-
Notifications
You must be signed in to change notification settings - Fork 10.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[compiler-rt] Realtime Sanitizer: Introduce RADSan backend #92460
base: main
Are you sure you want to change the base?
Conversation
|
✅ With the latest revision this PR passed the Python code formatter. |
✅ With the latest revision this PR passed the C/C++ code formatter. |
@@ -1382,6 +1382,10 @@ collectSanitizerRuntimes(const ToolChain &TC, const ArgList &Args, | |||
StaticRuntimes.push_back("asan_cxx"); | |||
} | |||
|
|||
if (!SanArgs.needsSharedRt() && SanArgs.needsRadsanRt()) { | |||
StaticRuntimes.push_back("radsan"); | |||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One question we have here: What is the SharedRuntimes vs StaticRuntimes? Why would we need to support both? This is one change we "eyeballed" based on the other sanitizers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have some notes at https://maskray.me/blog/2023-01-08-all-about-sanitizer-interceptors#static-runtime
Nit: we omit braces in this single-line statement case https://llvm.org/docs/CodingStandards.html#don-t-use-braces-on-simple-single-statement-bodies-of-if-else-loop-statements
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, if I can summarize the important bits in my own words:
Different platforms have different defaults they use for the sanitizers, some (Darwin, for example) use shared, others (clang on Linux) use static.
A user can specify and override the default with the flags -[shared|static]-libsan
.
To support the most possible configurations, do you think we should add back in the ability to link the shared library in this file? In Darwin.cpp we already show the ability to link the shared runtime, so it seemingly would be as simple as adding in a:
if (SanArgs.needsRadsanRt())
SharedRuntimes.push_back("radsan");
To the block above. Any advice?
@@ -32,6 +32,9 @@ set(ALL_ASAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${RISCV64} | |||
${LOONGARCH64}) | |||
set(ALL_ASAN_ABI_SUPPORTED_ARCH ${X86_64} ${ARM64} ${ARM64_32}) | |||
set(ALL_DFSAN_SUPPORTED_ARCH ${X86_64} ${MIPS64} ${ARM64} ${LOONGARCH64}) | |||
set(ALL_RADSAN_SUPPORTED_ARCH ${X86} ${X86_64} ${ARM32} ${ARM64} ${RISCV64} | |||
${MIPS32} ${MIPS64} ${PPC64} ${S390X} ${SPARC} ${SPARCV9} ${HEXAGON} | |||
${LOONGARCH64}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was copied from ASAN, is this acceptable? We don't have all architectures to test, although we think that our interceptors are simple enough to work on any machine (no platform specific assembly in our code, for example)
Pinging possibly interested parties for review. @yln @vitalybuka @Sirraide @AaronBallman @dougsonos @davidtrevelyan Please feel free to add more, we don't know who all may be interested. Thanks in advance |
compiler-rt/test/radsan/lit.cfg.py
Outdated
@@ -0,0 +1,71 @@ | |||
# -*- Python -*- |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Delete
Some older lit.cfg.py
files might use this because previously they were named lit.cfg
config.name = "RADSAN" + config.name_suffix | ||
|
||
# Setup source root. | ||
config.test_source_root = os.path.dirname(__file__) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
msan
, lsan
, gwp_asan
places lit tests directly under the directory, while some use TestCases/
. Avoiding TestCases
is preferred. Is the lit set up to avoid TestCases
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the lit tests may be placed directly in compiler-rt/test/radsan/
and they run as intended. Just checked on our branch that has them implemented.
} // namespace __sanitizer | ||
|
||
namespace { | ||
void SetGlobalStackTraceFormat() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
#pragma once | ||
|
||
namespace radsan { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
__radsan
to avoid conflicts with user programs
|
||
namespace detail { | ||
|
||
static pthread_key_t Key; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid VariableName
in new compiler-rt code.
Use the recommended variable_name
like asan/hwasan/lsan. Some new compiler-rt subprojects used Variable
as cargo culting llvm/ and clang/, which is a pity (you can also read https://llvm.org/docs/Proposals/VariableNames.html for more history)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great thanks!! Before I go through and edit these, snake_case
is preferred for variables in all contexts?
Really appreciate the review. Pushing up most of your requested changes now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, variable_name
and FunctionName
.. Sorry if this change may take a while.
asan/hwasan/lsan are good examples to follow.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No apology necessary! Happy to do this right the first time.
Does this also apply to lambdas?
auto Func = [&vec]() { vec.push_back(0.4f); };
Should this become:
auto func = [&vec]() { vec.push_back(0.4f); };
Or remain "function case"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I pushed the change for all non-lambda variable names, happy to change the lambdas too based on your feedback.
} // namespace | ||
|
||
namespace radsan { | ||
void PrintStackTrace() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
void radsan::PrintStackTrace
} | ||
} // namespace radsan | ||
|
||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid /*
in C++ files
compiler-rt/lib/radsan/radsan.h
Outdated
violations are detected. Calls to this method are injected at the code | ||
generation stage when RADSan is enabled. | ||
*/ | ||
SANITIZER_INTERFACE_ATTRIBUTE void radsan_realtime_enter(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use __*
names to avoid conflicts with user code. Use //
.
If there are user APIs, define them at include/sanitizer/*_interface.h
https://discourse.llvm.org/t/rfc-nolock-and-noalloc-attributes/76837/75 contains a discussion about the subproject name. |
Weekly ping of reviewers @yln @vitalybuka @Sirraide @AaronBallman @zygoloid @compnerd @petrhosek @isanbard Looking for weighing in on any of the code as it stands now, or the naming question posed by MaskRay here, so far there seems to be support for rtsan over radsan :) |
+1 for rtsan |
* Pass on CREAT mode propertly in open interceptors * Add unit tests * Remove two unneccessary bits * Fix fcntl
* Fix issue where fcntl was not using last arg correctly * Comment update
This is PR 1/?? (3? 4?) introducing the main guts of the realtime sanitizer. For more information, please see the discourse thread. We have also put together a reviewer support document to show what our intention is.
This review introduces the sanitizer backend. This includes:
clang
, enough to get the unit tests compiling.Please see the reviewer support document for what our next steps are. We are moving in lockstep with this PR #84983 for the codegen coming up next.