[cfe-dev] Dataflow sanitizer memory mapping question

Kostya Serebryany kcc at google.com
Wed May 21 10:12:36 PDT 2014 

+pcc


On Wed, May 21, 2014 at 8:59 PM, Frederico Araujo <araujof at gmail.com> wrote:

> Hi,
>
> I created an example program to learn how to use the clang dataflow
> sanitizer and noticed that when the program is compiled with the
> -fsanitize=dataflow option, the application and its shared libraries are
> mapped differently to memory. My question is why the program section is
> relocated to higher addresses and shared objects appear to be relocated
> below the heap?
>

This happens because -fsanitize=dataflow implies -pie which changes the
mapping the way you describe.
tsan (--fsanitize=tread) and msan (-fsanitize=memory) behave the same way.
This is intentional, such mapping makes the implementation more efficient.


> For instance, see below the two memory maps for the same program compiled
> without/with the dataflow sanitizer option.
>
> Is this necessary for the memory shadowing mechanism used by the
> sanitizer? I'd really appreciate if someone could explain the design
> decision behind these remappings.
> Ultimately, I'd like to know if it's possible to keep the program mapped
> to its original low addresses without hurting the dataflow sanitizer
> assumptions.
>

for msan not using -pie would be a significant performance hit, and dfsan
is rather similar to msan.
pcc, please correct me if I am wrong.
for tsan this will be less of an issue, but still undesirable.

Why does this bother you?

--kcc


>
> # Without sanitizer
> 00400000-00401000 r-xp 00000000 08:01 2491706
>  /home/frederico/dev/tests/llvm/labelprop/loop
> 00600000-00601000 r--p 00000000 08:01 2491706
>  /home/frederico/dev/tests/llvm/labelprop/loop
> 00601000-00602000 rw-p 00001000 08:01 2491706
>  /home/frederico/dev/tests/llvm/labelprop/loop
> 01169000-0118a000 rw-p 00000000 00:00 0
>  [heap]
> 7ffb4531d000-7ffb454d9000 r-xp 00000000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7ffb454d9000-7ffb456d8000 ---p 001bc000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7ffb456d8000-7ffb456dc000 r--p 001bb000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7ffb456dc000-7ffb456de000 rw-p 001bf000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7ffb456de000-7ffb456e3000 rw-p 00000000 00:00 0
> 7ffb456e3000-7ffb45706000 r-xp 00000000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7ffb458e9000-7ffb458ec000 rw-p 00000000 00:00 0
> 7ffb45902000-7ffb45905000 rw-p 00000000 00:00 0
> 7ffb45905000-7ffb45906000 r--p 00022000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7ffb45906000-7ffb45907000 rw-p 00023000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7ffb45907000-7ffb45908000 rw-p 00000000 00:00 0
> 7fff6d64d000-7fff6d66e000 rw-p 00000000 00:00 0
>  [stack]
> 7fff6d7fe000-7fff6d800000 r-xp 00000000 00:00 0
>  [vdso]
> ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
>  [vsyscall]
>
> # With sanitizer
> 00010000-200200000000 rw-p 00000000 00:00 0
> 200200000000-700000008000 ---p 00000000 00:00 0
> 7f8068983000-7f8068b3f000 r-xp 00000000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7f8068b3f000-7f8068d3e000 ---p 001bc000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7f8068d3e000-7f8068d42000 r--p 001bb000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7f8068d42000-7f8068d44000 rw-p 001bf000 08:01 1338668
>  /lib/x86_64-linux-gnu/libc-2.19.so
> 7f8068d44000-7f8068d49000 rw-p 00000000 00:00 0
> 7f8068d49000-7f8068d5f000 r-xp 00000000 08:01 1314808
>  /lib/x86_64-linux-gnu/libgcc_s.so.1
> 7f8068d5f000-7f8068f5e000 ---p 00016000 08:01 1314808
>  /lib/x86_64-linux-gnu/libgcc_s.so.1
> 7f8068f5e000-7f8068f5f000 rw-p 00015000 08:01 1314808
>  /lib/x86_64-linux-gnu/libgcc_s.so.1
> 7f8068f5f000-7f8068f62000 r-xp 00000000 08:01 1338681
>  /lib/x86_64-linux-gnu/libdl-2.19.so
> 7f8068f62000-7f8069161000 ---p 00003000 08:01 1338681
>  /lib/x86_64-linux-gnu/libdl-2.19.so
> 7f8069161000-7f8069162000 r--p 00002000 08:01 1338681
>  /lib/x86_64-linux-gnu/libdl-2.19.so
> 7f8069162000-7f8069163000 rw-p 00003000 08:01 1338681
>  /lib/x86_64-linux-gnu/libdl-2.19.so
> 7f8069163000-7f8069268000 r-xp 00000000 08:01 1338671
>  /lib/x86_64-linux-gnu/libm-2.19.so
> 7f8069268000-7f8069467000 ---p 00105000 08:01 1338671
>  /lib/x86_64-linux-gnu/libm-2.19.so
> 7f8069467000-7f8069468000 r--p 00104000 08:01 1338671
>  /lib/x86_64-linux-gnu/libm-2.19.so
> 7f8069468000-7f8069469000 rw-p 00105000 08:01 1338671
>  /lib/x86_64-linux-gnu/libm-2.19.so
> 7f8069469000-7f8069470000 r-xp 00000000 08:01 1338685
>  /lib/x86_64-linux-gnu/librt-2.19.so
> 7f8069470000-7f806966f000 ---p 00007000 08:01 1338685
>  /lib/x86_64-linux-gnu/librt-2.19.so
> 7f806966f000-7f8069670000 r--p 00006000 08:01 1338685
>  /lib/x86_64-linux-gnu/librt-2.19.so
> 7f8069670000-7f8069671000 rw-p 00007000 08:01 1338685
>  /lib/x86_64-linux-gnu/librt-2.19.so
> 7f8069671000-7f806968a000 r-xp 00000000 08:01 1338684
>  /lib/x86_64-linux-gnu/libpthread-2.19.so
> 7f806968a000-7f8069889000 ---p 00019000 08:01 1338684
>  /lib/x86_64-linux-gnu/libpthread-2.19.so
> 7f8069889000-7f806988a000 r--p 00018000 08:01 1338684
>  /lib/x86_64-linux-gnu/libpthread-2.19.so
> 7f806988a000-7f806988b000 rw-p 00019000 08:01 1338684
>  /lib/x86_64-linux-gnu/libpthread-2.19.so
> 7f806988b000-7f806988f000 rw-p 00000000 00:00 0
> 7f806988f000-7f80698b2000 r-xp 00000000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7f8069a93000-7f8069a98000 rw-p 00000000 00:00 0
> 7f8069aab000-7f8069ab1000 rw-p 00000000 00:00 0
> 7f8069ab1000-7f8069ab2000 r--p 00022000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7f8069ab2000-7f8069ab3000 rw-p 00023000 08:01 1338667
>  /lib/x86_64-linux-gnu/ld-2.19.so
> 7f8069ab3000-7f8069ab4000 rw-p 00000000 00:00 0
> 7f8069ab4000-7f8069ad4000 r-xp 00000000 08:01 2491855
>  /home/frederico/dev/tests/llvm/labelprop/loop2
> 7f8069cd3000-7f8069cd4000 r--p 0001f000 08:01 2491855
>  /home/frederico/dev/tests/llvm/labelprop/loop2
> 7f8069cd4000-7f8069cd5000 rw-p 00020000 08:01 2491855
>  /home/frederico/dev/tests/llvm/labelprop/loop2
> 7f8069cd5000-7f806a86a000 rw-p 00000000 00:00 0
> 7f806aeec000-7f806af0d000 rw-p 00000000 00:00 0
>  [heap]
> 7fff2b930000-7fff2b951000 rw-p 00000000 00:00 0
>  [stack]
> 7fff2b9fe000-7fff2ba00000 r-xp 00000000 00:00 0
>  [vdso]
> ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
>  [vsyscall]
>
> Thanks,
> Fred
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140521/8b7cf5da/attachment.html>

More information about the cfe-dev mailing list