Commit graph

140 commits

Author SHA1 Message Date
Török Edvin
c0a306b291 Fix valgrind warning introduced in clamav-0.96.3-6-g6e52ce6.
It reports some possible lost memory in llvm::sys::Timer, since by default
timer is not used add a wrapper so it only constructs Timer as necessary.
2010-09-28 14:22:41 +03:00
Török Edvin
6e52ce67c7 Improve bytecode load time and optimization (bb #2278).
Avoid quadratic load times: run module passes at the end, and run
rtcheck inserter at the end also.

Also optimize away some simple situations that the compiler couldn't,
like result of __is_bigendian() which is a constant at load time (but not at
compile time).
If we would have run LLVM's -O1 optimizers these would have been
optimized already, but we don't do that for 2 reasons:
 - optimizations may introduce new bugs
 - may take a bit longer time
Just run some simple transforms, and some custom optimizations for the bigendian
case.
2010-09-21 20:24:06 +03:00
Török Edvin
3eef86ee9f Workaround crash due to gcc stack alignment requirements (bb #2270).
GCC (4.4 at least) requires and creates functions with 16-byte stack alignment
on 32-bit Linux too.
If they happen to use SSE instructions they will crash if incoming stack
alignment is not 16-byte.

LLVM claims that 4-byte stack alignment is the standard, and it only aligns to
4-byte, hence the crash. Apparently older versions of GCC/glibc would crash
if it set alignment to 16-byte.

But since the oldest GCC we support is 4.1.2, and disable LLVM on anything older
just set stack alignment to 16-byte for all functions. LLVM will realign stack
as needed. To be safe turn this on only on Linux.

This should really be fixed by either GCC or LLVM, but until that happens (see
LLVM PR8152) lets use this workaround.
2010-09-15 13:19:48 +03:00
Török Edvin
cb1260cc8e Fix __bzero on darwin 10.
LLVM calls __bzero directly which is not allowed by libclamav.
Provide wrapper.
2010-09-10 18:03:11 +03:00
Török Edvin
71ca3536c4 Fix hung clamd on FreeBSD (bb #2235).
bytecode selfcheck running under JIT ran too early, and spawned a thread.
Then clamd forked. threads + fork = bad idea.
So prevent the thread from being spawned in selfcheck mode.
So at the time of fork clamd will still be single threaded as in 0.96.1.
2010-09-02 21:24:20 +03:00
Török Edvin
f1d071c8ed Avoid false 'Verification error' messages (bb #2239).
The fix for bb #1924 already fixed most of these, by using the stackprotectreq
attribute to determine if a function was already verified, not to verify it
twice.
However very simple bytecodes don't get that attribute applied. Fix this by
always applying the stackprotect attribute, and checking for that attribute
instead of stackprotectreq.
2010-09-01 10:04:36 +03:00
Török Edvin
c85060ff79 Move environment detection code to bytecode_detect.c.
This is in preparation for bug #2078, so that the bytecodes can turn themselves off
based on more than just the arch itself.
2010-07-29 13:48:13 +03:00
Török Edvin
8977ed61fe Update paxctl message to 'paxctl -cm' (bb #2092). 2010-07-26 13:19:08 +03:00
Török Edvin
a5a19f4518 bytecode: PaX and selfcheck.
Detect PaX and fallback to intepreter if needed (bb #2092).
Recent PaX versions deny the RWX mapping, but older versions silently change it
to RW, which causes the program to die as soon as it tries to execute JITed
code.

Add selfcheck on startup (bb #2092).
This will run a very simple bytecode on startup in both JIT and interpreter
mode. The bytecode only calls 1 libclamav API and returns.
2010-07-22 22:34:07 +03:00
Török Edvin
fa0a9143bb Fix types for store/copy instructions. 2010-05-13 19:51:27 +03:00
Török Edvin
daad92ace3 Relax bounds checks. It was rejecting correct code.
Bounds checks were too strict, causing the bytecode to abort when it shouldn't.
This happened when trying to access the last byte of an array, the verifier
was too conservative and considered to be out of bounds, when in fact it wasn't.

This is an update of the runtime verifier from the bytecode compiler.
2010-05-13 12:41:59 +03:00
Török Edvin
7a7365efe9 0.96.1 new APIs (cli_map etc.) 2010-05-12 23:51:20 +03:00
Török Edvin
b0a5ddb3a5 Fix memcmp and memmove.
Due to a bug src and dest were always the same, so they were never working in
JIT mode.
2010-05-12 23:51:20 +03:00
Török Edvin
2a7f1cdaf5 Print C++ compiler version.
This requires exporting a function from libclamav, since clamconf is not C++...
2010-04-19 18:35:30 +03:00
Török Edvin
e4a0f2c94f fix compiler warnings (bb #1872, bb #1934, bb #1935) 2010-04-13 16:19:47 +03:00
Török Edvin
f121d43df8 Workaround LLVM JIT PowerPC relocation bug (bb #1921).
Based on Gary Benson's workaround for OpenJDK Shark / IcedTea.
2010-04-02 13:13:23 +03:00
Török Edvin
556eaf0442 Update ClamBCRTChecks.cpp from bytecode compiler:
Check bounds of each pointer passed to/from APIcalls,
forbid recursion.
2010-03-30 23:23:41 +03:00
Török Edvin
b2de4fd85f Minor optimization in JIT loader. 2010-03-30 11:07:05 +03:00
Török Edvin
cbec3f2446 Update SELinux message. 2010-03-30 00:34:49 +03:00
Török Edvin
44e134312c More fixes for pdf.cbc. 2010-03-30 00:04:38 +03:00
Török Edvin
c506c2c555 Fallback to interpreter mode when SELinux denies 'execmem' access. (bb #1901).
This also fixes a crash when run under SELinux: MemoryBlock() needs to
initialize its field to 0!
2010-03-28 13:52:29 +03:00
Török Edvin
11cee1b7de Disable JITDebugRegisterer, and fix unit_tests rule. 2010-03-24 17:22:34 +02:00
Török Edvin
6ea339aeab Fix bswap. 2010-03-24 15:27:15 +02:00
Török Edvin
bdd9aeaeeb Use a watchdog thread. Also make timeout be ms instead of us. 2010-03-23 16:33:41 +02:00
Török Edvin
99536a178c Insert timeout checks directly into the JITed code.
pthread_cancel is broken on Mac OS X (it only works if the thread
you want to kill calls pthread_testcancel, which is never the situation
when you need async cancelation).
Anyway async cancelation is risky, it may leave bc_ctx in an inconsistent state.
So rather than doing using pthread_cancel (or pthread_kill+siglongjmp)
just insert the timeout checks into the JITed code directly.

These are inserted in each loop, if the loop's tripcount is unknown, or
higher than a threshold. They are also inserted after a certain amount
of APIcalls are made (even in absence of loops).
Note that 'loop' in this sense is not LLVM's notion of a natural loop,
it is simply a BB which is reachable both directly and via a backedge.

For example this doesn't contain natural loops but contains backedges (and a
potential infinite loop):
int foo(int a)
{
    int x=4;
    if (a == 42)
        goto head2;
head:
    x++;
head2:
    if (a >= 2) {
        x += 3;
        goto head;
    } else if (a >= 0) {
        x += 9;
        goto head;
    }
    return x;
}
2010-03-23 15:54:41 +02:00
Török Edvin
b63681a52b Introduce BytecodeTimeout. 2010-03-22 17:16:07 +02:00
Török Edvin
884a0b8f8d Support for timeouts. 2010-03-22 16:57:27 +02:00
Török Edvin
84edf09bba Fix clambc -p. 2010-03-22 14:58:51 +02:00
Török Edvin
e2752b2cc8 Fix valgrind warning. 2010-03-22 13:05:20 +02:00
Török Edvin
52d0d8bc7e More fixes for global vars in the interpreter. 2010-03-22 11:18:28 +02:00
Török Edvin
09667cdd3b Print size and location of JITed code. 2010-03-22 11:18:28 +02:00
Török Edvin
6ad39a4099 zlib/buffer apis. 2010-03-22 11:18:28 +02:00
Török Edvin
75e18b29c2 minimalistic zlib api. 2010-03-22 11:18:28 +02:00
Török Edvin
b56bea54d3 New API for buffer fill. 2010-03-22 11:18:28 +02:00
Török Edvin
aa745db74d Add clamscan commandline to load bytecode in debug mode. 2010-03-12 13:13:08 +02:00
Török Edvin
f60c59a471 bb #1800. 2010-03-10 11:44:55 +02:00
Török Edvin
04d11afedb Update to new LLVM API.
ModuleProvider is gone!
2010-02-15 18:48:35 +02:00
Török Edvin
6eeadbfeda dconf for bytecode. 2010-02-15 17:32:41 +02:00
Török Edvin
1e30496d2a runtime checks verifier. 2010-02-15 17:32:41 +02:00
Török Edvin
236fb13647 New pointer handling rules. 2010-02-15 17:32:40 +02:00
Török Edvin
847d7fc1b8 2009->2010 2010-02-02 14:03:32 +02:00
Török Edvin
57bbb2eb14 Fix loading of multiple .cbc files.
Common function prototypes must be added only once per Module, otherwise LLVM autorenames
them, and we get llvm.bswap.i326 instead of llvm.bswap.i32, which is of course
not valid and the verifier rejects.
2010-02-02 14:01:38 +02:00
Török Edvin
bcb354a654 _GLIBCXX_PARALLEL is not supported: it creates threads before we fork() causing
deadlock.
2010-01-27 14:42:40 +02:00
Török Edvin
a7b7a64833 fix compiler warning. 2010-01-26 14:25:54 +02:00
Török Edvin
ee6ab4f8d3 Support building w/o atomic builtins for i386 (bb #1781).
Wrap all LLVM API calls with a single mutex when LLVM doesn't have multithreaded
mode.
Also fallback to interpreter mode on i386 and i486.
2010-01-26 12:44:49 +02:00
Török Edvin
be43f951c6 BytecodeSecurity setting. 2010-01-22 16:50:35 +02:00
Török Edvin
4395bb9acf bytecode ptrdiff32 opcode. 2010-01-21 16:49:22 +02:00
Török Edvin
2d45ef0616 Support for malloc in bytecode. Fix crash with mismatched api/flevel versions. 2010-01-20 20:04:01 +02:00
Török Edvin
8997b14725 bswap. 2009-12-30 15:08:35 +02:00
Török Edvin
b3571ea9ae Fix __*di3 libcalls on x86-32.
On 32-bit targets LLVM emits libcalls for 64-bit operations.
Make sure these libcalls actually map to our own functions, and not to 0.
Also reject any other libcall we don't know about instead of mapping to 0 and crashing.
2009-12-30 12:15:26 +02:00