This is an archive of the discontinued LLVM Phabricator instance.

[lsan] Move allocator base to avoid conflict with high-entropy ASLR for x86-64 Linux
ClosedPublic

Authored by MaskRay on Apr 12 2023, 10:35 PM.

Details

Summary

This ports D148280 for ASan.

On x86-64 Linux, when mmap_rnd_bits is set to 32 (the maximum ARCH_MMAP_RND_BITS_MAX),
the allocator space [kAllocatorSpace,kAllocatorSpace+kAllocatorSize)
collides with the PIE load base range (0x555555554000 upto 2**mmap_rnd_bits * pagesize away),
which can cause the allocation to fail.
Using 0x500000000000ULL as the base address avoids this problem and works with
AArch64 Linux and FreeBSD as well.

While here, change s390x to use 0x500000000000ULL as well. See D78644
discussions that the address works.

Diff Detail

Event Timeline

MaskRay created this revision.Apr 12 2023, 10:35 PM
Herald added a project: Restricted Project. · View Herald TranscriptApr 12 2023, 10:35 PM
MaskRay requested review of this revision.Apr 12 2023, 10:35 PM
Herald added a project: Restricted Project. · View Herald TranscriptApr 12 2023, 10:35 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
MaskRay edited the summary of this revision. (Show Details)Apr 12 2023, 10:36 PM
MaskRay edited the summary of this revision. (Show Details)Apr 12 2023, 10:40 PM

D147984 got reverted because it broke Apple (oops, my bad). It might be worthwhile either gating this change to non-Apple (as suggested by lgrey for ASan), or holding off on this patch until it's clear what happened with D147984.

MaskRay updated this revision to Diff 513442.Apr 13 2023, 11:02 PM

Special case SANITIZER_APPLE

I asked a question regarding s390x: D78644

MaskRay updated this revision to Diff 513634.Apr 14 2023, 9:31 AM
MaskRay retitled this revision from [lsan] move allocator base to avoid conflict with high-entropy ASLR for x86-64 Linux to [lsan] Move allocator base to avoid conflict with high-entropy ASLR for x86-64 Linux.
MaskRay edited the summary of this revision. (Show Details)

remove special case for s390x

thurston accepted this revision.Apr 14 2023, 9:40 AM
This revision is now accepted and ready to land.Apr 14 2023, 9:40 AM
vitalybuka accepted this revision.Apr 14 2023, 9:58 AM

Hi, we're seeing some ASAN test failures after this patch. Maybe the issue is the change of the condition in the preprocessor? Could you take a look, and revert if its not easy to fix?
Failing Tests:
AddressSanitizer-aarch64-linux :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-aarch64-linux-dynamic :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-x86_64-linux :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-x86_64-linux-dynamic :: TestCases/use-after-scope-capture.cpp

https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-x64/b8783819018697822145/overview
https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-arm64/b8783820264168551889/overview
https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-x64-rbe/b8783818710722598305/overview

Hi, we're seeing some ASAN test failures after this patch. Maybe the issue is the change of the condition in the preprocessor? Could you take a look, and revert if its not easy to fix?
Failing Tests:
AddressSanitizer-aarch64-linux :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-aarch64-linux-dynamic :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-x86_64-linux :: TestCases/use-after-scope-capture.cpp
AddressSanitizer-x86_64-linux-dynamic :: TestCases/use-after-scope-capture.cpp

https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-x64/b8783819018697822145/overview
https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-arm64/b8783820264168551889/overview
https://luci-milo.appspot.com/ui/p/fuchsia/builders/toolchain.ci/clang-linux-x64-rbe/b8783818710722598305/overview

I am afraid you likely found the wrong culprit. This patch is about lsan.

TEST 'AddressSanitizer-x86_64-linux-dynamic :: TestCases/use-after-scope-capture.cpp' FAILED indicates an issue in asan (not the lsan part).

I synced to one commit before this one and the tests still fail.

Based on the redness for the Windows builds at at http://google.github.io/sanitizers/show_bots.html starting from https://lab.llvm.org/buildbot/#/builders/127/builds/46723
I'm guessing the commit that caused is https://github.com/llvm/llvm-project/commit/5b386b864c7619897c51a1da97d78f1cf6f3eff6

I'm currently rebuilding to test it

I rebuilt 0b911a3dc34a2a9930c8156183af3270f8907f5a (the commit immediately prior to the one that caused the failure) and confirmed that the test passes.

I haven't dug deep enough to find out whether it is a bug in the compiler, AddressSanitizer, or the test.

I've pinged the sanitizer build watcher

@MaskRay sorry for the noise. I was under the impression that LSAN was enabled by default for ASAN on Linux unless you passed additional args.

@thurston thanks for digging in.

The test has been fixed by fmayer in https://reviews.llvm.org/D148376