[PATCH] D41882: [hwasan] An option to disable tag randomization.

Tue Jan 9 14:39:20 PST 2018

eugenis created this revision.
eugenis added reviewers: alekseyshl, kcc.
Herald added a subscriber: kubamracek.

Avoid flaky test failures by by using a monotonic number sequence of
heap tags.

Does not affect stack tags: the way we generate those guarantees
uniqueness for at least 30-something first allocas in any function,
as well as the UAR tag.


https://reviews.llvm.org/D41882

Files:
  compiler-rt/lib/hwasan/hwasan_flags.inc
  compiler-rt/lib/hwasan/hwasan_thread.cc
  compiler-rt/test/hwasan/lit.cfg


Index: compiler-rt/test/hwasan/lit.cfg
===================================================================

--- compiler-rt/test/hwasan/lit.cfg
+++ compiler-rt/test/hwasan/lit.cfg
@@ -18,7 +18,7 @@
 config.substitutions.append( ("%clang_hwasan ", build_invocation(clang_hwasan_cflags)) )
 config.substitutions.append( ("%clangxx_hwasan ", build_invocation(clang_hwasan_cxxflags)) )
 
-default_hwasan_opts_str = ':'.join(['disable_allocator_tagging=1'] + config.default_sanitizer_opts)
+default_hwasan_opts_str = ':'.join(['disable_allocator_tagging=1', 'random_tags=0'] + config.default_sanitizer_opts)
 if default_hwasan_opts_str:
   config.environment['HWASAN_OPTIONS'] = default_hwasan_opts_str
   default_hwasan_opts_str += ':'
Index: compiler-rt/lib/hwasan/hwasan_thread.cc
===================================================================
--- compiler-rt/lib/hwasan/hwasan_thread.cc
+++ compiler-rt/lib/hwasan/hwasan_thread.cc
@@ -29,7 +29,7 @@
   thread->start_routine_ = start_routine;
   thread->arg_ = arg;
   thread->destructor_iterations_ = GetPthreadDestructorIterations();
-  thread->random_state_ = RandomSeed();
+  thread->random_state_ = flags()->random_tags ? RandomSeed() : 0;
 
   return thread;
 }
@@ -97,11 +97,15 @@
 tag_t HwasanThread::GenerateRandomTag() {
   tag_t tag;
   do {
-    if (!random_buffer_)
-      random_buffer_ = random_state_ = xorshift(random_state_);
-    CHECK(random_buffer_);
-    tag = random_buffer_ & 0xFF;
-    random_buffer_ >>= 8;
+    if (flags()->random_tags) {
+      if (!random_buffer_)
+        random_buffer_ = random_state_ = xorshift(random_state_);
+      CHECK(random_buffer_);
+      tag = random_buffer_ & 0xFF;
+      random_buffer_ >>= 8;
+    } else {
+      tag = random_state_ = (random_state_ + 1) & 0xFF;
+    }
   } while (!tag);
   return tag;
 }
Index: compiler-rt/lib/hwasan/hwasan_flags.inc
===================================================================
--- compiler-rt/lib/hwasan/hwasan_flags.inc
+++ compiler-rt/lib/hwasan/hwasan_flags.inc
@@ -27,3 +27,7 @@
 // Test only flag to disable malloc/realloc/free memory tagging on startup.
 // Tagging can be reenabled with __hwasan_enable_allocator_tagging().
 HWASAN_FLAG(bool, disable_allocator_tagging, false, "")
+
+// If false, use simple increment of a thread local counter to generate new
+// tags.
+HWASAN_FLAG(bool, random_tags, true, "")


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D41882.129163.patch
Type: text/x-patch
Size: 2380 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180109/250cf983/attachment-0001.bin>
