[llvm][AddressSanitizer] option for applying AddressSanitizer to specific address spaces #167770
Conversation
|
Thank you for submitting a Pull Request (PR) to the LLVM Project! This PR will be automatically labeled and the relevant teams will be notified. If you wish to, you can add reviewers by using the "Reviewers" section on this page. If this is not working for you, it is probably because you do not have write permissions for the repository. In which case you can instead tag reviewers by name in a comment by using If you have received no comments on your PR for a week, you can request a review by "ping"ing the PR by adding a comment “Ping”. The common courtesy "ping" rate is once a week. Please remember that you are asking for valuable time from other developers. If you have further questions, they may be answered by the LLVM GitHub User Guide. You can also ask questions in a comment on this PR, on the LLVM Discord or on the forums. |
|
@llvm/pr-subscribers-compiler-rt-sanitizer Author: Emil Tsalapatis (etsal) ChangesFor some backends, e.g., BPF, it is desirable to only sanitize memory belonging to specific address spaces. More specifically, it is sometimes desirable to only apply address sanitization for arena memory belonging to address space 1. However, AddressSanitizer currently does not support selectively sanitizing address spaces. Add a new option to select which address spaces to apply AddressSanitizer to. No functional change for existing targets (namely AMD GPU) that hardcode which address spaces to sanitize Full diff: https://github.com/llvm/llvm-project/pull/167770.diff 1 Files Affected:
diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
index 7c364f86fb0e8..e43da407aadfe 100644
--- a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@@ -436,6 +436,11 @@ static cl::opt<AsanDtorKind> ClOverrideDestructorKind(
"Use global destructors")),
cl::init(AsanDtorKind::Invalid), cl::Hidden);
+static cl::list<int> ClAddrSpaces(
+ "asan-instrument-address-spaces",
+ cl::desc("Only instrument variables in the specified address spaces."),
+ cl::Hidden, cl::CommaSeparated, cl::ZeroOrMore);
+
// Debug flags.
static cl::opt<int> ClDebug("asan-debug", cl::desc("debug"), cl::Hidden,
@@ -1355,11 +1360,26 @@ static bool GlobalWasGeneratedByCompiler(GlobalVariable *G) {
static bool isUnsupportedAMDGPUAddrspace(Value *Addr) {
Type *PtrTy = cast<PointerType>(Addr->getType()->getScalarType());
unsigned int AddrSpace = PtrTy->getPointerAddressSpace();
+ // Globals in address space 1 and 4 are supported for AMDGPU.
if (AddrSpace == 3 || AddrSpace == 5)
return true;
return false;
}
+static bool isSupportedAddrspace(const Triple &TargetTriple, Value *Addr) {
+ Type *PtrTy = cast<PointerType>(Addr->getType()->getScalarType());
+ unsigned int AddrSpace = PtrTy->getPointerAddressSpace();
+
+ if (!ClAddrSpaces.empty())
+ return std::find(ClAddrSpaces.begin(), ClAddrSpaces.end(), AddrSpace) !=
+ ClAddrSpaces.end();
+
+ if (TargetTriple.isAMDGPU())
+ return !isUnsupportedAMDGPUAddrspace(Addr);
+
+ return AddrSpace == 0;
+}
+
Value *AddressSanitizer::memToShadow(Value *Shadow, IRBuilder<> &IRB) {
// Shadow >> scale
Shadow = IRB.CreateLShr(Shadow, Mapping.Scale);
@@ -1423,10 +1443,9 @@ bool AddressSanitizer::isInterestingAlloca(const AllocaInst &AI) {
}
bool AddressSanitizer::ignoreAccess(Instruction *Inst, Value *Ptr) {
- // Instrument accesses from different address spaces only for AMDGPU.
- Type *PtrTy = cast<PointerType>(Ptr->getType()->getScalarType());
- if (PtrTy->getPointerAddressSpace() != 0 &&
- !(TargetTriple.isAMDGPU() && !isUnsupportedAMDGPUAddrspace(Ptr)))
+ // Check whether the target supports sanitizing the address space
+ // of the pointer.
+ if (!isSupportedAddrspace(TargetTriple, Ptr))
return true;
// Ignore swifterror addresses.
@@ -2089,9 +2108,7 @@ bool ModuleAddressSanitizer::shouldInstrumentGlobal(GlobalVariable *G) const {
return false;
if (!Ty->isSized()) return false;
if (!G->hasInitializer()) return false;
- // Globals in address space 1 and 4 are supported for AMDGPU.
- if (G->getAddressSpace() &&
- !(TargetTriple.isAMDGPU() && !isUnsupportedAMDGPUAddrspace(G)))
+ if (!isSupportedAddrspace(TargetTriple, G))
return false;
if (GlobalWasGeneratedByCompiler(G)) return false; // Our own globals.
// Two problems with thread-locals:
|
|
@llvm/pr-subscribers-llvm-transforms Author: Emil Tsalapatis (etsal) ChangesFor some backends, e.g., BPF, it is desirable to only sanitize memory belonging to specific address spaces. More specifically, it is sometimes desirable to only apply address sanitization for arena memory belonging to address space 1. However, AddressSanitizer currently does not support selectively sanitizing address spaces. Add a new option to select which address spaces to apply AddressSanitizer to. No functional change for existing targets (namely AMD GPU) that hardcode which address spaces to sanitize Full diff: https://github.com/llvm/llvm-project/pull/167770.diff 1 Files Affected:
diff --git a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
index 7c364f86fb0e8..e43da407aadfe 100644
--- a/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
+++ b/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
@@ -436,6 +436,11 @@ static cl::opt<AsanDtorKind> ClOverrideDestructorKind(
"Use global destructors")),
cl::init(AsanDtorKind::Invalid), cl::Hidden);
+static cl::list<int> ClAddrSpaces(
+ "asan-instrument-address-spaces",
+ cl::desc("Only instrument variables in the specified address spaces."),
+ cl::Hidden, cl::CommaSeparated, cl::ZeroOrMore);
+
// Debug flags.
static cl::opt<int> ClDebug("asan-debug", cl::desc("debug"), cl::Hidden,
@@ -1355,11 +1360,26 @@ static bool GlobalWasGeneratedByCompiler(GlobalVariable *G) {
static bool isUnsupportedAMDGPUAddrspace(Value *Addr) {
Type *PtrTy = cast<PointerType>(Addr->getType()->getScalarType());
unsigned int AddrSpace = PtrTy->getPointerAddressSpace();
+ // Globals in address space 1 and 4 are supported for AMDGPU.
if (AddrSpace == 3 || AddrSpace == 5)
return true;
return false;
}
+static bool isSupportedAddrspace(const Triple &TargetTriple, Value *Addr) {
+ Type *PtrTy = cast<PointerType>(Addr->getType()->getScalarType());
+ unsigned int AddrSpace = PtrTy->getPointerAddressSpace();
+
+ if (!ClAddrSpaces.empty())
+ return std::find(ClAddrSpaces.begin(), ClAddrSpaces.end(), AddrSpace) !=
+ ClAddrSpaces.end();
+
+ if (TargetTriple.isAMDGPU())
+ return !isUnsupportedAMDGPUAddrspace(Addr);
+
+ return AddrSpace == 0;
+}
+
Value *AddressSanitizer::memToShadow(Value *Shadow, IRBuilder<> &IRB) {
// Shadow >> scale
Shadow = IRB.CreateLShr(Shadow, Mapping.Scale);
@@ -1423,10 +1443,9 @@ bool AddressSanitizer::isInterestingAlloca(const AllocaInst &AI) {
}
bool AddressSanitizer::ignoreAccess(Instruction *Inst, Value *Ptr) {
- // Instrument accesses from different address spaces only for AMDGPU.
- Type *PtrTy = cast<PointerType>(Ptr->getType()->getScalarType());
- if (PtrTy->getPointerAddressSpace() != 0 &&
- !(TargetTriple.isAMDGPU() && !isUnsupportedAMDGPUAddrspace(Ptr)))
+ // Check whether the target supports sanitizing the address space
+ // of the pointer.
+ if (!isSupportedAddrspace(TargetTriple, Ptr))
return true;
// Ignore swifterror addresses.
@@ -2089,9 +2108,7 @@ bool ModuleAddressSanitizer::shouldInstrumentGlobal(GlobalVariable *G) const {
return false;
if (!Ty->isSized()) return false;
if (!G->hasInitializer()) return false;
- // Globals in address space 1 and 4 are supported for AMDGPU.
- if (G->getAddressSpace() &&
- !(TargetTriple.isAMDGPU() && !isUnsupportedAMDGPUAddrspace(G)))
+ if (!isSupportedAddrspace(TargetTriple, G))
return false;
if (GlobalWasGeneratedByCompiler(G)) return false; // Our own globals.
// Two problems with thread-locals:
|
| unsigned int AddrSpace = PtrTy->getPointerAddressSpace(); | ||
|
|
||
| if (!ClAddrSpaces.empty()) | ||
| return std::find(ClAddrSpaces.begin(), ClAddrSpaces.end(), AddrSpace) != |
There was a problem hiding this comment.
Linearly searching through the list every time seems inefficient. Maybe preprocess the list into an array, and directly index into it?
There was a problem hiding this comment.
Sounds good, I will update the diff.
…ific address spaces
etsal
force-pushed
the
asan-filter-aspace
branch
from
831655a to
c9dcfde
Compare
| if (!SrcAddrSpaces.empty()) | ||
| return SrcAddrSpaces.count(AddrSpace); | ||
|
|
||
| if (TargetTriple.isAMDGPU()) |
There was a problem hiding this comment.
Optional: this function could be simplified to always check SrcAddrSpaces, by populating SrcAddrSpaces at the start of the pass with the AMDGPU or default address space values as appropriate.
3 participants
For some backends, e.g., BPF, it is desirable to only sanitize memory belonging to specific address spaces. More specifically, it is sometimes desirable to only apply address sanitization for arena memory belonging to address space 1. However, AddressSanitizer currently does not support selectively sanitizing address spaces. Add a new option to select which address spaces to apply AddressSanitizer to.
No functional change for existing targets (namely AMD GPU) that hardcode which address spaces to sanitize