This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
include/llvm/Support/
-
llvm/
-
Support/
2
Allocator.h

Differential D9757

Add ASan hooks to BumpPtrAllocator
AbandonedPublic

Authored by pete on May 13 2015, 11:20 AM.

Download Raw Diff

Details

Reviewers: None

Summary

BumpPtrAllocator already has MSan hooks to teach the sanitizer about what memory is valid.

This patch adds the equivalent for ASan. New slabs are initially poisoned then each individual allocation is unopposed.

BumpPtrAllocator has an empty Deallocate method, however, we can use that here to ensure that once a region has been Deallocated, we poison it and don't continue to use it. A similar change should probably be made for MSan.

Unfortunately this patch can't yet be committed due to a bug found in clang with this applied (https://llvm.org/bugs/show_bug.cgi?id=23516). I'm putting this up on Phab in case anyone else wants to try it out. It may also be better to move most of the #ifdefs to Compiler.h where __msan_allocated_memory is currently defined, so i expect to change this patch in future.

Diff Detail

Event Timeline

pete updated this revision to Diff 25716.May 13 2015, 11:20 AM

pete retitled this revision from to Add ASan hooks to BumpPtrAllocator.

pete updated this object.

pete edited the test plan for this revision. (Show Details)

pete added a subscriber: Unknown Object (MLST).

<grumble>
the annotations are provided for exactly this purpose,
but still asan handles allocation much better if it fully controls malloc.
</grumble>

include/llvm/Support/Allocator.h
229	I don't like so many ifdefs. Maybe like this? #if LLVM_ADDRESS_SANITIZER_BUILD include ... #else #define ASAN_POISON_MEMORY_REGION(a,b) /empty/ #endif

Ah yeah, that is much better. Thanks!

samsonov added a subscriber: samsonov.May 14 2015, 2:21 PM

samsonov added inline comments.

include/llvm/Support/Allocator.h
229	In fact, it's worth defining this macro in llvm/Support/Compiler.h, similar to what we do for MSan interface function `__msan_allocated_memory`

Justin fixed this in r254964 by finishing up the patch here with Alexey's comments.

Revision Contents

Path

Size

include/

llvm/

Support/

Allocator.h

37 lines

Diff 25716

include/llvm/Support/Allocator.h

Show All 25 Lines
#include "llvm/Support/DataTypes.h"		#include "llvm/Support/DataTypes.h"
#include "llvm/Support/MathExtras.h"		#include "llvm/Support/MathExtras.h"
#include "llvm/Support/Memory.h"		#include "llvm/Support/Memory.h"
#include <algorithm>		#include <algorithm>
#include <cassert>		#include <cassert>
#include <cstddef>		#include <cstddef>
#include <cstdlib>		#include <cstdlib>

		#if LLVM_ADDRESS_SANITIZER_BUILD
		#include <sanitizer/asan_interface.h>
		#endif

namespace llvm {		namespace llvm {

/// \brief CRTP base class providing obvious overloads for the core \c		/// \brief CRTP base class providing obvious overloads for the core \c
/// Allocate() methods of LLVM-style allocators.		/// Allocate() methods of LLVM-style allocators.
///		///
/// This base class both documents the full public interface exposed by all		/// This base class both documents the full public interface exposed by all
/// LLVM-style allocators, and redirects all of the overloads to a single core		/// LLVM-style allocators, and redirects all of the overloads to a single core
/// set of methods which the derived class must define.		/// set of methods which the derived class must define.
▲ Show 20 Lines • Show All 174 Lines • ▼ Show 20 Lines	Allocate(size_t Size, size_t Alignment) {
// Check if we have enough space.		// Check if we have enough space.
if (Adjustment + Size <= size_t(End - CurPtr)) {		if (Adjustment + Size <= size_t(End - CurPtr)) {
char *AlignedPtr = CurPtr + Adjustment;		char *AlignedPtr = CurPtr + Adjustment;
CurPtr = AlignedPtr + Size;		CurPtr = AlignedPtr + Size;
// Update the allocation point of this memory block in MemorySanitizer.		// Update the allocation point of this memory block in MemorySanitizer.
// Without this, MemorySanitizer messages for values originated from here		// Without this, MemorySanitizer messages for values originated from here
// will point to the allocation of the entire slab.		// will point to the allocation of the entire slab.
__msan_allocated_memory(AlignedPtr, Size);		__msan_allocated_memory(AlignedPtr, Size);
		// Similarly, tell ASan about this space.
		#if LLVM_ADDRESS_SANITIZER_BUILD
		kccUnsubmitted Not Done Reply Inline Actions I don't like so many ifdefs. Maybe like this? #if LLVM_ADDRESS_SANITIZER_BUILD include ... #else #define ASAN_POISON_MEMORY_REGION(a,b) /empty/ #endif kcc: I don't like so many ifdefs. Maybe like this? #if LLVM_ADDRESS_SANITIZER_BUILD # include ...
		samsonovUnsubmitted Not Done Reply Inline Actions In fact, it's worth defining this macro in llvm/Support/Compiler.h, similar to what we do for MSan interface function `__msan_allocated_memory` samsonov: In fact, it's worth defining this macro in llvm/Support/Compiler.h, similar to what we do for…
		ASAN_UNPOISON_MEMORY_REGION(AlignedPtr, Size);
		#endif
return AlignedPtr;		return AlignedPtr;
}		}

// If Size is really big, allocate a separate slab for it.		// If Size is really big, allocate a separate slab for it.
size_t PaddedSize = Size + Alignment - 1;		size_t PaddedSize = Size + Alignment - 1;
if (PaddedSize > SizeThreshold) {		if (PaddedSize > SizeThreshold) {
void *NewSlab = Allocator.Allocate(PaddedSize, 0);		void *NewSlab = Allocator.Allocate(PaddedSize, 0);

		// We own the new slab and don't want anyone reading anyting other than
		// pieces returned from this method. So poison the whole slab.
		#if LLVM_ADDRESS_SANITIZER_BUILD
		ASAN_POISON_MEMORY_REGION(NewSlab, PaddedSize);
		#endif
CustomSizedSlabs.push_back(std::make_pair(NewSlab, PaddedSize));		CustomSizedSlabs.push_back(std::make_pair(NewSlab, PaddedSize));

uintptr_t AlignedAddr = alignAddr(NewSlab, Alignment);		uintptr_t AlignedAddr = alignAddr(NewSlab, Alignment);
assert(AlignedAddr + Size <= (uintptr_t)NewSlab + PaddedSize);		assert(AlignedAddr + Size <= (uintptr_t)NewSlab + PaddedSize);
char AlignedPtr = (char)AlignedAddr;		char AlignedPtr = (char)AlignedAddr;
__msan_allocated_memory(AlignedPtr, Size);		__msan_allocated_memory(AlignedPtr, Size);
		// Tell ASan about this space.
		#if LLVM_ADDRESS_SANITIZER_BUILD
		ASAN_UNPOISON_MEMORY_REGION(AlignedPtr, Size);
		#endif
return AlignedPtr;		return AlignedPtr;
}		}

// Otherwise, start a new slab and try again.		// Otherwise, start a new slab and try again.
StartNewSlab();		StartNewSlab();
uintptr_t AlignedAddr = alignAddr(CurPtr, Alignment);		uintptr_t AlignedAddr = alignAddr(CurPtr, Alignment);
assert(AlignedAddr + Size <= (uintptr_t)End &&		assert(AlignedAddr + Size <= (uintptr_t)End &&
"Unable to allocate memory!");		"Unable to allocate memory!");
char AlignedPtr = (char)AlignedAddr;		char AlignedPtr = (char)AlignedAddr;
CurPtr = AlignedPtr + Size;		CurPtr = AlignedPtr + Size;
__msan_allocated_memory(AlignedPtr, Size);		__msan_allocated_memory(AlignedPtr, Size);
		// Similarly, tell ASan about this space.
		#if LLVM_ADDRESS_SANITIZER_BUILD
		ASAN_UNPOISON_MEMORY_REGION(AlignedPtr, Size);
		#endif
return AlignedPtr;		return AlignedPtr;
}		}

// Pull in base class overloads.		// Pull in base class overloads.
using AllocatorBase<BumpPtrAllocatorImpl>::Allocate;		using AllocatorBase<BumpPtrAllocatorImpl>::Allocate;

void Deallocate(const void * /Ptr/, size_t /Size/) {}		void Deallocate(const void * Ptr, size_t Size) {
		// For speed reasons we don't want the BumpPtrAllocator itself to
		//
		#if LLVM_ADDRESS_SANITIZER_BUILD
		ASAN_POISON_MEMORY_REGION(Ptr, Size);
		#endif
		}

// Pull in base class overloads.		// Pull in base class overloads.
using AllocatorBase<BumpPtrAllocatorImpl>::Deallocate;		using AllocatorBase<BumpPtrAllocatorImpl>::Deallocate;

size_t GetNumSlabs() const { return Slabs.size() + CustomSizedSlabs.size(); }		size_t GetNumSlabs() const { return Slabs.size() + CustomSizedSlabs.size(); }

size_t getTotalMemory() const {		size_t getTotalMemory() const {
size_t TotalMemory = 0;		size_t TotalMemory = 0;
▲ Show 20 Lines • Show All 41 Lines • ▼ Show 20 Lines	private:
}		}

/// \brief Allocate a new slab and move the bump pointers over into the new		/// \brief Allocate a new slab and move the bump pointers over into the new
/// slab, modifying CurPtr and End.		/// slab, modifying CurPtr and End.
void StartNewSlab() {		void StartNewSlab() {
size_t AllocatedSlabSize = computeSlabSize(Slabs.size());		size_t AllocatedSlabSize = computeSlabSize(Slabs.size());

void *NewSlab = Allocator.Allocate(AllocatedSlabSize, 0);		void *NewSlab = Allocator.Allocate(AllocatedSlabSize, 0);

		// We own the new slab and don't want anyone reading anyting other than
		// pieces returned from this method. So poison the whole slab.
		#if LLVM_ADDRESS_SANITIZER_BUILD
		ASAN_POISON_MEMORY_REGION(NewSlab, AllocatedSlabSize);
		#endif

Slabs.push_back(NewSlab);		Slabs.push_back(NewSlab);
CurPtr = (char *)(NewSlab);		CurPtr = (char *)(NewSlab);
End = ((char *)NewSlab) + AllocatedSlabSize;		End = ((char *)NewSlab) + AllocatedSlabSize;
}		}

/// \brief Deallocate a sequence of slabs.		/// \brief Deallocate a sequence of slabs.
void DeallocateSlabs(SmallVectorImpl<void *>::iterator I,		void DeallocateSlabs(SmallVectorImpl<void *>::iterator I,
SmallVectorImpl<void *>::iterator E) {		SmallVectorImpl<void *>::iterator E) {
▲ Show 20 Lines • Show All 101 Lines • Show Last 20 Lines