From 2a0fcd803a08a34b617fc5736768ca7d8508bc7d Mon Sep 17 00:00:00 2001 From: Disconnect3d Date: Sat, 19 Jul 2025 13:14:53 +0200 Subject: [PATCH 1/3] Update ASan information regarding --without-pymalloc flag As discussed with @encukou on the CPython Core sprint on EuroPython 2025. We initially thought that the `--without-pymalloc` flag is needed due to the fact pymalloc must hit the begining of page when determining if the memory to be freed comes from pymalloc or was allocated by the system malloc. In other words, we thought, that ASan would crash CPython during free of big objects (allocated by system malloc). It may be that this was the case in the past, but it is not the case anymore as the `address_in_range` function used by pymalloc is annotated to be skipped from the ASan instrumentation. This code can be seen here: https://github.com/python/cpython/blob/acefb978dcb5dd554e3c49a3015ee5c2ad6bfda1/Objects/obmalloc.c#L2096-L2110 While the annotation macro is defined here: https://github.com/python/cpython/blob/acefb978dcb5dd554e3c49a3015ee5c2ad6bfda1/Include/pyport.h#L582-L598 And the corresponding attribute is documented in: * for gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-no_005fsanitize_005faddress-function-attribute * for clang: https://clang.llvm.org/docs/AttributeReference.html#no-sanitize-address-no-address-safety-analysis --- development-tools/clang.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/development-tools/clang.rst b/development-tools/clang.rst index f06834731..31a478d2e 100644 --- a/development-tools/clang.rst +++ b/development-tools/clang.rst @@ -103,7 +103,11 @@ Then, run ``./configure`` with the relevant flags: * ASan: ``--with-address-sanitizer --without-pymalloc`` * UBsan: ``--with-undefined-behavior-sanitizer`` -It is OK to specify both sanitizers. +Disabling pymalloc for ASan helps uncover more bugs since it is more effective +with the system allocator (pymalloc doesn't add padding in between the allocated +objects and doesn't poison/annotate the memory it manages for ASan). + +It is also OK to specify both sanitizers. After that, run ``make`` and ``make test`` as usual. Note that ``make`` itself may fail with a sanitizer failure, From 5d73ed7fa1ec58ba8d6aa60de60eb7ec8d523f69 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Sat, 19 Jul 2025 13:24:25 +0200 Subject: [PATCH 2/3] Apply suggestions from code review --- development-tools/clang.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/development-tools/clang.rst b/development-tools/clang.rst index 31a478d2e..a35bc1850 100644 --- a/development-tools/clang.rst +++ b/development-tools/clang.rst @@ -103,11 +103,11 @@ Then, run ``./configure`` with the relevant flags: * ASan: ``--with-address-sanitizer --without-pymalloc`` * UBsan: ``--with-undefined-behavior-sanitizer`` -Disabling pymalloc for ASan helps uncover more bugs since it is more effective -with the system allocator (pymalloc doesn't add padding in between the allocated -objects and doesn't poison/annotate the memory it manages for ASan). +The ``--without-pymalloc`` option is not necessary (tests should pass without it), +but disabling pymalloc helps ASan uncover more bugs (ASan does not track +individual allocations done by pymalloc). -It is also OK to specify both sanitizers. +It is OK to specify both sanitizers. After that, run ``make`` and ``make test`` as usual. Note that ``make`` itself may fail with a sanitizer failure, From 9c5b26b91cd6e51c378131c372e4ea2a0111c128 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Sat, 19 Jul 2025 13:28:36 +0200 Subject: [PATCH 3/3] Apply suggestions from code review --- development-tools/clang.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/development-tools/clang.rst b/development-tools/clang.rst index a35bc1850..b353d82f0 100644 --- a/development-tools/clang.rst +++ b/development-tools/clang.rst @@ -107,7 +107,7 @@ The ``--without-pymalloc`` option is not necessary (tests should pass without it but disabling pymalloc helps ASan uncover more bugs (ASan does not track individual allocations done by pymalloc). -It is OK to specify both sanitizers. +It is OK to specify both sanitizers. After that, run ``make`` and ``make test`` as usual. Note that ``make`` itself may fail with a sanitizer failure,