tsan also needs sanitizer nerf for crc64 #122

nate-thirdwave · 2024-05-30T17:06:42Z

The no_sanitize_address nerf for crc64 also needs no_sanitize_thread since the tsan checker also looks for heap-use-after-free.

--- src/liblzma/check/crc64_fast.c	2023-11-01 12:19:29.000000000 +0000
+++ src/liblzma/check/crc64_fast.c-new	2024-05-30 16:56:41.935335535 +0000
@@ -209,11 +209,14 @@
 // The intrinsics use 16-byte-aligned reads from buf, thus they may read
 // up to 15 bytes before or after the buffer (depending on the alignment
 // of the buf argument). The values of the extra bytes are ignored.
-// This unavoidably trips -fsanitize=address so address sanitizier has
-// to be disabled for this function.
+// This unavoidably trips -fsanitize=address and -fsanitize=thread
+// so the sanitizers have to be disabled for this function.
 #if lzma_has_attribute(__no_sanitize_address__)
 __attribute__((__no_sanitize_address__))
 #endif
+#if lzma_has_attribute(__no_sanitize_thread__)
+__attribute__((__no_sanitize_thread__))
+#endif
 static uint64_t
 crc64_clmul(const uint8_t *buf, size_t size, uint64_t crc)
 {

The text was updated successfully, but these errors were encountered:

nate-thirdwave · 2024-05-30T17:08:30Z

Observing a tsan fault depends on the state of your heap (some other previously free'd memory block needs to be in the vestigial space before or after the buffer)

Larhzu · 2024-06-03T12:03:32Z

Perhaps with Clang it could be __attribute__((__no_sanitize__("*"))) or such as clearly it can trip about every sanitizer. It's funny as in assembly code the code would be fine. But in any case the current code will be replaced with one that won't trip sanitizers and not require these attributes.

It's not enough to silence the address sanitizer. Also memory and thread sanitizers would need to be silenced. They, at least currently, aren't smart enough to see that the extra bytes are discarded from the xmm registers by later instructions. Valgrind is smarter, possibly because this kind of code isn't weird to write in assembly. Agner Fog's optimizing_assembly.pdf even mentions this idea of doing an aligned read and then discarding the extra bytes. The sanitizers don't instrument assembly code but Valgrind checks all code. It's better to change the implementation to avoid the sanitization attributes which also look scary in the code. (Somehow they can look more scary than __asm__ which is implictly unsanitized.) See also: #112 #122

It's faster with both tiny and large buffers and doesn't require disabling any sanitizers. With large buffers the extra speed is from folding four 16-byte chunks in parallel. It is unknown if the MSVC workaround on 32-bit x86 is still needed. I omitted it from this commit. Fixes: #112 Fixes: #122

It's not enough to silence the address sanitizer. Also memory and thread sanitizers would need to be silenced. They, at least currently, aren't smart enough to see that the extra bytes are discarded from the xmm registers by later instructions. Valgrind is smarter, possibly because this kind of code isn't weird to write in assembly. Agner Fog's optimizing_assembly.pdf even mentions this idea of doing an aligned read and then discarding the extra bytes. The sanitizers don't instrument assembly code but Valgrind checks all code. It's better to change the implementation to avoid the sanitization attributes which also look scary in the code. (Somehow they can look more scary than __asm__ which is implictly unsanitized.) See also: #112 #122

It's faster with both tiny and large buffers and doesn't require disabling any sanitizers. With large buffers the extra speed is from folding four 16-byte chunks in parallel. It is unknown if the MSVC workaround on 32-bit x86 is still needed. I omitted it from this commit. Fixes: #112 Fixes: #122

It's not enough to silence the address sanitizer. Also memory and thread sanitizers would need to be silenced. They, at least currently, aren't smart enough to see that the extra bytes are discarded from the xmm registers by later instructions. Valgrind is smarter, possibly because this kind of code isn't weird to write in assembly. Agner Fog's optimizing_assembly.pdf even mentions this idea of doing an aligned read and then discarding the extra bytes. The sanitizers don't instrument assembly code but Valgrind checks all code. It's better to change the implementation to avoid the sanitization attributes which also look scary in the code. (Somehow they can look more scary than __asm__ which is implictly unsanitized.) See also: #112 #122

It's faster with both tiny and large buffers and doesn't require disabling any sanitizers. With large buffers the extra speed is from folding four 16-byte chunks in parallel. It is unknown if the MSVC workaround on 32-bit x86 is still needed. I omitted it from this commit. Thanks to Sam James for the feedback. Fixes: #112 Fixes: #122

Larhzu · 2024-06-11T21:28:17Z

See #127.

It's not enough to silence the address sanitizer. Also memory and thread sanitizers would need to be silenced. They, at least currently, aren't smart enough to see that the extra bytes are discarded from the xmm registers by later instructions. Valgrind is smarter, possibly because this kind of code isn't weird to write in assembly. Agner Fog's optimizing_assembly.pdf even mentions this idea of doing an aligned read and then discarding the extra bytes. The sanitizers don't instrument assembly code but Valgrind checks all code. It's better to change the implementation to avoid the sanitization attributes which also look scary in the code. (Somehow they can look more scary than __asm__ which is implictly unsanitized.) See also: #112 #122

It's faster with both tiny and large buffers and doesn't require disabling any sanitizers. With large buffers the extra speed is from folding four 16-byte chunks in parallel. The 32-bit x86 with MSVC reportedly still needs a workaround. Now the simpler "__asm mov ebx, ebx" trick is enough but it needs to be in lzma_crc64() instead of crc64_arch_optimized(). Thanks to Iouri Kharon for testing and the fix. Thanks to Sam James for general feedback. Fixes: #112 Fixes: #122

Larhzu closed this as completed in 54eaea5 Jun 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tsan also needs sanitizer nerf for crc64 #122

tsan also needs sanitizer nerf for crc64 #122

nate-thirdwave commented May 30, 2024

nate-thirdwave commented May 30, 2024

Larhzu commented Jun 3, 2024

Larhzu commented Jun 11, 2024

tsan also needs sanitizer nerf for crc64 #122

tsan also needs sanitizer nerf for crc64 #122

Comments

nate-thirdwave commented May 30, 2024

nate-thirdwave commented May 30, 2024

Larhzu commented Jun 3, 2024

Larhzu commented Jun 11, 2024