Re: [PATCH] framewarn: expand KASAN_EXTRA exception to KASAN

From: Dmitry Vyukov <dvyukov@google.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Andy Lutomirski <luto@kernel.org>,
	"Jason A. Donenfeld" <Jason@zx2c4.com>,
	Alexander Potapenko <glider@google.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Nick Desaulniers <ndesaulniers@google.com>
Subject: Re: [PATCH] framewarn: expand KASAN_EXTRA exception to KASAN
Date: Mon, 24 Sep 2018 10:04:58 +0200	[thread overview]
Message-ID: <CACT4Y+Zfk-JBPQboNDvReW5A+ii1NwpuZZUXzb5uo__S9ynbbw@mail.gmail.com> (raw)
In-Reply-To: <CAK8P3a19i72D3NRDEK+B5wRY-J8uQqQ5twRpTWn0641S6m-GTA@mail.gmail.com>

On Sat, Sep 22, 2018 at 4:56 PM, Arnd Bergmann <arnd@arndb.de> wrote:
> On Fri, Sep 21, 2018 at 2:45 AM Dmitry Vyukov <dvyukov@google.com> wrote:
>>
>> On Fri, Sep 21, 2018 at 11:25 AM, Andrey Ryabinin
>> <aryabinin@virtuozzo.com> wrote:
>> > On 09/21/2018 04:50 AM, Andy Lutomirski wrote:
>> >> This patch seems reasonable, but you emailed the wrong people :)
>> >>
>> >> On Thu, Sep 20, 2018 at 5:15 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>> >>>
>> >>> It turns out that KASAN in general will bloat stack frames in unexpected
>> >>> ways, not just KASAN_EXTRA. So, this patch trivially changes that
>> >>> default to be associated with KASAN instead of KASAN_EXTRA.
>> >>>
>> >
>> > KASAN_EXTRA bloats stack more than just KASAN, that's why the limit is higher than just for KASAN.
>> > If want more details, tead the changelog from commit e7c52b84fb18f08ce49b6067ae6285aca79084a8
>> >
>> > If anything causes "stack frame > 2048" warning for KASAN we should at least try to fix it,
>> > I mean reduce stack usage.
>>
>>
>> +Nick who is also hitting these warnings on clang/arm64 build. As far
>> as I understand the situation there is much worse.
>>
>> I would be good to understand/fix the worst offenders. But the stack
>> size increase with KASAN is a real, inherent thing. So if we live very
>> close the edge, we can get people using different compilers and/or
>> versions of compilers constantly breaking each other. And clang hits
>> this warnings in lots of places today just because the current code
>> was tailored to gcc over long period, i.e. allowing more locals where
>> gcc happened to handle that better and having fewer locals where gcc
>> happened to handle it worse. But for another compiler all these
>> assumptions are significantly perturbed.
>>
>> Nick, do you know what frame size limit eliminates the bulk of
>> warnings on clang? Is 3072 a reasonable limit allowing to fix the
>> remaining outliners?
>
> I do not consider 3072 a reasonable limit at all. For gcc, we managed to fix or
> work around all the bugs that caused excessive stack usage. In almost all
> cases there was something seriously wrong with code generation. I added
> the KASAN_EXTRA option for the one thing that added an inherent significant
> overhead to the stack usage.
>
> llvm apparently has a similar bug to what we fixed in gcc. I created a
> reduced test case for one of the file at:
> https://bugs.llvm.org/show_bug.cgi?id=38809
>
> Unfortunately, nobody has commented on that so far, but in the
> meantime I think the best workaround would be to disable asan-stack
> entirely when building with clang, and moving it to KASAN_EXTRA
> there, like we did with the scope check on gcc.

Good point. I CCed more people on https://bugs.llvm.org/show_bug.cgi?id=38809