[PATCH] D23354: [compiler-rt] Support dynamic shadow address instrumentation

Chris Hamilton via llvm-commits llvm-commits at lists.llvm.org
Wed Aug 10 13:36:10 PDT 2016


chrisha added a comment.

In https://reviews.llvm.org/D23354#511712, @kcc wrote:

> All I've heard so far are very sad things, but they don't convince me. 
>  I believe we have Microsoft folks in the community now. Please summon some of them to this discussion.
>
> We must find a way to use static shadow. 
>  My estimate is that dynamic shadow will cost us 10% in CPU and 5% in code size at the very least. 
>  These are just guesses, so benchmark results are more than welcome.
>
> Comparing this change to whatever we do in the prologue is not correct since for dynamic shadow we
>  a) steal a register for the entire function
>  b) complicate the address arithmetic for every memory access.
>
> BTW, why do we have to support all older windows versions? 
>  For me it would be fine to only support whatever the current version is and the future ones. 
>  At least as the first step.


We're not trying to support all versions of Windows. But a significant portion of our user population is still on Win7/8/8.1, and not on Win10. We'd like to support them for as long as Chrome supports those platforms.

No matter what static address you choose, there's a non-zero chance that something else will be there. Especially since all sorts of things out of control (third party code) likes to inject itself into Chrome's address space. Since we're trying to grab 12.5% of the address space, that chance is actually pretty high.

In a lab it's fine for occasional failures to start due to address space collisions. On a users machine, not so much. SyzyASAN chose a dynamic shadow for this reason. We're gearing up to ship 64-bit ASAN to the canary Windows users, and shipping a product that can randomly fail to start is simply not going to happen.

If the ability to run with a non-dynamic shadow is preserved as an instrumentation time choice, why can't we support both worlds? If you really want to tweak out the last small slice of performance in a lab scenario then feel free to use a static shadow. For shipping to users where the ability to reliably start trumps performance, then use a dynamic shadow.


https://reviews.llvm.org/D23354





More information about the llvm-commits mailing list