[asan] Re-exec without ASLR if needed on 64-bit Linux #132682
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This generalizes llvm#131975 to non-32-bit Linux (i.e., 64-bit Linux). This works around an edge case in 64-bit Linux, where the memory layout is incompatible if the stack size is unlimited AND ASLR entropy is 32 bits (see google/sanitizers#856 (comment)). More generally, this "re-exec if layout is incompatible" is a hammer that can work around most shadow mapping issues, without the overhead of using a dynamic shadow.
llvmbot
added
compiler-rt
compiler-rt:asan
|
@llvm/pr-subscribers-compiler-rt-sanitizer Author: Thurston Dang (thurstond) ChangesThis generalizes #131975 to non-32-bit Linux (i.e., 64-bit Linux). This works around an edge case in 64-bit Linux, where the memory layout is incompatible if the stack size is unlimited AND ASLR entropy is 32 bits (see More generally, this "re-exec if layout is incompatible" is a hammer that can work around most shadow mapping issues, without the overhead of using a dynamic shadow. Full diff: https://github.com/llvm/llvm-project/pull/132682.diff 1 Files Affected:
diff --git a/compiler-rt/lib/asan/asan_shadow_setup.cpp b/compiler-rt/lib/asan/asan_shadow_setup.cpp
index e66b8af1d2c30..ba61dc2c7fa6e 100644
--- a/compiler-rt/lib/asan/asan_shadow_setup.cpp
+++ b/compiler-rt/lib/asan/asan_shadow_setup.cpp
@@ -109,12 +109,14 @@ void InitializeShadowMemory() {
ProtectGap(kShadowGap2Beg, kShadowGap2End - kShadowGap2Beg + 1);
ProtectGap(kShadowGap3Beg, kShadowGap3End - kShadowGap3Beg + 1);
} else {
- // The shadow mappings can shadow the entire user address space. However,
- // on 32-bit systems, the maximum ASLR entropy (currently up to 16-bits
- // == 256MB) is a significant chunk of the address space; reclaiming it by
- // disabling ASLR might allow chonky binaries to run.
- if (sizeof(uptr) == 32)
- TryReExecWithoutASLR();
+ // ASan's mappings can usually shadow the entire address space, even with
+ // maximum ASLR entropy. However:
+ // - On 32-bit systems, the maximum ASLR entropy (currently up to 16-bits
+ // == 256MB) is a significant chunk of the address space; reclaiming it
+ // by disabling ASLR might allow chonky binaries to run.
+ // - On 64-bit systems, some settings (e.g., for Linux, unlimited stack
+ // size plus maximum ASLR entropy) can lead to an incompatible layout.
+ TryReExecWithoutASLR();
Report(
"Shadow memory range interleaves with an existing memory mapping. "
|
thurstond
changed the title
fmayer
approved these changes
Mar 24, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This generalizes #131975 to non-32-bit Linux (i.e., 64-bit Linux).
This works around an edge case in 64-bit Linux, whereby the memory layout is incompatible if the stack size is unlimited AND ASLR entropy is 31+ bits (see
google/sanitizers#856 (comment)).
More generally, this "re-exec without ASLR if layout is incompatible" is a hammer that can work around most shadow mapping issues, without incurring the overhead of using a dynamic shadow.