This is an archive of the discontinued LLVM Phabricator instance.

Differential D83134

[asan] Disable fast unwinder on arm-linux-gnueabi with thumb
AbandonedPublic

Authored by zatrazz on Jul 3 2020, 7:55 AM.

Details

Reviewers
vitalybuka
kcc
eugenis
kubamracek
Summary

ARM thumb/thumb2 frame pointer is inconsistent on GCC and Clang [1]
and fast-unwider is also unreliable with mixing arm and thumb code [2].

The fast unwinder ARM hacks to probe and compare the frame-pointer
in different stack layout position works reliable only on a system where
all the libraries are built in arm mode (either with gcc or clang).

However when mixing objects built with different abi mode the
fast unwinder is still problematic. The quarantine_size_mb.cpp
still fails on ARM on system with libraries built with thumb (Ubuntu
bionic for instance) so make is pass clean this patch forces it to
use the slow unwinder is to avoid a leak warning triggered by the
helper quarantine thread creation (the allocation is done by glibc
pthread_create). Without proper stack frame information libsanitizer
can not apply the expected suppresion in this case.

This should fix BZ#44158, however the leak sanitizier is still
unreliable on most distros where the system compiler defaults to
use thumb.

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92172
[2] https://bugs.llvm.org/show_bug.cgi?id=44158

Diff Detail

Unit TestsFailed

TimeTest
740 mslinux > SanitizerCommon-asan-x86_64-Linux.Linux::Unknown Unit Message ("")
510 mslinux > SanitizerCommon-lsan-x86_64-Linux.Linux::Unknown Unit Message ("")
620 mslinux > SanitizerCommon-msan-x86_64-Linux.Linux::Unknown Unit Message ("")
900 mslinux > SanitizerCommon-tsan-x86_64-Linux.Linux::Unknown Unit Message ("")
570 mslinux > SanitizerCommon-ubsan-x86_64-Linux.Linux::Unknown Unit Message ("")

Event Timeline

zatrazz created this revision.Jul 3 2020, 7:55 AM
Herald added subscribers: Restricted Project, danielkiss, kristof.beyls, mgorny. · View Herald TranscriptJul 3 2020, 7:55 AM
Harbormaster failed remote builds in B62848: Diff 275395!Jul 3 2020, 8:34 AM
eugenis added a comment.Jul 6 2020, 12:21 PM

Is unwinding actually broken on an all-clang, all-thumb system?

zatrazz added a comment.Jul 8 2020, 5:21 AM
In D83134#2133857, @eugenis wrote:

Is unwinding actually broken on an all-clang, all-thumb system?

The issue is when instrumented objects interact with gcc object,, for instance running instrumented binaries on usual distros like Ubuntu. I haven't tested on a all-clang/all-thumb system, but from my understanding is clang thumb use the FP similar no arm mode (differerent than gcc), so it should work.

vitalybuka added a comment.Aug 18 2020, 7:06 PM

Is this patch still needed?

zatrazz added a comment.Aug 24 2020, 6:00 AM
In D83134#2225283, @vitalybuka wrote:

Is this patch still needed?

It is to at least make the unwinder not triggering testcase failures on some arm-linux-gnu distros [1]. The fast-unwinder on ARM does not work correctly when unwinding any thumb code built code by gcc, so it would potentially fail on some scenarios (for instance if system libraries or gcc-build ones call malloc). It should be mitigated by 'fast_unwind_on_check=0' and/or 'fast_unwind_on_malloc=0'.

This issues has come up multiple times and compiler-rt developers either state that Android (which is now built with clang) and clang built objects works and that _Unwind based unwind is too slow to be usable. I think we should at least document this issues with gcc built with thumb support and the possible mitigations and tradeoffs.

[1] http://lab.llvm.org:8011/builders/clang-cmake-armv7-full/builds/11561

eugenis accepted this revision.Aug 24 2020, 9:29 AM

LGTM

This revision is now accepted and ready to land.Aug 24 2020, 9:29 AM
vitalybuka accepted this revision.Aug 24 2020, 6:25 PM
zatrazz abandoned this revision.Oct 7 2020, 5:14 AM

Revision Contents

PathSize
compiler-rt/
1 line
lib/
sanitizer_common/
6 lines
2 lines
test/
asan/
TestCases/
Linux/
10 lines
2 lines
1 line

Diff 275395

compiler-rt/CMakeLists.txt

Show First 20 LinesShow All 123 Lines▼ Show 20 Linesif (COMPILER_RT_STANDALONE_BUILD)
set(LLVM_LIT_ARGS "${LIT_ARGS_DEFAULT}" CACHE STRING "Default options for lit") set(LLVM_LIT_ARGS "${LIT_ARGS_DEFAULT}" CACHE STRING "Default options for lit")
set(LLVM_LIT_OUTPUT_DIR "${COMPILER_RT_EXEC_OUTPUT_DIR}") set(LLVM_LIT_OUTPUT_DIR "${COMPILER_RT_EXEC_OUTPUT_DIR}")
endif() endif()
construct_compiler_rt_default_triple() construct_compiler_rt_default_triple()
if ("${COMPILER_RT_DEFAULT_TARGET_TRIPLE}" MATCHES ".*hf$") if ("${COMPILER_RT_DEFAULT_TARGET_TRIPLE}" MATCHES ".*hf$")
if (${COMPILER_RT_DEFAULT_TARGET_ARCH} MATCHES "^arm") if (${COMPILER_RT_DEFAULT_TARGET_ARCH} MATCHES "^arm")
set(COMPILER_RT_DEFAULT_TARGET_ARCH "armhf") set(COMPILER_RT_DEFAULT_TARGET_ARCH "armhf")
CHECK_SYMBOL_EXISTS (__thumb__ "" COMPILER_RT_ARM_THUMB)
endif() endif()
endif() endif()
if ("${COMPILER_RT_DEFAULT_TARGET_TRIPLE}" MATCHES ".*android.*") if ("${COMPILER_RT_DEFAULT_TARGET_TRIPLE}" MATCHES ".*android.*")
set(ANDROID 1) set(ANDROID 1)
endif() endif()
pythonize_bool(ANDROID) pythonize_bool(ANDROID)
set(ANDROID_NDK_VERSION 18 set(ANDROID_NDK_VERSION 18
▲ Show 20 LinesShow All 423 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_platform.h

Show First 20 LinesShow All 191 Lines▼ Show 20 Lines
# define SANITIZER_PPC32 0 # define SANITIZER_PPC32 0
# define SANITIZER_PPC64 0 # define SANITIZER_PPC64 0
# define SANITIZER_PPC64V1 0 # define SANITIZER_PPC64V1 0
# define SANITIZER_PPC64V2 0 # define SANITIZER_PPC64V2 0
#endif #endif
#if defined(__arm__) #if defined(__arm__)
# define SANITIZER_ARM 1 # define SANITIZER_ARM 1
# ifdef __thumb__
# define SANITIZER_ARM_THUMB 1
# endif
#else #else
# define SANITIZER_ARM 0 # define SANITIZER_ARM 0
# define SANITIZER_ARM_THUMB 0
#endif #endif
Lint: Pre-merge checks
Inline Actions

clang-format: please reformat the code

-# ifdef __thumb__
-#  define SANITIZER_ARM_THUMB 1
-# endif
+#ifdef __thumb__
+#define SANITIZER_ARM_THUMB 1
+#endif
Lint: Pre-merge checks: clang-format: please reformat the code ``` -# ifdef __thumb__ -# define SANITIZER_ARM_THUMB 1…
#if SANITIZER_SOLARIS && SANITIZER_WORDSIZE == 32 #if SANITIZER_SOLARIS && SANITIZER_WORDSIZE == 32
# define SANITIZER_SOLARIS32 1 # define SANITIZER_SOLARIS32 1
#else #else
# define SANITIZER_SOLARIS32 0 # define SANITIZER_SOLARIS32 0
Lint: Pre-merge checks
Inline Actions

clang-format: please reformat the code

-# define SANITIZER_ARM_THUMB 0
+#define SANITIZER_ARM_THUMB 0
Lint: Pre-merge checks: clang-format: please reformat the code ``` -# define SANITIZER_ARM_THUMB 0 +#define…
#endif #endif
#if defined(__myriad2__) #if defined(__myriad2__)
# define SANITIZER_MYRIAD2 1 # define SANITIZER_MYRIAD2 1
#else #else
# define SANITIZER_MYRIAD2 0 # define SANITIZER_MYRIAD2 0
#endif #endif
▲ Show 20 LinesShow All 97 Lines▼ Show 20 Lines
#if SANITIZER_GO == 0 #if SANITIZER_GO == 0
# define SANITIZER_GO 0 # define SANITIZER_GO 0
#endif #endif
// On PowerPC and ARM Thumb, calling pthread_exit() causes LSan to detect leaks. // On PowerPC and ARM Thumb, calling pthread_exit() causes LSan to detect leaks.
// pthread_exit() performs unwinding that leads to dlopen'ing libgcc_s.so. // pthread_exit() performs unwinding that leads to dlopen'ing libgcc_s.so.
// dlopen mallocs "libgcc_s.so" string which confuses LSan, it fails to realize // dlopen mallocs "libgcc_s.so" string which confuses LSan, it fails to realize
// that this allocation happens in dynamic linker and should be ignored. // that this allocation happens in dynamic linker and should be ignored.
#if SANITIZER_PPC || defined(__thumb__) #if SANITIZER_PPC || SANITIZER_ARM_THUMB
# define SANITIZER_SUPPRESS_LEAK_ON_PTHREAD_EXIT 1 # define SANITIZER_SUPPRESS_LEAK_ON_PTHREAD_EXIT 1
#else #else
# define SANITIZER_SUPPRESS_LEAK_ON_PTHREAD_EXIT 0 # define SANITIZER_SUPPRESS_LEAK_ON_PTHREAD_EXIT 0
#endif #endif
#if SANITIZER_FREEBSD || SANITIZER_MAC || SANITIZER_NETBSD || \ #if SANITIZER_FREEBSD || SANITIZER_MAC || SANITIZER_NETBSD || \
SANITIZER_OPENBSD || SANITIZER_SOLARIS SANITIZER_OPENBSD || SANITIZER_SOLARIS
# define SANITIZER_MADVISE_DONTNEED MADV_FREE # define SANITIZER_MADVISE_DONTNEED MADV_FREE
Show All 29 Lines

compiler-rt/lib/sanitizer_common/sanitizer_stacktrace.h

Show All 16 Lines
namespace __sanitizer { namespace __sanitizer {
struct BufferedStackTrace; struct BufferedStackTrace;
static const u32 kStackTraceMax = 256; static const u32 kStackTraceMax = 256;
#if SANITIZER_LINUX && defined(__mips__) #if SANITIZER_LINUX && defined(__mips__)
# define SANITIZER_CAN_FAST_UNWIND 0 # define SANITIZER_CAN_FAST_UNWIND 0
#elif SANITIZER_LINUX && !SANITIZER_ANDROID && SANITIZER_ARM_THUMB
# define SANITIZER_CAN_FAST_UNWIND 0
Lint: Pre-merge checks
Inline Actions

clang-format: please reformat the code

-# define SANITIZER_CAN_FAST_UNWIND 0
+#define SANITIZER_CAN_FAST_UNWIND 0
Lint: Pre-merge checks: clang-format: please reformat the code ``` -# define SANITIZER_CAN_FAST_UNWIND 0 +#define…
#elif SANITIZER_WINDOWS #elif SANITIZER_WINDOWS
# define SANITIZER_CAN_FAST_UNWIND 0 # define SANITIZER_CAN_FAST_UNWIND 0
#elif SANITIZER_OPENBSD #elif SANITIZER_OPENBSD
# define SANITIZER_CAN_FAST_UNWIND 0 # define SANITIZER_CAN_FAST_UNWIND 0
#else #else
# define SANITIZER_CAN_FAST_UNWIND 1 # define SANITIZER_CAN_FAST_UNWIND 1
#endif #endif
▲ Show 20 LinesShow All 144 LinesShow Last 20 Lines

compiler-rt/test/asan/TestCases/Linux/quarantine_size_mb.cpp

// Test quarantine_size_mb (and the deprecated quarantine_size) // Test quarantine_size_mb (and the deprecated quarantine_size)
// RUN: %clangxx_asan %s -o %t // RUN: %clangxx_asan %s -o %t
// RUN: %env_asan_opts=quarantine_size=10485760:verbosity=1:hard_rss_limit_mb=50 %run %t 2>&1 | FileCheck %s --check-prefix=Q10 // RUN: %env_asan_opts=quarantine_size=10485760:verbosity=1:hard_rss_limit_mb=50:fast_unwind_on_malloc=0 %run %t 2>&1 | FileCheck %s --check-prefix=Q10
// RUN: %env_asan_opts=quarantine_size_mb=10:verbosity=1:hard_rss_limit_mb=50 %run %t 2>&1 | FileCheck %s --check-prefix=Q10 // RUN: %env_asan_opts=quarantine_size_mb=10:verbosity=1:hard_rss_limit_mb=50:fast_unwind_on_malloc=0 %run %t 2>&1 | FileCheck %s --check-prefix=Q10
// RUN: %env_asan_opts=quarantine_size_mb=10:quarantine_size=20:verbosity=1 not %run %t 2>&1 | FileCheck %s --check-prefix=BOTH // RUN: %env_asan_opts=quarantine_size_mb=10:quarantine_size=20:verbosity=1 not %run %t 2>&1 | FileCheck %s --check-prefix=BOTH
// RUN: %env_asan_opts=quarantine_size_mb=1000:hard_rss_limit_mb=50 not %run %t 2>&1 | FileCheck %s --check-prefix=RSS_LIMIT // RUN: %env_asan_opts=quarantine_size_mb=1000:hard_rss_limit_mb=50 not %run %t 2>&1 | FileCheck %s --check-prefix=RSS_LIMIT
// RUN: %env_asan_opts=hard_rss_limit_mb=20 not %run %t 2>&1 | FileCheck %s --check-prefix=RSS_LIMIT // RUN: %env_asan_opts=hard_rss_limit_mb=20 not %run %t 2>&1 | FileCheck %s --check-prefix=RSS_LIMIT
// https://github.com/google/sanitizers/issues/981 // https://github.com/google/sanitizers/issues/981
// UNSUPPORTED: android-26 // UNSUPPORTED: android-26
#include <string.h> #include <string.h>
char *g; char *g;
static const int kNumAllocs = 1 << 11; static const int kNumAllocs = 1 << 11;
Show All 13 Lines

compiler-rt/test/asan/lit.cfg.py

Show First 20 LinesShow All 185 Lines▼ Show 20 Lines
config.substitutions.append( ('CHECK-%kernel_bits', ("CHECK-kernel-" + kernel_bits + "-bits"))) config.substitutions.append( ('CHECK-%kernel_bits', ("CHECK-kernel-" + kernel_bits + "-bits")))
config.substitutions.append( ("%libdl", libdl_flag) ) config.substitutions.append( ("%libdl", libdl_flag) )
config.available_features.add("asan-" + config.bits + "-bits") config.available_features.add("asan-" + config.bits + "-bits")
# Fast unwinder doesn't work with Thumb # Fast unwinder doesn't work with Thumb
if re.search('mthumb', config.target_cflags) is None: if not config.arm_thumb:
config.available_features.add('fast-unwinder-works') config.available_features.add('fast-unwinder-works')
# Turn on leak detection on 64-bit Linux. # Turn on leak detection on 64-bit Linux.
leak_detection_linux = (config.host_os == 'Linux') and (not config.android) and (config.target_arch == 'x86_64' or config.target_arch == 'i386') leak_detection_linux = (config.host_os == 'Linux') and (not config.android) and (config.target_arch == 'x86_64' or config.target_arch == 'i386')
leak_detection_mac = (config.host_os == 'Darwin') and (config.target_arch == 'x86_64') leak_detection_mac = (config.host_os == 'Darwin') and (config.target_arch == 'x86_64')
leak_detection_netbsd = (config.host_os == 'NetBSD') and (config.target_arch in ['x86_64', 'i386']) leak_detection_netbsd = (config.host_os == 'NetBSD') and (config.target_arch in ['x86_64', 'i386'])
if leak_detection_linux or leak_detection_mac or leak_detection_netbsd: if leak_detection_linux or leak_detection_mac or leak_detection_netbsd:
config.available_features.add('leak-detection') config.available_features.add('leak-detection')
Show All 40 Lines

compiler-rt/test/asan/lit.site.cfg.py.in

@LIT_SITE_CFG_IN_HEADER@ @LIT_SITE_CFG_IN_HEADER@
# Tool-specific config options. # Tool-specific config options.
config.name_suffix = "@ASAN_TEST_CONFIG_SUFFIX@" config.name_suffix = "@ASAN_TEST_CONFIG_SUFFIX@"
config.target_cflags = "@ASAN_TEST_TARGET_CFLAGS@" config.target_cflags = "@ASAN_TEST_TARGET_CFLAGS@"
config.clang = "@ASAN_TEST_TARGET_CC@" config.clang = "@ASAN_TEST_TARGET_CC@"
config.bits = "@ASAN_TEST_BITS@" config.bits = "@ASAN_TEST_BITS@"
config.arm_thumb = "@COMPILER_RT_ARM_THUMB@"
config.apple_platform = "@ASAN_TEST_APPLE_PLATFORM@" config.apple_platform = "@ASAN_TEST_APPLE_PLATFORM@"
config.apple_platform_min_deployment_target_flag = "@ASAN_TEST_MIN_DEPLOYMENT_TARGET_FLAG@" config.apple_platform_min_deployment_target_flag = "@ASAN_TEST_MIN_DEPLOYMENT_TARGET_FLAG@"
config.asan_dynamic = @ASAN_TEST_DYNAMIC@ config.asan_dynamic = @ASAN_TEST_DYNAMIC@
config.target_arch = "@ASAN_TEST_TARGET_ARCH@" config.target_arch = "@ASAN_TEST_TARGET_ARCH@"
# Load common config for all compiler-rt lit tests. # Load common config for all compiler-rt lit tests.
lit_config.load_config(config, "@COMPILER_RT_BINARY_DIR@/test/lit.common.configured") lit_config.load_config(config, "@COMPILER_RT_BINARY_DIR@/test/lit.common.configured")
# Load tool-specific config that would do the real work. # Load tool-specific config that would do the real work.
lit_config.load_config(config, "@ASAN_LIT_SOURCE_DIR@/lit.cfg.py") lit_config.load_config(config, "@ASAN_LIT_SOURCE_DIR@/lit.cfg.py")