[llvm] [HWASAN] Implement selective instrumentation based on profiling information (PR #83503)

[Vitaly Buka via llvm-commits]

vitalybuka wrote:

> Hi @kstoimenov @vitalybuka
> 
> I have some high level questions:
> 
> 1. What is the motivation of profile information based selective instrumentation? is it about code size?

There are use cases when we can't run 100% of instrumentation because of unacceptable performance overhead. However if we opt out hot code we can still keep most of coverage with minimal loss.

> 2. Will the profile information based selective instrumentation be implemented for other sanitizers(asan, msan, tsan)?

ubsan, hwasan only.

To avoid false positives msan, tsan even with no_sanitize attribute require some instrumentation, so perf overhead will be smaller, but still significant. So I think it's infeasible here.

asan for good detection requires allocator quarantine and fake stack. So it may benefit, but still expensive. We don't have plans on that, but anyone is welcome to try to port this patch to Asan.

> 3. Will the profile information based selective instrumentation cause some false negatives or false positives?
>    IIUR, lets say the compilation unit where the heap-buffer-overflow happens is not instrumented, then there is no hwasan check inserted, so false negative may happen?

non-instrumented code with hwasan, like with asan, will not cause false positive.
Some false negative are expected by definition, if code involved into the bug is hot and instrumentation is omitted.

> 
> Thanks!
> 
> edited: Just noticed this ubsan patch: #83471



https://github.com/llvm/llvm-project/pull/83503