This is an archive of the discontinued LLVM Phabricator instance.

[compiler-rt] [test] Disable ASLR on ASAN/MSAN/TSAN tests on NetBSD
ClosedPublic

Authored by mgorny on Dec 3 2019, 5:48 AM.

Details

Summary

Use a new %run wrapper for ASAN/MSAN/TSAN tests that calls paxctl
in order to disable ASLR on the test executables. This makes it
possible to test sanitizers on systems where ASLR is enabled by default.

Diff Detail

Event Timeline

mgorny created this revision.Dec 3 2019, 5:48 AM
Herald added a project: Restricted Project. · View Herald TranscriptDec 3 2019, 5:48 AM

Could this go into the common lit config in compiler-rt/test?
What is the problem with ASLR in NetBSD? Is this about fixed shadow location conflicts with the binary & library mappings?

Could this go into the common lit config in compiler-rt/test?

Do you mean to run this for all tests in compiler-rt? We intend to disable it only when needed and prevent leaking regressions that violate ASLR to other components of LLVM.

What is the problem with ASLR in NetBSD? Is this about fixed shadow location conflicts with the binary & library mappings?

PaX ASLR on NetBSD is too aggressive with the layout randomization and we cannot predict ranges of the heap and the stack. Next, we cannot map reliably the memory used into shadow buffer that crashes in a cryptic way. We are fine with disabling ASLR for the sanitizers that need shadow buffers and origins.

compiler-rt/test/sanitizer_common/netbsd_commands/run_noaslr.sh
5

I propose to use /usr/bin/paxctl as it will be PATH and environment independent. We already use this direct path approach in pkgsrc.

I meant you could define this path in the common lit config as something like "netbsd_noaslr_prefix" and then set up the %run substitution in subdirectories.

PaX ASLR on NetBSD is too aggressive with the layout randomization and we cannot predict ranges of the heap and the stack. Next, we cannot map reliably the memory used into shadow buffer that crashes in a cryptic way. We are fine with disabling ASLR for the sanitizers that need shadow buffers and origins.

Sounds good.

I meant you could define this path in the common lit config as something like "netbsd_noaslr_prefix" and then set up the %run substitution in subdirectories.

I take that you mean passing it on the config object?

mgorny updated this revision to Diff 232270.Dec 5 2019, 12:25 AM

Updated to pass the 'prefix' via config object from common, and to use full path for paxctl.

eugenis accepted this revision.Dec 5 2019, 1:48 PM

LGTM

compiler-rt/test/sanitizer_common/netbsd_commands/run_noaslr.sh
5

It this path correct? /usr/sbin in the code vs /usr/bin in the comment.

This revision is now accepted and ready to land.Dec 5 2019, 1:48 PM
krytarowski added inline comments.Dec 5 2019, 3:10 PM
compiler-rt/test/sanitizer_common/netbsd_commands/run_noaslr.sh
5

It is correct. I made a typo.

This revision was automatically updated to reflect the committed changes.
Herald added a project: Restricted Project. · View Herald TranscriptDec 5 2019, 11:11 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript