* The performance is better than the glibc allocator.
* Allocator interface functions, sanitizer allocator options, and
MallocHooks/FreeHooks are supported.
* Shadow memory has specific memory layout requirement. Using libc
allocator could lead to conflicts.
* When we add a mmap interceptor for reliability (the VMA could reuse a
previously released VMA that is poisoned): glibc may invoke an
internal system call to call unmmap, which cannot be intercepted. We
will not be able to return the shadow memory to the OS.
Similar to dfsan https://reviews.llvm.org/D101204 . Also intercept
operator new/delete to be similar to other sanitizers using the
sanitizer allocator. The align_val_t overload of operator new has
slightly less overhead.
Pull Request: https://github.com/llvm/llvm-project/pull/102764
On thread creation, asan/hwasan/msan/tsan unpoison the thread stack and
static TLS blocks in case the blocks reuse previously freed memory that
is possibly poisoned. glibc nptl/allocatestack.c allocates thread stack
using a hidden, non-interceptable function.
nsan is similar: the shadow types for the thread stack and static TLS
blocks should be set to unknown, otherwise if the static TLS blocks
reuse previous shadow memory, and `*p += x` instead of `*p = x` is used
for the first assignment, the mismatching user and shadow memory could
lead to false positives.
NsanThread is also needed by the next patch to use the sanitizer
allocator.
Pull Request: https://github.com/llvm/llvm-project/pull/102718
As previously noted in nsan.cpp we can implement
optimized variants of `__nsan_copy_values` and
`__nsan_set_value_unknown` if a memory operation
size is known.
Now the instrumentation creates calls to optimized functions if there is
4, 8 or 16-byte memory operation like
`memset(X, value, 4/8/16)` or `memcpy(dst, src, 4/8/16)`
nsan.cpp provides definitions of the optimized functions.
Disable core dump creation.
If NSAN_OPTIONS includes abort_on_error=1,
the process may hang as the kernel attempts
to create an excessively large core file.
Fix#98806
Currently NSAN prints reports that are entirely red and the terminal
prompt after the program exits is red too. With this change we make red
only `WARNING` summary and the rest of the report isn't colored.
This behavior is similar to the behavior of other sanitizers.
#94322 defines .preinit_array to initialize nsan early.
DT_PREINIT_ARRAY can only be used with the main executable. GNU ld would
complain when a DSO has .preinit_array. Therefore,
nsan_preinit.cpp cannot be linked into `libclang_rt.nsan.so` (#98415).
Working with @alexander-shaposhnikov, we noticed that `Nsan-x86_64-Test
--gtest_output=json` without `.preinit_array` will sigsegv. This is
because googletest with the JSON output calls `localtime_r` , which
calls `free(0)` and fails when `REAL(free)` remains uninitialized
(nullptr). This is benign with the default output because malloc/free
are all paired and `REAL(free)(ptr)` is not called.
To fix the unittest failure, `__nsan_init` needs to be called early
(.preinit_array).
`asan/tests/CMakeLists.txt:ASAN_UNITTEST_INSTRUMENTED_LINK_FLAGS` ues
`-fsanitize=address` to ensure `asan_preinit.cpp.o` is linked into the
unittest executable. Port the approach and remove
`NSAN_TEST_RUNTIME_OBJECTS`.
Fix#98523
Pull Request: https://github.com/llvm/llvm-project/pull/98564
#94322 defines .preinit_array to initialize nsan early.
DT_PREINIT_ARRAY can only be used with the main executable. GNU ld would
complain when a DSO has .preinit_array .
