This is an archive of the discontinued LLVM Phabricator instance.

Differential D6266

[ASan] Get fake stack code working with GCC 4.8.2.
ClosedPublic

Authored by foad on Nov 14 2014, 5:28 AM.

Details

Reviewers
kcc
samsonov
Commits
rGe47130e40788: [ASan] Get fake stack code working with GCC 4.8.2.
rCRT222572: [ASan] Get fake stack code working with GCC 4.8.2.
rL222572: [ASan] Get fake stack code working with GCC 4.8.2.
Summary

TestCases/Linux/heavy_uar_test.cc was failing on my
PowerPC64 box with GCC 4.8.2, because the compiler recognised
a memset-like loop and turned it into a call to memset, which
got intercepted by __asan_memset, which got upset because it was
being called on an address in high shadow memory.

Use break_optimization to stop the compiler from doing this.

Diff Detail

Event Timeline

foad updated this revision to Diff 16205.Nov 14 2014, 5:28 AM
foad retitled this revision from to [ASan] Get fake stack code working with GCC 4.8.2..
foad updated this object.
foad edited the test plan for this revision. (Show Details)
foad added reviewers: kcc, samsonov.
foad added a subscriber: Unknown Object (MLST).
kcc edited edge metadata.Nov 14 2014, 8:46 AM

I think that instead of adding an option to one of N supported build systems we need to make the code more compiler-resistant

foad added a comment.Nov 14 2014, 11:39 AM
In D6266#4, @kcc wrote:

I think that instead of adding an option to one of N supported build systems we need to make the code more compiler-resistant

Do you mean changing the code in SetShadow? I suppose I could try adding "volatile" or something. (Yuck!)

The only other approach I can think of is for __asan_memset to detect whether it has been called from the application or from libasan itself; either by looking at the return address, or by changing every entry point in the sanitizer to set some "in asan" flag.

kcc added a comment.Nov 14 2014, 12:04 PM
In D6266#5, @foad wrote:
In D6266#4, @kcc wrote:

I think that instead of adding an option to one of N supported build systems we need to make the code more compiler-resistant

Do you mean changing the code in SetShadow? I suppose I could try adding "volatile" or something. (Yuck!)

Slightly better way is to move break_optimization from sanitizer_common/sanitizer_libc.cc
to sanitizer_common/sanitizer_common.h and use it inside the loop.

It's not perfect either, because this will not let the compiler use wider stores.

Ideally, I would introduce internal_memset_aligned64, similar to internal_bzero_aligned16 in sanitizer_common/sanitizer_libc.cc.
Then for small class_id (0, 1, 2) use explicit assignments and for large ones (3, 4, 5, 6) use internal_memset_aligned64

The only other approach I can think of is for __asan_memset to detect whether it has been called from the application or from libasan itself; either by looking at the return address, or by changing every entry point in the sanitizer to set some "in asan" flag.

God forbid :)

foad updated this revision to Diff 16268.Nov 15 2014, 12:29 PM
foad edited edge metadata.

Use break_optimisation instead of compiler flags.

foad updated this object.Nov 15 2014, 12:33 PM
foad updated this revision to Diff 16276.Nov 16 2014, 2:39 AM

Fix build failure by removing another competing definition of
break_optimization.

samsonov edited edge metadata.Nov 16 2014, 3:29 PM

Did you try -ffreestanding flag?

foad added a comment.Nov 17 2014, 1:59 AM
In D6266#12, @samsonov wrote:

Did you try -ffreestanding flag?

Yes. It doesn't help.

To quote the GCC bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56888
"Thus, from 4.8.3, 4.9.1 and 4.10.0 on -ffreestanding, -fno-hosted and -fno-builtin
will cause -ftree-loop-distribute-patterns to _not_ be enabled by default
with -O3+ (you can still enable it manually)."

kcc accepted this revision.Nov 19 2014, 2:39 PM
kcc edited edge metadata.

LGTM

This revision is now accepted and ready to land.Nov 19 2014, 2:39 PM
foad added a comment.Nov 20 2014, 6:34 AM

Unfortunately the current patch still doesn't build cleanly.

The problem is that I'm trying to move the definition of break_optimization into lib/sanitizer_common/sanitizer_common.h, but there is already another definition of break_optimization in lib/sanitizer_common/tests/sanitizer_test_utils.h.

Some tests, like lib/sanitizer_common/tests/sanitizer_allocator_test.cc, include both of these headers.

Others, like lib/asan/tests/asan_test.cc, only include sanitizer_test_utils.h.

I tried including sanitizer_common.h from sanitizer_test_utils.h but I ran into this, and I don't know how to fix it:

In file included from /home/jay/svn/llvm-project/compiler-rt/trunk/lib/asan/tests/asan_interface_test.cc:15:
In file included from /home/jay/svn/llvm-project/llvm/trunk/projects/compiler-rt/include/sanitizer/asan_interface.h:17:
/home/jay/svn/llvm-project/llvm/trunk/projects/compiler-rt/include/sanitizer/common_interface_defs.h:40:5: error: typedef redefinition with different types ('struct __sanitizer_sandbox_arguments' vs 'struct __sanitizer_sandbox_arguments')
  } __sanitizer_sandbox_arguments;
    ^
/home/jay/svn/llvm-project/llvm/trunk/projects/compiler-rt/lib/sanitizer_common/sanitizer_internal_defs.h:109:5: note: previous definition is here
  } __sanitizer_sandbox_arguments;
    ^
kcc added a comment.Nov 20 2014, 10:04 AM

leave sanitizer_test_utils.h unchanged, remove break_optimization from sanitizer_libc.cc,
introduce SanitizerBreakOptimization or some such to sanitizer_common.h

foad updated this revision to Diff 16449.Nov 20 2014, 1:41 PM
foad edited edge metadata.

Follow Kostya's advice.

kcc added a comment.Nov 21 2014, 11:32 AM

LGTM, thanks!

foad closed this revision.Nov 21 2014, 1:25 PM

Revision Contents

PathSize
lib/
asan/
4 lines
sanitizer_common/
14 lines
12 lines

Diff 16449

lib/asan/asan_fake_stack.cc

Show All 21 Lines
static const u64 kMagic4 = (kMagic2 << 16) | kMagic2; static const u64 kMagic4 = (kMagic2 << 16) | kMagic2;
static const u64 kMagic8 = (kMagic4 << 32) | kMagic4; static const u64 kMagic8 = (kMagic4 << 32) | kMagic4;
// For small size classes inline PoisonShadow for better performance. // For small size classes inline PoisonShadow for better performance.
ALWAYS_INLINE void SetShadow(uptr ptr, uptr size, uptr class_id, u64 magic) { ALWAYS_INLINE void SetShadow(uptr ptr, uptr size, uptr class_id, u64 magic) {
CHECK_EQ(SHADOW_SCALE, 3); // This code expects SHADOW_SCALE=3. CHECK_EQ(SHADOW_SCALE, 3); // This code expects SHADOW_SCALE=3.
u64 *shadow = reinterpret_cast<u64*>(MemToShadow(ptr)); u64 *shadow = reinterpret_cast<u64*>(MemToShadow(ptr));
if (class_id <= 6) { if (class_id <= 6) {
for (uptr i = 0; i < (1U << class_id); i++) for (uptr i = 0; i < (1U << class_id); i++) {
shadow[i] = magic; shadow[i] = magic;
SanitizerBreakOptimization(0); // Make sure this does not become memset.
}
} else { } else {
// The size class is too big, it's cheaper to poison only size bytes. // The size class is too big, it's cheaper to poison only size bytes.
PoisonShadow(ptr, size, static_cast<u8>(magic)); PoisonShadow(ptr, size, static_cast<u8>(magic));
} }
} }
FakeStack *FakeStack::Create(uptr stack_size_log) { FakeStack *FakeStack::Create(uptr stack_size_log) {
static uptr kMinStackSizeLog = 16; static uptr kMinStackSizeLog = 16;
▲ Show 20 LinesShow All 216 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_common.h

Show First 20 LinesShow All 529 Lines▼ Show 20 Lines
void GetExtraActivationFlags(char *buf, uptr size); void GetExtraActivationFlags(char *buf, uptr size);
void SanitizerInitializeUnwinder(); void SanitizerInitializeUnwinder();
#else #else
INLINE void AndroidLogInit() {} INLINE void AndroidLogInit() {}
INLINE void AndroidLogWrite(const char *buffer_unused) {} INLINE void AndroidLogWrite(const char *buffer_unused) {}
INLINE void GetExtraActivationFlags(char *buf, uptr size) { *buf = '\0'; } INLINE void GetExtraActivationFlags(char *buf, uptr size) { *buf = '\0'; }
INLINE void SanitizerInitializeUnwinder() {} INLINE void SanitizerInitializeUnwinder() {}
#endif #endif
// Make the compiler think that something is going on there.
// Use this inside a loop that looks like memset/memcpy/etc to prevent the
// compiler from recognising it and turning it into an actual call to
// memset/memcpy/etc.
static inline void SanitizerBreakOptimization(void *arg) {
#if _MSC_VER
// FIXME: make sure this is actually enough.
__asm;
#else
__asm__ __volatile__("" : : "r" (arg) : "memory");
#endif
}
} // namespace __sanitizer } // namespace __sanitizer
inline void *operator new(__sanitizer::operator_new_size_type size, inline void *operator new(__sanitizer::operator_new_size_type size,
__sanitizer::LowLevelAllocator &alloc) { __sanitizer::LowLevelAllocator &alloc) {
return alloc.Allocate(size); return alloc.Allocate(size);
} }
struct StackDepotStats { struct StackDepotStats {
uptr n_uniq_ids; uptr n_uniq_ids;
uptr allocated; uptr allocated;
}; };
#endif // SANITIZER_COMMON_H #endif // SANITIZER_COMMON_H

lib/sanitizer_common/sanitizer_libc.cc

Show All 10 Lines
// run-time libraries. See sanitizer_libc.h for details. // run-time libraries. See sanitizer_libc.h for details.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "sanitizer_allocator_internal.h" #include "sanitizer_allocator_internal.h"
#include "sanitizer_common.h" #include "sanitizer_common.h"
#include "sanitizer_libc.h" #include "sanitizer_libc.h"
namespace __sanitizer { namespace __sanitizer {
// Make the compiler think that something is going on there.
static inline void break_optimization(void *arg) {
#if _MSC_VER
// FIXME: make sure this is actually enough.
__asm;
#else
__asm__ __volatile__("" : : "r" (arg) : "memory");
#endif
}
s64 internal_atoll(const char *nptr) { s64 internal_atoll(const char *nptr) {
return internal_simple_strtoll(nptr, (char**)0, 10); return internal_simple_strtoll(nptr, (char**)0, 10);
} }
void *internal_memchr(const void *s, int c, uptr n) { void *internal_memchr(const void *s, int c, uptr n) {
const char *t = (const char *)s; const char *t = (const char *)s;
for (uptr i = 0; i < n; ++i, ++t) for (uptr i = 0; i < n; ++i, ++t)
if (*t == c) if (*t == c)
Show All 36 Lines
} }
// Semi-fast bzero for 16-aligned data. Still far from peak performance. // Semi-fast bzero for 16-aligned data. Still far from peak performance.
void internal_bzero_aligned16(void *s, uptr n) { void internal_bzero_aligned16(void *s, uptr n) {
struct S16 { u64 a, b; } ALIGNED(16); struct S16 { u64 a, b; } ALIGNED(16);
CHECK_EQ((reinterpret_cast<uptr>(s) | n) & 15, 0); CHECK_EQ((reinterpret_cast<uptr>(s) | n) & 15, 0);
for (S16 *p = reinterpret_cast<S16*>(s), *end = p + n / 16; p < end; p++) { for (S16 *p = reinterpret_cast<S16*>(s), *end = p + n / 16; p < end; p++) {
p->a = p->b = 0; p->a = p->b = 0;
break_optimization(0); // Make sure this does not become memset. SanitizerBreakOptimization(0); // Make sure this does not become memset.
} }
} }
void *internal_memset(void* s, int c, uptr n) { void *internal_memset(void* s, int c, uptr n) {
// The next line prevents Clang from making a call to memset() instead of the // The next line prevents Clang from making a call to memset() instead of the
// loop below. // loop below.
// FIXME: building the runtime with -ffreestanding is a better idea. However // FIXME: building the runtime with -ffreestanding is a better idea. However
// there currently are linktime problems due to PR12396. // there currently are linktime problems due to PR12396.
▲ Show 20 LinesShow All 165 LinesShow Last 20 Lines