[llvm-dev] Minimal UBSAN runtime with ASAN?

Igor Sugak via llvm-dev llvm-dev at lists.llvm.org
Thu Oct 18 17:50:29 PDT 2018 

Hello,


In my organization, we've been using ASAN and most of UBSAN checks in the default developers mode with a big success. I'd like to enable a few remaining UBSAN checks too but noticed that they cause significant (up to 2x in some cases) binary size overhead (mostly .rodata and .data). These checks are: null, function, vptr, object-size.


Inspecting .rodata, it looks like there are a lot of strings with file and type names. I tried to use `-fsanitize-undefined-strip-path-components=-1` from [1]. It appeared to have no effect when `-fsanitize=function` and `-fsanitize=address` are used at the same time (filed bug [2]). Disabling `-fsanitize=function` and using  `-fsanitize-undefined-strip-path-components=-1` reduces the size overhead to 1.4x. This is quite already significant.


I've considered -fsanitize=trap, it causes very little size overhead but it in some cases is hard to work with.


I noticed that [3] added minimal runtime for UBSAN. It works similar to `-fsanitize-trap`, but prints a bit more informative message, which would suffice. Out of the box, I didn't notice a measurable binary size reduction as mentioned on that change, but if used with `-fdata-sections -ffunction-sections -Wl,--gc-sections -Wl,--print-gc-sections`, the size bloat of .rodata and .data is almost eliminated. Note, in this case, those flags don't help without `-fsanitize-minimal-runtime`.


Unfortunately, there is a restriction in the driver preventing this minimal UBSAN runtime to be used when ASAN is also enabled. I don't completely understand the reasons for having this restriction. When I removed that restriction, both ASAN and UBSAN still seem functioning in my tests.


I'd like to allow using minimal UBSAN runtime with ASAN. Are there reasons against it? I'd volunteer to do the work here.


Also, vptr UBSAN check is disallowed when minimal UBSAN runtime is used. Would someone clarify why?


-- Igor




  1.  https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#additional-configuration
  2.  https://bugs.llvm.org/show_bug.cgi?id=39347
  3.  https://reviews.llvm.org/D36810
D36810 Minimal runtime for UBSan. - LLVM<https://reviews.llvm.org/D36810>
reviews.llvm.org
Not worried about that. If it allocates or prints too much, we can add in a custom allocator or printing strategy. If it requires too much metadata to be inserted into user programs, we can devise a new, smaller encoding for the metadata.






https://reviews.llvm.org/D36810

D36810 Minimal runtime for UBSan. - LLVM<https://reviews.llvm.org/D36810>
reviews.llvm.org
Not worried about that. If it allocates or prints too much, we can add in a custom allocator or printing strategy. If it requires too much metadata to be inserted into user programs, we can devise a new, smaller encoding for the metadata.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20181019/9d27a040/attachment.html>

More information about the llvm-dev mailing list