Index: gcc/passes.c =================================================================== --- gcc/passes.c (revision 193482) +++ gcc/passes.c (working copy) @@ -1457,6 +1457,7 @@ init_optimization_passes (void) NEXT_PASS (pass_pre); NEXT_PASS (pass_sink_code); NEXT_PASS (pass_asan); + NEXT_PASS (pass_tsan); NEXT_PASS (pass_tree_loop); { struct opt_pass **p = &pass_tree_loop.pass.sub; @@ -1563,6 +1564,7 @@ init_optimization_passes (void) } NEXT_PASS (pass_lower_complex_O0); NEXT_PASS (pass_asan_O0); + NEXT_PASS (pass_tsan_O0); NEXT_PASS (pass_cleanup_eh); NEXT_PASS (pass_lower_resx); NEXT_PASS (pass_nrv); Index: gcc/doc/invoke.texi =================================================================== --- gcc/doc/invoke.texi (revision 193490) +++ gcc/doc/invoke.texi (working copy) @@ -289,7 +289,8 @@ Objective-C and Objective-C++ Dialects}. @item Debugging Options @xref{Debugging Options,,Options for Debugging Your Program or GCC}. @gccoptlist{-d@var{letters} -dumpspecs -dumpmachine -dumpversion @gol --faddress-sanitizer -fdbg-cnt-list -fdbg-cnt=@var{counter-value-list} @gol +-fsanitize=@var{style} @gol +-fdbg-cnt-list -fdbg-cnt=@var{counter-value-list} @gol -fdisable-ipa-@var{pass_name} @gol -fdisable-rtl-@var{pass_name} @gol -fdisable-rtl-@var{pass-name}=@var{range-list} @gol @@ -309,6 +310,7 @@ Objective-C and Objective-C++ Dialects}. -fdump-tree-ssa@r{[}-@var{n}@r{]} -fdump-tree-pre@r{[}-@var{n}@r{]} @gol -fdump-tree-ccp@r{[}-@var{n}@r{]} -fdump-tree-dce@r{[}-@var{n}@r{]} @gol -fdump-tree-gimple@r{[}-raw@r{]} -fdump-tree-mudflap@r{[}-@var{n}@r{]} @gol +-fdump-tree-tsan@r{[}-@var{n}@r{]} @gol -fdump-tree-dom@r{[}-@var{n}@r{]} @gol -fdump-tree-dse@r{[}-@var{n}@r{]} @gol -fdump-tree-phiprop@r{[}-@var{n}@r{]} @gol @@ -382,8 +384,8 @@ Objective-C and Objective-C++ Dialects}. -floop-parallelize-all -flto -flto-compression-level @gol -flto-partition=@var{alg} -flto-report -fmerge-all-constants @gol -fmerge-constants -fmodulo-sched -fmodulo-sched-allow-regmoves @gol --fmove-loop-invariants fmudflap -fmudflapir -fmudflapth -fno-branch-count-reg @gol --fno-default-inline @gol +-fmove-loop-invariants -fmudflap -fmudflapir -fmudflapth -fno-branch-count-reg @gol +-fthread-sanitizer-ignore -fno-default-inline @gol -fno-defer-pop -fno-function-cse -fno-guess-branch-probability @gol -fno-inline -fno-math-errno -fno-peephole -fno-peephole2 @gol -fno-sched-interblock -fno-sched-spec -fno-signed-zeros @gol @@ -5983,6 +5985,11 @@ appending @file{.dce} to the source file Dump each function after adding mudflap instrumentation. The file name is made by appending @file{.mudflap} to the source file name. +@item tsan +@opindex fdump-tree-tsan +Dump each function after adding ThreadSanitizer instrumentation. The file name is +made by appending @file{.tsan} to the source file name. + @item sra @opindex fdump-tree-sra Dump each function after performing scalar replacement of aggregates. The @@ -6849,11 +6856,14 @@ assumptions based on that. The default is @option{-fzero-initialized-in-bss}. -@item -faddress-sanitizer -Enable AddressSanitizer, a fast memory error detector. -Memory access instructions will be instrumented to detect -out-of-bounds and use-after-free bugs. So far only heap bugs will be detected. -See @uref{http://code.google.com/p/address-sanitizer/} for more details. +@item -fsanitize=[address|thread] +Enable AddressSanitizer or ThreadSanitizer. AddressSanitizer is a fast +memory error detector. Memory access instructions will be instrumented +to detect out-of-bounds, use-after-free, stack overflow and global +overflow bugs. ThreadSanitizer is a fast data race detector. +See @uref{http://code.google.com/p/address-sanitizer/} and +@uref{http://code.google.com/p/data-race-test/wiki/ThreadSanitizer} +for more details. @item -fmudflap -fmudflapth -fmudflapir @opindex fmudflap @@ -6881,6 +6891,11 @@ instrumentation (and therefore faster ex some protection against outright memory corrupting writes, but allows erroneously read data to propagate within a program. +@item -fthread-sanitizer-ignore +@opindex fthread-sanitizer-ignore +Add ThreadSanitizer instrumentation. Use @option{-fthread-sanitizer-ignore} to specify +an ignore file. Refer to http://go/tsan for details. + @item -fthread-jumps @opindex fthread-jumps Perform optimizations that check to see if a jump branches to a Index: gcc/tsan.c =================================================================== --- gcc/tsan.c (revision 0) +++ gcc/tsan.c (revision 0) @@ -0,0 +1,406 @@ +/* GCC instrumentation plugin for ThreadSanitizer. + Copyright (C) 2011, 2012 Free Software Foundation, Inc. + Contributed by Dmitry Vyukov + +This file is part of GCC. + +GCC is free software; you can redistribute it and/or modify it under +the terms of the GNU General Public License as published by the Free +Software Foundation; either version 3, or (at your option) any later +version. + +GCC is distributed in the hope that it will be useful, but WITHOUT ANY +WARRANTY; without even the implied warranty of MERCHANTABILITY or +FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +for more details. + +You should have received a copy of the GNU General Public License +along with GCC; see the file COPYING3. If not see +. */ + + +#include "config.h" +#include "system.h" +#include "coretypes.h" +#include "tree.h" +#include "intl.h" +#include "tm.h" +#include "basic-block.h" +#include "gimple.h" +#include "function.h" +#include "tree-flow.h" +#include "tree-pass.h" +#include "tree-iterator.h" +#include "langhooks.h" +#include "output.h" +#include "options.h" +#include "target.h" +#include "cgraph.h" +#include "diagnostic.h" + +/* Number of instrumented memory accesses in the current function. */ + +/* Builds the following decl + void __tsan_read/writeX (void *addr); */ + +static tree +get_memory_access_decl (bool is_write, unsigned size) +{ + enum built_in_function fcode; + + if (size <= 1) + fcode = is_write ? BUILT_IN_TSAN_WRITE_1 + : BUILT_IN_TSAN_READ_1; + else if (size <= 3) + fcode = is_write ? BUILT_IN_TSAN_WRITE_2 + : BUILT_IN_TSAN_READ_2; + else if (size <= 7) + fcode = is_write ? BUILT_IN_TSAN_WRITE_4 + : BUILT_IN_TSAN_READ_4; + else if (size <= 15) + fcode = is_write ? BUILT_IN_TSAN_WRITE_8 + : BUILT_IN_TSAN_READ_8; + else + fcode = is_write ? BUILT_IN_TSAN_WRITE_16 + : BUILT_IN_TSAN_READ_16; + + return builtin_decl_implicit (fcode); +} + +/* Check as to whether EXPR refers to a store to vptr. */ + +static tree +is_vptr_store (gimple stmt, tree expr, bool is_write) +{ + if (is_write == true + && gimple_assign_single_p (stmt) + && TREE_CODE (expr) == COMPONENT_REF) + { + tree field = TREE_OPERAND (expr, 1); + if (TREE_CODE (field) == FIELD_DECL + && DECL_VIRTUAL_P (field)) + return gimple_assign_rhs1 (stmt); + } + return NULL; +} + +/* Checks as to whether EXPR refers to constant var/field/param. + Don't bother to instrument them. */ + +static bool +is_load_of_const_p (tree expr, bool is_write) +{ + if (is_write) + return false; + if (TREE_CODE (expr) == COMPONENT_REF) + expr = TREE_OPERAND (expr, 1); + if (TREE_CODE (expr) == VAR_DECL + || TREE_CODE (expr) == PARM_DECL + || TREE_CODE (expr) == FIELD_DECL) + { + if (TREE_READONLY (expr)) + return true; + } + return false; +} + +/* Instruments EXPR if needed. If any instrumentation is inserted, + * return true. */ + +static bool +instrument_expr (gimple_stmt_iterator gsi, tree expr, bool is_write) +{ + enum tree_code tcode; + tree base, rhs, expr_type, expr_ptr, builtin_decl; + basic_block bb; + HOST_WIDE_INT size; + gimple stmt, g; + location_t loc; + + base = get_base_address (expr); + if (base == NULL_TREE + || TREE_CODE (base) == SSA_NAME + || TREE_CODE (base) == STRING_CST) + return false; + + tcode = TREE_CODE (expr); + + /* Below are things we do not instrument + (no possibility of races or not implemented yet). */ + if (/* Compiler-emitted artificial variables. */ + (DECL_P (expr) && DECL_ARTIFICIAL (expr)) + /* The var does not live in memory -> no possibility of races. */ + || (tcode == VAR_DECL + && !TREE_ADDRESSABLE (expr) + && TREE_STATIC (expr) == 0) + /* Not implemented. */ + || TREE_CODE (TREE_TYPE (expr)) == RECORD_TYPE + /* Not implemented. */ + || tcode == CONSTRUCTOR + /* Not implemented. */ + || tcode == PARM_DECL + /* Load of a const variable/parameter/field. */ + || is_load_of_const_p (expr, is_write)) + return false; + + size = int_size_in_bytes (TREE_TYPE (expr)); + if (size == -1) + return false; + + /* For now just avoid instrumenting bit field acceses. + TODO: handle bit-fields as if touching the whole field. */ + HOST_WIDE_INT bitsize, bitpos; + tree offset; + enum machine_mode mode; + int volatilep = 0, unsignedp = 0; + get_inner_reference (expr, &bitsize, &bitpos, &offset, + &mode, &unsignedp, &volatilep, false); + if (bitpos % (size * BITS_PER_UNIT) + || bitsize != size * BITS_PER_UNIT) + return false; + + /* TODO: handle other cases + (FIELD_DECL, ARRAY_RANGE_REF, TARGET_MEM_REF, ADDR_EXPR). */ + if (tcode != ARRAY_REF + && tcode != VAR_DECL + && tcode != COMPONENT_REF + && tcode != INDIRECT_REF + && tcode != MEM_REF) + return false; + + stmt = gsi_stmt (gsi); + loc = gimple_location (stmt); + rhs = is_vptr_store (stmt, expr, is_write); + gcc_checking_assert (rhs != NULL || is_gimple_addressable (expr)); + expr_ptr = build_fold_addr_expr (unshare_expr (expr)); + if (rhs == NULL) + { + expr_type = TREE_TYPE (expr); + while (TREE_CODE (expr_type) == ARRAY_TYPE) + expr_type = TREE_TYPE (expr_type); + size = int_size_in_bytes (expr_type); + g = gimple_build_call (get_memory_access_decl (is_write, size), + 1, expr_ptr); + } + else + { + builtin_decl = builtin_decl_implicit (BUILT_IN_TSAN_VPTR_UPDATE); + g = gimple_build_call (builtin_decl, 1, expr_ptr); + } + gimple_set_location (g, loc); + /* Instrumentation for assignment of a function result + must be inserted after the call. Instrumentation for + reads of function arguments must be inserted before the call. + That's because the call can contain synchronization. */ + if (is_gimple_call (stmt) && is_write) + { + /* If the call can throw, it must be the last stmt in + a basic block, so the instrumented stmts need to be + inserted in successor bbs. */ + if (is_ctrl_altering_stmt (stmt)) + { + edge e; + + bb = gsi_bb (gsi); + e = find_fallthru_edge (bb->succs); + if (e) + gsi_insert_seq_on_edge_immediate (e, g); + } + else + gsi_insert_after (&gsi, g, GSI_NEW_STMT); + } + else + gsi_insert_before (&gsi, g, GSI_SAME_STMT); + + return true; +} + +/* Instruments the gimple pointed to by GSI. Return + * true if func entry/exit should be instrumented. */ + +static bool +instrument_gimple (gimple_stmt_iterator gsi) +{ + gimple stmt; + tree rhs, lhs; + bool instrumented = false; + + stmt = gsi_stmt (gsi); + if (is_gimple_call (stmt) + && (gimple_call_fndecl (stmt) + != builtin_decl_implicit (BUILT_IN_TSAN_INIT))) + return true; + else if (is_gimple_assign (stmt)) + { + if (gimple_store_p (stmt)) + { + lhs = gimple_assign_lhs (stmt); + instrumented = instrument_expr (gsi, lhs, true); + } + if (gimple_assign_load_p (stmt)) + { + rhs = gimple_assign_rhs1 (stmt); + instrumented = instrument_expr (gsi, rhs, false); + } + } + return instrumented; +} + +/* Instruments all interesting memory accesses in the current function. + * Return true if func entry/exit should be instrumented. */ + +static bool +instrument_memory_accesses (void) +{ + basic_block bb; + gimple_stmt_iterator gsi; + bool fentry_exit_instrument = false; + + FOR_EACH_BB (bb) + for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi)) + fentry_exit_instrument |= instrument_gimple (gsi); + return fentry_exit_instrument; +} + +/* Instruments function entry. */ + +static void +instrument_func_entry (void) +{ + basic_block succ_bb; + gimple_stmt_iterator gsi; + tree ret_addr, builtin_decl; + gimple g; + + succ_bb = single_succ (ENTRY_BLOCK_PTR); + gsi = gsi_after_labels (succ_bb); + + builtin_decl = builtin_decl_implicit (BUILT_IN_RETURN_ADDRESS); + g = gimple_build_call (builtin_decl, 1, integer_zero_node); + ret_addr = make_ssa_name (ptr_type_node, NULL); + gimple_call_set_lhs (g, ret_addr); + gimple_set_location (g, cfun->function_start_locus); + gsi_insert_before (&gsi, g, GSI_SAME_STMT); + + builtin_decl = builtin_decl_implicit (BUILT_IN_TSAN_FUNC_ENTRY); + g = gimple_build_call (builtin_decl, 1, ret_addr); + gimple_set_location (g, cfun->function_start_locus); + gsi_insert_before (&gsi, g, GSI_SAME_STMT); +} + +/* Instruments function exits. */ + +static void +instrument_func_exit (void) +{ + location_t loc; + basic_block exit_bb; + gimple_stmt_iterator gsi; + gimple stmt, g; + tree builtin_decl; + edge e; + edge_iterator ei; + + /* Find all function exits. */ + exit_bb = EXIT_BLOCK_PTR; + FOR_EACH_EDGE (e, ei, exit_bb->preds) + { + gsi = gsi_last_bb (e->src); + stmt = gsi_stmt (gsi); + gcc_assert (gimple_code (stmt) == GIMPLE_RETURN); + loc = gimple_location (stmt); + builtin_decl = builtin_decl_implicit (BUILT_IN_TSAN_FUNC_EXIT); + g = gimple_build_call (builtin_decl, 0); + gimple_set_location (g, loc); + gsi_insert_before (&gsi, g, GSI_SAME_STMT); + } +} + +/* ThreadSanitizer instrumentation pass. */ + +static unsigned +tsan_pass (void) +{ + if (instrument_memory_accesses ()) + { + instrument_func_entry (); + instrument_func_exit (); + } + return 0; +} + +/* The pass's gate. */ + +static bool +tsan_gate (void) +{ + return flag_sanitize == SANITIZE_THREAD + && builtin_decl_implicit_p (BUILT_IN_TSAN_INIT); +} + +/* Inserts __tsan_init () into the list of CTORs. */ + +void +tsan_finish_file (void) +{ + tree ctor_statements; + tree init_decl; + + ctor_statements = NULL_TREE; + init_decl = builtin_decl_implicit (BUILT_IN_TSAN_INIT); + append_to_statement_list (build_call_expr (init_decl, 0), + &ctor_statements); + cgraph_build_static_cdtor ('I', ctor_statements, + MAX_RESERVED_INIT_PRIORITY - 1); +} + +/* The pass descriptor. */ + +struct gimple_opt_pass pass_tsan = +{ + { + GIMPLE_PASS, + "tsan", /* name */ + OPTGROUP_NONE, /* optinfo_flags */ + tsan_gate, /* gate */ + tsan_pass, /* execute */ + NULL, /* sub */ + NULL, /* next */ + 0, /* static_pass_number */ + TV_NONE, /* tv_id */ + PROP_ssa | PROP_cfg, /* properties_required */ + 0, /* properties_provided */ + 0, /* properties_destroyed */ + 0, /* todo_flags_start */ + TODO_verify_all | TODO_update_ssa + | TODO_update_address_taken /* todo_flags_finish */ + } +}; + +static bool +tsan_gate_O0 (void) +{ + return flag_sanitize == SANITIZE_THREAD && !optimize + && builtin_decl_implicit_p (BUILT_IN_TSAN_INIT); +} + +struct gimple_opt_pass pass_tsan_O0 = +{ + { + GIMPLE_PASS, + "tsan0", /* name */ + OPTGROUP_NONE, /* optinfo_flags */ + tsan_gate_O0, /* gate */ + tsan_pass, /* execute */ + NULL, /* sub */ + NULL, /* next */ + 0, /* static_pass_number */ + TV_NONE, /* tv_id */ + PROP_ssa | PROP_cfg, /* properties_required */ + 0, /* properties_provided */ + 0, /* properties_destroyed */ + 0, /* todo_flags_start */ + TODO_verify_all | TODO_update_ssa + | TODO_update_address_taken /* todo_flags_finish */ + } +}; Index: gcc/tsan.h =================================================================== --- gcc/tsan.h (revision 0) +++ gcc/tsan.h (revision 0) @@ -0,0 +1,26 @@ +/* ThreadSanitizer, a data race detector. + Copyright (C) 2011, 2012 Free Software Foundation, Inc. + Contributed by Dmitry Vyukov + +This file is part of GCC. + +GCC is free software; you can redistribute it and/or modify it under +the terms of the GNU General Public License as published by the Free +Software Foundation; either version 3, or (at your option) any later +version. + +GCC is distributed in the hope that it will be useful, but WITHOUT ANY +WARRANTY; without even the implied warranty of MERCHANTABILITY or +FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +for more details. + +You should have received a copy of the GNU General Public License +along with GCC; see the file COPYING3. If not see +. */ + +#ifndef TREE_TSAN +#define TREE_TSAN + +extern void tsan_finish_file (void); + +#endif /* TREE_TSAN */ Index: gcc/asan.c =================================================================== --- gcc/asan.c (revision 193482) +++ gcc/asan.c (working copy) @@ -1587,7 +1587,7 @@ asan_instrument (void) static bool gate_asan (void) { - return flag_asan != 0; + return flag_sanitize == SANITIZE_ADDRESS; } struct gimple_opt_pass pass_asan = @@ -1614,7 +1614,7 @@ struct gimple_opt_pass pass_asan = static bool gate_asan_O0 (void) { - return flag_asan != 0 && !optimize; + return flag_sanitize == SANITIZE_ADDRESS && !optimize; } struct gimple_opt_pass pass_asan_O0 = Index: gcc/common.opt =================================================================== --- gcc/common.opt (revision 193482) +++ gcc/common.opt (working copy) @@ -837,9 +837,18 @@ fargument-noalias-anything Common Ignore Does nothing. Preserved for backward compatibility. -faddress-sanitizer -Common Report Var(flag_asan) -Enable AddressSanitizer, a memory error detector +fsanitize= +Common Joined RejectNegative Enum(sanitize_type) Var(flag_sanitize) Init(SANITIZE_OFF) +-fsanitize=[address|thread] Specify to run a type of sanitize test + +Enum +Name(sanitize_type) Type(sanitize_type) UnknownError(unknown sanitize type %qs) + +EnumValue +Enum(sanitize_type) String(address) Value(SANITIZE_ADDRESS) + +EnumValue +Enum(sanitize_type) String(thread) Value(SANITIZE_THREAD) fasynchronous-unwind-tables Common Report Var(flag_asynchronous_unwind_tables) Optimization @@ -1510,6 +1519,10 @@ fmove-loop-invariants Common Report Var(flag_move_loop_invariants) Init(1) Optimization Move loop invariant computations out of loops +fthread-sanitizer-ignore= +Common RejectNegative Joined Var(flag_tsan_ignore) +-fthread-sanitizer-ignore=filename ThreadSanitizer ignore file + fdce Common Var(flag_dce) Init(1) Optimization Use the RTL dead code elimination pass Index: gcc/builtins.def =================================================================== --- gcc/builtins.def (revision 193482) +++ gcc/builtins.def (working copy) @@ -149,6 +149,15 @@ along with GCC; see the file COPYING3. DEF_BUILTIN (ENUM, "__builtin_" NAME, BUILT_IN_NORMAL, TYPE, TYPE, \ true, true, true, ATTRS, false, flag_tm) +/* Builtin used by the implementation of libsanitizer. These + functions are mapped to the actual implementation of the + libasan and libtsan library. */ +#undef DEF_SANITIZER_BUILTIN +#define DEF_SANITIZER_BUILTIN(ENUM, NAME, TYPE, ATTRS) \ + DEF_BUILTIN (ENUM, "__builtin_" NAME, BUILT_IN_NORMAL, TYPE, TYPE, \ + true, true, true, ATTRS, true, \ + flag_sanitize == SANITIZE_THREAD) + /* Define an attribute list for math functions that are normally "impure" because some of them may write into global memory for `errno'. If !flag_errno_math they are instead "const". */ @@ -825,3 +834,7 @@ DEF_GCC_BUILTIN (BUILT_IN_LINE, "LINE", /* GTM builtins. */ #include "gtm-builtins.def" + +/* Sanitizer builtins. */ +#include "sanitizer.def" + Index: gcc/toplev.c =================================================================== --- gcc/toplev.c (revision 193482) +++ gcc/toplev.c (working copy) @@ -74,6 +74,7 @@ along with GCC; see the file COPYING3. #include "tree-mudflap.h" #include "asan.h" #include "gimple.h" +#include "tsan.h" #include "tree-ssa-alias.h" #include "plugin.h" @@ -572,9 +573,13 @@ compile_file (void) mudflap_finish_file (); /* File-scope initialization for AddressSanitizer. */ - if (flag_asan) + if (flag_sanitize == SANITIZE_ADDRESS) asan_finish_file (); + /* File-scope initialization for ThreadSanitizer. */ + if (flag_sanitize == SANITIZE_THREAD) + tsan_finish_file (); + output_shared_constant_pool (); output_object_blocks (); finish_tm_clone_pairs (); @@ -1545,12 +1550,12 @@ process_options (void) } /* Address Sanitizer needs porting to each target architecture. */ - if (flag_asan + if (flag_sanitize == SANITIZE_ADDRESS && (targetm.asan_shadow_offset == NULL || !FRAME_GROWS_DOWNWARD)) { - warning (0, "-faddress-sanitizer not supported for this target"); - flag_asan = 0; + warning (0, "-fsanitize=address not supported for this target"); + flag_sanitize = SANITIZE_OFF; } /* Enable -Werror=coverage-mismatch when -Werror and -Wno-error Index: gcc/cfgexpand.c =================================================================== --- gcc/cfgexpand.c (revision 193482) +++ gcc/cfgexpand.c (working copy) @@ -765,7 +765,7 @@ partition_stack_vars (void) sizes, as the shorter vars wouldn't be adequately protected. Don't do that for "large" (unsupported) alignment objects, those aren't protected anyway. */ - if (flag_asan && isize != jsize + if (flag_sanitize == SANITIZE_ADDRESS && isize != jsize && ialign * BITS_PER_UNIT <= MAX_SUPPORTED_STACK_ALIGNMENT) break; @@ -944,7 +944,7 @@ expand_stack_vars (bool (*pred) (size_t) alignb = stack_vars[i].alignb; if (alignb * BITS_PER_UNIT <= MAX_SUPPORTED_STACK_ALIGNMENT) { - if (flag_asan && pred) + if (flag_sanitize == SANITIZE_ADDRESS && pred) { HOST_WIDE_INT prev_offset = frame_offset; tree repr_decl = NULL_TREE; @@ -1116,7 +1116,7 @@ defer_stack_allocation (tree var, bool t /* If stack protection is enabled, *all* stack variables must be deferred, so that we can re-order the strings to the top of the frame. Similarly for Address Sanitizer. */ - if (flag_stack_protect || flag_asan) + if (flag_stack_protect || flag_sanitize == SANITIZE_ADDRESS) return true; /* We handle "large" alignment via dynamic allocation. We want to handle @@ -1698,7 +1698,7 @@ expand_used_vars (void) expand_stack_vars (stack_protect_decl_phase_2, &data); } - if (flag_asan) + if (flag_sanitize == SANITIZE_ADDRESS) /* Phase 3, any partitions that need asan protection in addition to phase 1 and 2. */ expand_stack_vars (asan_decl_phase_3, &data); Index: gcc/sanitizer.def =================================================================== --- gcc/sanitizer.def (revision 0) +++ gcc/sanitizer.def (revision 0) @@ -0,0 +1,28 @@ +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_INIT, "__tsan_init", + BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_FUNC_ENTRY, "__tsan_func_entry", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_FUNC_EXIT, "__tsan_func_exit", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_VPTR_UPDATE, "__tsan_vptr_update", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_READ_1, "__tsan_read1", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_READ_2, "__tsan_read2", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_READ_4, "__tsan_read4", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_READ_8, "__tsan_read8", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_READ_16, "__tsan_read16", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_WRITE_1, "__tsan_write1", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_WRITE_2, "__tsan_write2", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_WRITE_4, "__tsan_write4", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_WRITE_8, "__tsan_write8", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) +DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_WRITE_16, "__tsan_write16", + BT_FN_VOID_PTR, ATTR_NOTHROW_LEAF_LIST) Index: gcc/flag-types.h =================================================================== --- gcc/flag-types.h (revision 193482) +++ gcc/flag-types.h (working copy) @@ -200,4 +200,11 @@ enum fp_contract_mode { FP_CONTRACT_FAST = 2 }; +/* Sanitize mode */ +enum sanitize_type { + SANITIZE_OFF, + SANITIZE_ADDRESS, + SANITIZE_THREAD +}; + #endif /* ! GCC_FLAG_TYPES_H */ Index: gcc/Makefile.in =================================================================== --- gcc/Makefile.in (revision 193482) +++ gcc/Makefile.in (working copy) @@ -848,7 +848,7 @@ RTL_ERROR_H = rtl-error.h $(RTL_H) $(DIA READ_MD_H = $(OBSTACK_H) $(HASHTAB_H) read-md.h PARAMS_H = params.h params.def BUILTINS_DEF = builtins.def sync-builtins.def omp-builtins.def \ - gtm-builtins.def + gtm-builtins.def sanitizer.def INTERNAL_FN_DEF = internal-fn.def INTERNAL_FN_H = internal-fn.h $(INTERNAL_FN_DEF) TREE_H = coretypes.h tree.h all-tree.def tree.def c-family/c-common.def \ @@ -1350,6 +1350,7 @@ OBJS = \ trans-mem.o \ tree-affine.o \ asan.o \ + tsan.o \ tree-call-cdce.o \ tree-cfg.o \ tree-cfgcleanup.o \ @@ -2212,6 +2213,12 @@ asan.o : asan.c asan.h $(CONFIG_H) $(SYS output.h coretypes.h $(GIMPLE_PRETTY_PRINT_H) \ tree-iterator.h $(TREE_FLOW_H) $(TREE_PASS_H) \ $(TARGET_H) $(EXPR_H) $(OPTABS_H) $(TM_P_H) +tsan.o : $(CONFIG_H) $(SYSTEM_H) $(TREE_H) $(TREE_INLINE_H) \ + $(GIMPLE_H) $(DIAGNOSTIC_H) langhooks.h \ + $(TM_H) coretypes.h $(TREE_DUMP_H) $(TREE_PASS_H) $(CGRAPH_H) $(GGC_H) \ + $(BASIC_BLOCK_H) $(FLAGS_H) $(FUNCTION_H) \ + $(TM_P_H) $(TREE_FLOW_H) $(DIAGNOSTIC_CORE_H) $(GIMPLE_H) tree-iterator.h \ + intl.h cfghooks.h output.h options.h c-family/c-common.h tsan.h tree-ssa-tail-merge.o: tree-ssa-tail-merge.c \ $(SYSTEM_H) $(CONFIG_H) coretypes.h $(TM_H) $(BITMAP_H) \ $(FLAGS_H) $(TM_P_H) $(BASIC_BLOCK_H) \ @@ -2674,7 +2681,8 @@ toplev.o : toplev.c $(CONFIG_H) $(SYSTEM $(CGRAPH_H) $(COVERAGE_H) alloc-pool.h $(GGC_H) \ $(OPTS_H) params.def tree-mudflap.h $(TREE_PASS_H) $(GIMPLE_H) \ tree-ssa-alias.h $(PLUGIN_H) realmpfr.h tree-diagnostic.h \ - $(TREE_PRETTY_PRINT_H) opts-diagnostic.h $(COMMON_TARGET_H) + $(TREE_PRETTY_PRINT_H) opts-diagnostic.h $(COMMON_TARGET_H) \ + tsan.h hwint.o : hwint.c $(CONFIG_H) $(SYSTEM_H) $(DIAGNOSTIC_CORE_H) @@ -3726,6 +3734,7 @@ GTFILES = $(CPP_ID_DATA_H) $(srcdir)/inp $(srcdir)/target-globals.h \ $(srcdir)/ipa-inline.h \ $(srcdir)/asan.c \ + $(srcdir)/tsan.c \ @all_gtfiles@ # Compute the list of GT header files from the corresponding C sources, Index: gcc/gcc.c =================================================================== --- gcc/gcc.c (revision 193482) +++ gcc/gcc.c (working copy) @@ -687,7 +687,8 @@ proper position among the other output f %{fgnu-tm:%:include(libitm.spec)%(link_itm)}\ %(mflib) " STACK_SPLIT_SPEC "\ %{fprofile-arcs|fprofile-generate*|coverage:-lgcov}\ - %{faddress-sanitizer:-lasan}\ + %{fsanitize=address:-lasan}\ + %{fsanitize=thread:-ltsan}\ %{!nostdlib:%{!nodefaultlibs:%(link_ssp) %(link_gcc_c_sequence)}}\ %{!nostdlib:%{!nostartfiles:%E}} %{T*} }}}}}}" #endif Index: gcc/varasm.c =================================================================== --- gcc/varasm.c (revision 193482) +++ gcc/varasm.c (working copy) @@ -1832,7 +1832,7 @@ assemble_noswitch_variable (tree decl, c size = tree_low_cst (DECL_SIZE_UNIT (decl), 1); rounded = size; - if (flag_asan && asan_protect_global (decl)) + if (flag_sanitize == SANITIZE_ADDRESS && asan_protect_global (decl)) size += asan_red_zone_size (size); /* Don't allocate zero bytes of common, @@ -1990,7 +1990,7 @@ assemble_variable (tree decl, int top_le align_variable (decl, dont_output_data); - if (flag_asan + if (flag_sanitize == SANITIZE_ADDRESS && asan_protect_global (decl)) { asan_protected = true; @@ -6946,7 +6946,8 @@ place_block_symbol (rtx symbol) decl = SYMBOL_REF_DECL (symbol); alignment = DECL_ALIGN (decl); size = tree_low_cst (DECL_SIZE_UNIT (decl), 1); - if (flag_asan && asan_protect_global (decl)) + if (flag_sanitize == SANITIZE_ADDRESS + && asan_protect_global (decl)) size += asan_red_zone_size (size); } Index: gcc/tree-pass.h =================================================================== --- gcc/tree-pass.h (revision 193482) +++ gcc/tree-pass.h (working copy) @@ -261,6 +261,8 @@ extern struct gimple_opt_pass pass_mudfl extern struct gimple_opt_pass pass_mudflap_2; extern struct gimple_opt_pass pass_asan; extern struct gimple_opt_pass pass_asan_O0; +extern struct gimple_opt_pass pass_tsan; +extern struct gimple_opt_pass pass_tsan_O0; extern struct gimple_opt_pass pass_lower_cf; extern struct gimple_opt_pass pass_refactor_eh; extern struct gimple_opt_pass pass_lower_eh;