[compiler-rt] Realtime Sanitizer: Introduce RADSan backend #92460
Conversation
|
|
|
✅ With the latest revision this PR passed the Python code formatter. |
|
✅ With the latest revision this PR passed the C/C++ code formatter. |
| @@ -1382,6 +1382,10 @@ collectSanitizerRuntimes(const ToolChain &TC, const ArgList &Args, | |||
| StaticRuntimes.push_back("asan_cxx"); | |||
| } | |||
|
|
|||
| if (!SanArgs.needsSharedRt() && SanArgs.needsRadsanRt()) { | |||
| StaticRuntimes.push_back("radsan"); | |||
| } | |||
There was a problem hiding this comment.
One question we have here: What is the SharedRuntimes vs StaticRuntimes? Why would we need to support both? This is one change we "eyeballed" based on the other sanitizers.
There was a problem hiding this comment.
I have some notes at https://maskray.me/blog/2023-01-08-all-about-sanitizer-interceptors#static-runtime
Nit: we omit braces in this single-line statement case https://llvm.org/docs/CodingStandards.html#don-t-use-braces-on-simple-single-statement-bodies-of-if-else-loop-statements
There was a problem hiding this comment.
Ok, if I can summarize the important bits in my own words:
Different platforms have different defaults they use for the sanitizers, some (Darwin, for example) use shared, others (clang on Linux) use static.
A user can specify and override the default with the flags -[shared|static]-libsan.
To support the most possible configurations, do you think we should add back in the ability to link the shared library in this file? In Darwin.cpp we already show the ability to link the shared runtime, so it seemingly would be as simple as adding in a:
if (SanArgs.needsRadsanRt())
SharedRuntimes.push_back("radsan");
To the block above. Any advice?
| @@ -32,6 +32,9 @@ set(ALL_ASAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${RISCV64} | |||
| ${LOONGARCH64}) | |||
| set(ALL_ASAN_ABI_SUPPORTED_ARCH ${X86_64} ${ARM64} ${ARM64_32}) | |||
| set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${LOONGARCH64}) | |||
| set(ALL_RADSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${RISCV64} | |||
| ${MIPS32} ${MIPS64} ${PPC64} ${S390X} ${SPARC} ${SPARCV9} ${HEXAGON} | |||
| ${LOONGARCH64}) | |||
There was a problem hiding this comment.
This was copied from ASAN, is this acceptable? We don't have all architectures to test, although we think that our interceptors are simple enough to work on any machine (no platform specific assembly in our code, for example)
|
Pinging possibly interested parties for review. @yln @vitalybuka @Sirraide @AaronBallman @dougsonos @davidtrevelyan Please feel free to add more, we don't know who all may be interested. Thanks in advance |
cjappl
changed the title
compiler-rt/test/radsan/lit.cfg.py
Outdated
| @@ -0,0 +1,71 @@ | |||
| # -*- Python -*- | |||
There was a problem hiding this comment.
Delete
Some older lit.cfg.py files might use this because previously they were named lit.cfg
| config.name = "RADSAN" + config.name_suffix | ||
|
|
||
| # Setup source root. | ||
| config.test_source_root = os.path.dirname(__file__) |
There was a problem hiding this comment.
msan, lsan, gwp_asan places lit tests directly under the directory, while some use TestCases/. Avoiding TestCases is preferred. Is the lit set up to avoid TestCases?
There was a problem hiding this comment.
Yes, the lit tests may be placed directly in compiler-rt/test/radsan/ and they run as intended. Just checked on our branch that has them implemented.
| } // namespace __sanitizer | ||
|
|
||
| namespace { | ||
| void SetGlobalStackTraceFormat() { |
There was a problem hiding this comment.
|
|
||
| #pragma once | ||
|
|
||
| namespace radsan { |
There was a problem hiding this comment.
__radsan to avoid conflicts with user programs
|
|
||
| namespace detail { | ||
|
|
||
| static pthread_key_t Key; |
There was a problem hiding this comment.
Avoid VariableName in new compiler-rt code.
Use the recommended variable_name like asan/hwasan/lsan. Some new compiler-rt subprojects used Variable as cargo culting llvm/ and clang/, which is a pity (you can also read https://llvm.org/docs/Proposals/VariableNames.html for more history)
There was a problem hiding this comment.
Great thanks!! Before I go through and edit these, snake_case is preferred for variables in all contexts?
Really appreciate the review. Pushing up most of your requested changes now.
There was a problem hiding this comment.
Yes, variable_name and FunctionName.. Sorry if this change may take a while.
asan/hwasan/lsan are good examples to follow.
There was a problem hiding this comment.
No apology necessary! Happy to do this right the first time.
Does this also apply to lambdas?
auto Func = [&vec]() { vec.push_back(0.4f); };
Should this become:
auto func = [&vec]() { vec.push_back(0.4f); };
Or remain "function case"?
There was a problem hiding this comment.
I pushed the change for all non-lambda variable names, happy to change the lambdas too based on your feedback.
| } // namespace | ||
|
|
||
| namespace radsan { | ||
| void PrintStackTrace() { |
There was a problem hiding this comment.
void radsan::PrintStackTrace
| } | ||
| } // namespace radsan | ||
|
|
||
| /* |
compiler-rt/lib/radsan/radsan.h
Outdated
| violations are detected. Calls to this method are injected at the code | ||
| generation stage when RADSan is enabled. | ||
| */ | ||
| SANITIZER_INTERFACE_ATTRIBUTE void radsan_realtime_enter(); |
There was a problem hiding this comment.
Use __* names to avoid conflicts with user code. Use //.
If there are user APIs, define them at include/sanitizer/*_interface.h
|
https://discourse.llvm.org/t/rfc-nolock-and-noalloc-attributes/76837/75 contains a discussion about the subproject name. |
|
Weekly ping of reviewers @yln @vitalybuka @Sirraide @AaronBallman @zygoloid @compnerd @petrhosek @isanbard Looking for weighing in on any of the code as it stands now, or the naming question posed by MaskRay here, so far there seems to be support for rtsan over radsan :) |
+1 for rtsan |
* Pass on CREAT mode propertly in open interceptors * Add unit tests * Remove two unneccessary bits * Fix fcntl
* Fix issue where fcntl was not using last arg correctly * Comment update
This is PR 1/?? (3? 4?) introducing the main guts of the realtime sanitizer. For more information, please see the discourse thread. We have also put together a reviewer support document to show what our intention is.
This review introduces the sanitizer backend. This includes:
clang, enough to get the unit tests compiling.Please see the reviewer support document for what our next steps are. We are moving in lockstep with this PR #84983 for the codegen coming up next.