[llvm-dev] [RFC] ASan: patches to support 32-byte shadow granularity (original) (raw)

Evgenii Stepanov via llvm-dev llvm-dev at lists.llvm.org
Wed Nov 8 13:10:11 PST 2017

On Tue, Nov 7, 2017 at 4:50 PM, Walter Lee <waltl at google.com> wrote:

I've finished my initial set of patches to make 32-byte shadow granularity work on x86. Here is a summary of the changes from last week:

- As discussed, I added a full redzone after every stack variable. - We discussed adding a -fsanitize-address-granularity=N flag, but I found the following existing flag has been sufficient for my purposes: -asan-mapping-scale N. If anyone thinks I should add the flag anyways, possibly replacing the latter, please let me know.

IMO a clang flag would mean that non-standard setting for address granularity is a supported configuration. That would require the driver to link correct runtime library, which means we either build two copies of libclang_rt.asan for each platform and somehow encode the granularity value in the library name; or export that value from instrumented code through a global, but then it stops being a compile-time constant, and that may have effect on performance. Either way would be an ABI break.

I think what you really want is to test shadow scale = 5 on linux/x86_64 as a substitute for testing on the real hardware. For that, a cmake variable in compiler-rt and an LLVM flag (asan-mapping-scale) is more than enough.

- I've modified the build so that we always run the ASan instrumentation test suite for shadow scale values of 3 and 5. - I've gone through the asan test suites to make them run cleanly for both shadow scale=3 and shadow scale=5. Here are the tests I have disabled, grouped by categories: - Instrumentation/AddressSanitizer tests. Most tests work out of the box, and I ported some basic tests, leaving the following: llvm/test/Instrumentation/AddressSanitizer/lifetime-throw.ll llvm/test/Instrumentation/AddressSanitizer/lifetime-uar-uas.ll llvm/test/Instrumentation/AddressSanitizer/lifetime.ll llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-and-lifetime-be.ll llvm/test/Instrumentation/AddressSanitizer/stack-poisoning-and-lifetime.ll llvm/test/Instrumentation/AddressSanitizer/stack-poisoning.ll llvm/test/Instrumentation/AddressSanitizer/stacklayout.ll - Asm instrumentation not supported: Instrumentation/AddressSanitizer/X86/* compiler-rt/lib/asan/tests/asanasmtest.cc compiler-rt/test/asan/TestCases/Linux/asan-asm-stacktrace-test.cc - Prelinking not supported: compiler-rt/test/asan/TestCases/Linux/asanprelinktest.cc - Intra-object padding not supported: compiler-rt/test/asan/TestCases/intra-object-overflow.cc _- Calls asanpoisonmemoryregion in middle of shadow byte: compiler-rt/lib/asan/tests/asaninterfacetest.cc SimplePoisonMemoryRegionTest OverlappingPoisonMemoryRegionTest PoisoningStressTest compiler-rt/test/asan/TestCases/smallmemcpytest.cc compiler-rt/test/asan/TestCases/strtolstrict.c compiler-rt/test/asan/TestCases/strtollstrict.c - Has hardwired memory map: compiler-rt/test/asan/TestCases/Linux/cudatest.cc compiler-rt/test/asan/TestCases/Linux/kernel-area.cc compiler-rt/test/asan/TestCases/Linux/nohugepagetest.cc - Miscellaneous: compiler-rt/test/asan/TestCases/Linux/allocatoroomtest.cc This test assumes amount of available memory. compiler-rt/test/asan/TestCases/stack-buffer-overflow-with-position.cc This fails because we don't have enough redzones to disambiguate overflow of one stack object vs underflow of the next stack object. - Here is the full list of revisions. I'll add review requests shortly. [asan] Add CMake hook to override default shadow scale https://reviews.llvm.org/D39469 [asan] Fix size/alignment issues with non-default shadow scale https://reviews.llvm.org/D39470 [asan] Fix small X8664 ShadowOffset for non-default shadow scale https://reviews.llvm.org/D39471 [asan] Ensure that the minimum redzone is at least SHADOWGRANULARITY https://reviews.llvm.org/D39472 [sanitizers] Increase alignment of low level allocator https://reviews.llvm.org/D39473 [asan] Avoid assert failure for non-default shadow scale https://reviews.llvm.org/D39474 [asan] Add full redzone after every stack variable https://reviews.llvm.org/D39475 [gtest] Increase stack size for child process in EXPECTDEATH implementation https://reviews.llvm.org/D39771 [asan] Add lit feature for custom shadow scale https://reviews.llvm.org/D39772 [asan] Port tests to shadow scale of 5 https://reviews.llvm.org/D39773 [asan] Disable unsupported tests for custom shadow scale https://reviews.llvm.org/D39774 [asan] Test ASan instrumentation for shadow scale value of 5 https://reviews.llvm.org/D39775 Thanks, Walter

More information about the llvm-dev mailing list