D121250 | 4 年前 | |
[DFSan] Add option for conditional callbacks. This allows DFSan to find tainted values used to control program behavior. Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D116207 | 4 年前 | |
[DFSan] Add wrapper for getentropy(). Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D108604 | 4 年前 |