Content-Length: 293170 | pFad | http://github.com/python/cpython/pull/136798

D1 [3.14] Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan information (GH-136790) by miss-islington · Pull Request #136798 · python/cpython · GitHub
Skip to content

[3.14] Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan information (GH-136790) #136798

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 3.14
Choose a base branch
from
Open

[3.14] Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan information (GH-136790) #136798

wants to merge 1 commit into from
+7 −0

Conversation

miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Jul 19, 2025
edited by github-actions bot
Loading

  • Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan information

This commit extends the documentation for disabling pymalloc with the --without-pymalloc flag regarding why it is worth to use it when enabling AddressSanitizer for Python build (which is done, e.g., in CPython's CI builds).

I have tested the CPython latest main build with both ASan and pymalloc enabled and it seems to work just fine. I did run the python -m test suite which didn't uncover any ASan crashes (though, it detected some memory leaks, which I believe are irrelevant here).

I have discussed ASan and this flag with @encukou on the CPython Core sprint on EuroPython 2025. We initially thought that the --without-pymalloc flag is needed for ASan builds due to the fact pymalloc must hit the begining of page when determining if the memory to be freed comes from pymalloc or was allocated by the system malloc. In other words, we thought, that ASan would crash CPython during free of big objects (allocated by system malloc). It may be that this was the case in the past, but it is not the case anymore as the address_in_range function used by pymalloc is annotated to be skipped from the ASan instrumentation.

This code can be seen here:

cpython/Objects/obmalloc.c

Lines 2096 to 2110 in acefb97

static bool _Py_NO_SANITIZE_ADDRESS
_Py_NO_SANITIZE_THREAD
_Py_NO_SANITIZE_MEMORY
address_in_range(OMState *state, void *p, poolp pool)
{
// Since address_in_range may be reading from memory which was not allocated
// by Python, it is important that pool->arenaindex is read only once, as
// another thread may be concurrently modifying the value without holding
// the GIL. The following dance forces the compiler to read pool->arenaindex
// only once.
uint arenaindex = *((volatile uint *)&pool->arenaindex);
return arenaindex < maxarenas &&
(uintptr_t)p - allarenas[arenaindex].address < ARENA_SIZE &&
allarenas[arenaindex].address != 0;
}

While the annotation macro is defined here:

cpython/Include/pyport.h

Lines 582 to 598 in acefb97

# if __has_feature(address_sanitizer)
# if !defined(_Py_ADDRESS_SANITIZER)
# define _Py_ADDRESS_SANITIZER
# define _Py_NO_SANITIZE_ADDRESS __attribute__((no_sanitize_address))
# endif
# endif
# if __has_feature(thread_sanitizer)
# if !defined(_Py_THREAD_SANITIZER)
# define _Py_THREAD_SANITIZER
# define _Py_NO_SANITIZE_THREAD __attribute__((no_sanitize_thread))
# endif
# endif
#elif defined(__GNUC__)
# if defined(__SANITIZE_ADDRESS__)
# define _Py_ADDRESS_SANITIZER
# define _Py_NO_SANITIZE_ADDRESS __attribute__((no_sanitize_address))
# endif

And the corresponding attribute is documented in:

(cherry picked from commit d19bb44)

Co-authored-by: Disconnect3d dominik.b.czarnota@gmail.com
Co-authored-by: Petr Viktorin encukou@gmail.com

📚 Documentation preview 📚: https://cpython-previews--136798.org.readthedocs.build/

@disconnect3d @encukou @miss-islington
Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan informa…
68e3747 
…tion (pythonGH-136790)

* Doc/c-api/memory.rst: extend --without-pymalloc doc with ASan information

This commit extends the documentation for disabling pymalloc with the `--without-pymalloc` flag regarding why it is worth to use it when enabling AddressSanitizer for Python build (which is done, e.g., in CPython's CI builds).

I have tested the CPython latest main build with both ASan and pymalloc enabled and it seems to work just fine. I did run the `python -m test` suite which didn't uncover any ASan crashes (though, it detected some memory leaks, which I believe are irrelevant here).

I have discussed ASan and this flag with @encukou on the CPython Core sprint on EuroPython 2025. We initially thought that the `--without-pymalloc` flag is needed for ASan builds due to the fact pymalloc must hit the begining of page when determining if the memory to be freed comes from pymalloc or was allocated by the system malloc. In other words, we thought, that ASan would crash CPython during free of big objects (allocated by system malloc). It may be that this was the case in the past, but it is not the case anymore as the `address_in_range` function used by pymalloc is annotated to be skipped from the ASan instrumentation.

This code can be seen here:
https://github.com/python/cpython/blob/acefb978dcb5dd554e3c49a3015ee5c2ad6bfda1/Objects/obmalloc.c#L2096-L2110

While the annotation macro is defined here:
https://github.com/python/cpython/blob/acefb978dcb5dd554e3c49a3015ee5c2ad6bfda1/Include/pyport.h#L582-L598

And the corresponding attribute is documented in:
* for gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-no_005fsanitize_005faddress-function-attribute
* for clang: https://clang.llvm.org/docs/AttributeReference.html#no-sanitize-address-no-address-safety-analysis

* Update Doc/c-api/memory.rst

* Improve --with-address-sanitizer and pymalloc docs

---------
(cherry picked from commit d19bb44)

Co-authored-by: Disconnect3d <dominik.b.czarnota@gmail.com>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
@bedevere-app bedevere-app bot added awaiting review docs Documentation in the Doc dir skip news labels Jul 19, 2025
@github-project-automation github-project-automation bot moved this to Todo in Docs PRs Jul 19, 2025
@bedevere-app bedevere-app bot mentioned this pull request Jul 19, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@erlend-aasland erlend-aasland Awaiting requested review from erlend-aasland erlend-aasland is a code owner

@corona10 corona10 Awaiting requested review from corona10 corona10 is a code owner

Assignees
No one assigned
Labels
awaiting review docs Documentation in the Doc dir skip issue skip news
Projects
Docs PRs
Status: Todo
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@miss-islington @disconnect3d








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/python/cpython/pull/136798

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy