[libcxx-commits] [PATCH] D145628: [ASan][libcxx] A way to turn off annotations for containers with a specific allocator
Tacet via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Mon Mar 27 13:56:20 PDT 2023
AdvenamTacet updated this revision to Diff 508787.
AdvenamTacet marked 7 inline comments as done.
AdvenamTacet added a comment.
This update introduces changes suggested in code review:
- use of `Cpp17UnaryTypeTrait`,
- description update.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D145628/new/
https://reviews.llvm.org/D145628
Files:
libcxx/docs/UsingLibcxx.rst
libcxx/include/__memory/allocator_traits.h
Index: libcxx/include/__memory/allocator_traits.h
===================================================================
--- libcxx/include/__memory/allocator_traits.h
+++ libcxx/include/__memory/allocator_traits.h
@@ -401,6 +401,19 @@
: __is_cpp17_move_insertable<_Alloc>
{ };
+// ASan choices
+template <class _Alloc>
+struct __asan_annotate_container_with_allocator
+# if _LIBCPP_CLANG_VER >= 1600
+ : true_type {};
+# else
+ // TODO LLVM18: Remove the special-casing
+ : false_type {};
+# endif
+
+template <class _Tp>
+struct __asan_annotate_container_with_allocator<allocator<_Tp>> : true_type {};
+
#undef _LIBCPP_ALLOCATOR_TRAITS_HAS_XXX
_LIBCPP_END_NAMESPACE_STD
Index: libcxx/docs/UsingLibcxx.rst
===================================================================
--- libcxx/docs/UsingLibcxx.rst
+++ libcxx/docs/UsingLibcxx.rst
@@ -517,3 +517,28 @@
``format-string`` and ``wformat-string`` became ``basic_format_string``,
``format_string``, and ``wformat_string`` in C++23. Libc++ makes these types
available in C++20 as an extension.
+
+Turning off ASan annotation in containers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+``__asan_annotate_container_with_allocator`` is a customization point to allow users to disable
+`Address Sanitizer annotations for containers <https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow>`_ for specific allocators. This may be necessary for allocators that access allocated memory.
+
+For allocators not running destructors, it is also possible to `bulk-unpoison memory <https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning>`_ instead of disabling annotations altogether.
+
+The struct may be specialized for user-defined allocators. It is a `Cpp17UnaryTypeTrait <http://eel.is/c++draft/type.traits#meta.rqmts>`_ with a base characteristic of ``true_type`` if the container is allowed to use annotations and ``false_type`` otherwise.
+
+The annotations for a ``user_allocator`` can be disabled like this:
+
+.. code-block:: cpp
+
+ struct std::__asan_annotate_container_with_allocator<user_allocator<T>> : false_type {};
+
+Why may I want to turn it off?
+------------------------------
+
+There are a few reasons why you may want to turn off annotations for an allocator.
+Unpoisoning may not be an option, if (for example) you are not maintaining the allocator.
+
+* You are using allocator, which does not call destructor during deallocation.
+* You are aware that memory allocated with an allocator may be accessed, even when unused by container.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D145628.508787.patch
Type: text/x-patch
Size: 2576 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/libcxx-commits/attachments/20230327/ccdc3bd7/attachment.bin>
More information about the libcxx-commits
mailing list