Skip to content

[DeviceASAN] Enhance out-of-bound by checking shadow bounds on global memory #20079

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: sycl
Choose a base branch
from
Open

[DeviceASAN] Enhance out-of-bound by checking shadow bounds on global memory #20079

wants to merge 8 commits into from

Conversation

AllanZyne
Copy link
Contributor

@AllanZyne AllanZyne commented Sep 15, 2025
edited
Loading

Record the boundary of mapped shadow memory (VA), so that we can check if the accessed unknown address address is an out-of-bound access.

Usage:

clang++ -fsycl -Xarch_device -fsanitize=address -Xarch_device -mllvm=-asan-spir-shadow-bounds=1 demo.cpp

Misc.

  • Runtime option detect_locals and detect_privates has been deprecated. Just using compiler flag to disable these checkings is enough

@AllanZyne AllanZyne marked this pull request as ready for review September 15, 2025 05:53
@AllanZyne AllanZyne requested review from a team as code owners September 15, 2025 05:53
@AllanZyne AllanZyne requested a review from Copilot September 15, 2025 05:54
Copilot
Copilot AI reviewed Sep 15, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Enhances the Device AddressSanitizer (DeviceASAN) to detect arbitrary out-of-bounds memory access on global memory by adding shadow memory boundary checks.

  • Adds GLOBAL and GENERIC memory types to MemoryType enum for better memory classification
  • Implements shadow memory lower/upper bounds tracking to catch out-of-bounds accesses
  • Reorders shadow memory update to occur before kernel launch preparation

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
sanitizer_libdevice.hpp Refactors MemoryType enum to use bitfield values and adds GLOBAL/GENERIC memory types
asan_shadow.hpp Adds ShadowLowerBound and ShadowUpperBound tracking fields
asan_shadow.cpp Updates shadow bounds when mapping virtual memory pages
asan_libdevice.hpp Adds GlobalShadowLowerBound and GlobalShadowUpperBound to AsanRuntimeData
asan_interceptor.cpp Reorders shadow memory update and adds bounds to launch data logging
arbitary_access.cpp Adds test case for arbitrary out-of-bounds access detection
asan_rtl.cpp Implements shadow boundary checks in MemToShadow functions

@AllanZyne AllanZyne changed the title [DeviceASAN] Check arbitary out-of-bound access on global memory [DeviceASAN] Check arbitrary out-of-bound access on global memory Sep 15, 2025
@AllanZyne AllanZyne marked this pull request as draft September 16, 2025 02:02
@AllanZyne AllanZyne changed the title [DeviceASAN] Check arbitrary out-of-bound access on global memory [DeviceASAN] Enhance out-of-bound by checking shadow bounds on global memory Sep 16, 2025
@AllanZyne
Copy link
Contributor Author

lit test is also passed.

llvm-lit --param sycl_devices=level_zero:gpu--param cxx_flags="-Xarch_device -mllvm=-asan-spir-shadow-bounds=1" -sv .
Total Discovered Tests: 58
  Unsupported      :  5 (8.62%)
  Passed           : 52 (89.66%)
  Expectedly Failed:  1 (1.72%)

llvm-lit --param sycl_devices=opencl:cpu --param cxx_flags="-Xarch_device -mllvm=-asan-spir-shadow-bounds=1" -sv . 
Total Discovered Tests: 58
  Unsupported      :  5 (8.62%)
  Passed           : 52 (89.66%)
  Expectedly Failed:  1 (1.72%)

@AllanZyne AllanZyne marked this pull request as ready for review September 17, 2025 02:58
@AllanZyne
Copy link
Contributor Author

@intel/dpcpp-sanitizers-review @intel/unified-runtime-reviewers please review, thanks!

@AllanZyne AllanZyne requested a review from Copilot September 17, 2025 03:02
Copilot
Copilot AI reviewed Sep 17, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 5 comments.

Comments suppressed due to low confidence (1)

unified-runtime/source/loader/layers/sanitizer/asan/asan_interceptor.cpp:188

  • Semicolon should be removed after the closing brace. This appears to be a stray semicolon that makes the code syntactically incorrect.
    }

@AllanZyne AllanZyne deployed to WindowsCILock September 17, 2025 04:06 — with GitHub Actions Active
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@AllanZyne