This is an archive of the discontinued LLVM Phabricator instance.

Differential D115834

[TSan][Darwin] Fix CheckAndProtect() for MappingAppleAarch64
ClosedPublic

Authored by yln on Dec 15 2021, 5:39 PM.

Details

Reviewers
delcypher
kubamracek
aralisza
dvyukov
Commits
rG8f1ea2e85ca6: [TSan][Darwin] Fix CheckAndProtect() for MappingAppleAarch64
Summary

In the new TSan runtime refactoring this line was changed:

ProtectRange(MetaShadowEnd(), TraceMemBeg());
-->
ProtectRange(MetaShadowEnd(), HeapMemBeg());

But for MappingAppleAarch64 the app heap comes before the shadow,
resulting in:

CHECK failed: tsan_platform_posix.cpp:83 "((beg)) <= ((end))" (0xe00000000, 0x200000000)

rdar://86521924

Diff Detail

Event Timeline

yln created this revision.Dec 15 2021, 5:39 PM
Herald added a subscriber: kristof.beyls. · View Herald TranscriptDec 15 2021, 5:39 PM
yln requested review of this revision.Dec 15 2021, 5:39 PM
Herald added a project: Restricted Project. · View Herald TranscriptDec 15 2021, 5:39 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
yln added inline comments.Dec 15 2021, 5:43 PM
compiler-rt/lib/tsan/rtl/tsan_platform_posix.cpp
113

Note: I think this needs updating for iOS simulator on Apple Silicon. I will do that as a separate follow-up.

116

Important parts of the mapping:

/*
C/C++ on Darwin/iOS/ARM64 (36-bit VMA, 64 GB VM)
0000 0000 00 - 0100 0000 00: -                                    (4 GB)
0100 0000 00 - 0200 0000 00: main binary, modules, thread stacks  (4 GB)
0200 0000 00 - 0300 0000 00: heap                                 (4 GB)
0300 0000 00 - 0400 0000 00: -                                    (4 GB)
0400 0000 00 - 0c00 0000 00: shadow memory                       (32 GB)
0c00 0000 00 - 0d00 0000 00: -                                    (4 GB)
0d00 0000 00 - 0e00 0000 00: metainfo                             (4 GB)
0e00 0000 00 - 1000 0000 00: -
*/
struct MappingAppleAarch64 {
  static const uptr kLoAppMemBeg   = 0x0100000000ull;
  static const uptr kLoAppMemEnd   = 0x0200000000ull;
  static const uptr kHeapMemBeg    = 0x0200000000ull;
  static const uptr kHeapMemEnd    = 0x0300000000ull;
  static const uptr kShadowBeg     = 0x0400000000ull;
  static const uptr kShadowEnd     = 0x0c00000000ull;
  static const uptr kMetaShadowBeg = 0x0d00000000ull;
  static const uptr kMetaShadowEnd = 0x0e00000000ull;
  static const uptr kHiAppMemBeg   = 0x0fc0000000ull;
  static const uptr kHiAppMemEnd   = 0x0fc0000000ull;
  static const uptr kMidAppMemBeg = 0;
  static const uptr kMidAppMemEnd = 0;
};

Relevant:
https://reviews.llvm.org/D35147
https://reviews.llvm.org/D112603

kubamracek accepted this revision.Dec 15 2021, 5:48 PM
This revision is now accepted and ready to land.Dec 15 2021, 5:48 PM
Harbormaster completed remote builds in B139541: Diff 394694.Dec 15 2021, 5:55 PM
This revision was landed with ongoing or failed builds.Dec 15 2021, 6:04 PM
Closed by commit rG8f1ea2e85ca6: [TSan][Darwin] Fix CheckAndProtect() for MappingAppleAarch64 (authored by yln). · Explain Why
This revision was automatically updated to reflect the committed changes.
yln added a commit: rG8f1ea2e85ca6: [TSan][Darwin] Fix CheckAndProtect() for MappingAppleAarch64.

Revision Contents

PathSize
compiler-rt/
lib/
tsan/
rtl/
2 lines

Diff 394700

compiler-rt/lib/tsan/rtl/tsan_platform_posix.cpp

Show First 20 LinesShow All 104 Lines▼ Show 20 Lines if (segment.protection == 0) // Zero page or mprotected.
continue; continue;
if (segment.start >= VdsoBeg()) // vdso if (segment.start >= VdsoBeg()) // vdso
break; break;
Printf("FATAL: ThreadSanitizer: unexpected memory mapping 0x%zx-0x%zx\n", Printf("FATAL: ThreadSanitizer: unexpected memory mapping 0x%zx-0x%zx\n",
segment.start, segment.end); segment.start, segment.end);
Die(); Die();
} }
# if defined(__aarch64__) && defined(__APPLE__) && SANITIZER_IOS # if defined(__aarch64__) && defined(__APPLE__) && SANITIZER_IOS
ylnAuthorUnsubmitted
Done
ReplyInline Actions

Note: I think this needs updating for iOS simulator on Apple Silicon. I will do that as a separate follow-up.

yln: Note: I think this needs updating for iOS simulator on Apple Silicon. I will do that as a…
ProtectRange(HeapMemEnd(), ShadowBeg()); ProtectRange(HeapMemEnd(), ShadowBeg());
ProtectRange(ShadowEnd(), MetaShadowBeg()); ProtectRange(ShadowEnd(), MetaShadowBeg());
ProtectRange(MetaShadowEnd(), HeapMemBeg()); ProtectRange(MetaShadowEnd(), HiAppMemBeg());
ylnAuthorUnsubmitted
Done
ReplyInline Actions

Important parts of the mapping:

/*
C/C++ on Darwin/iOS/ARM64 (36-bit VMA, 64 GB VM)
0000 0000 00 - 0100 0000 00: -                                    (4 GB)
0100 0000 00 - 0200 0000 00: main binary, modules, thread stacks  (4 GB)
0200 0000 00 - 0300 0000 00: heap                                 (4 GB)
0300 0000 00 - 0400 0000 00: -                                    (4 GB)
0400 0000 00 - 0c00 0000 00: shadow memory                       (32 GB)
0c00 0000 00 - 0d00 0000 00: -                                    (4 GB)
0d00 0000 00 - 0e00 0000 00: metainfo                             (4 GB)
0e00 0000 00 - 1000 0000 00: -
*/
struct MappingAppleAarch64 {
  static const uptr kLoAppMemBeg   = 0x0100000000ull;
  static const uptr kLoAppMemEnd   = 0x0200000000ull;
  static const uptr kHeapMemBeg    = 0x0200000000ull;
  static const uptr kHeapMemEnd    = 0x0300000000ull;
  static const uptr kShadowBeg     = 0x0400000000ull;
  static const uptr kShadowEnd     = 0x0c00000000ull;
  static const uptr kMetaShadowBeg = 0x0d00000000ull;
  static const uptr kMetaShadowEnd = 0x0e00000000ull;
  static const uptr kHiAppMemBeg   = 0x0fc0000000ull;
  static const uptr kHiAppMemEnd   = 0x0fc0000000ull;
  static const uptr kMidAppMemBeg = 0;
  static const uptr kMidAppMemEnd = 0;
};

Relevant:
https://reviews.llvm.org/D35147
https://reviews.llvm.org/D112603

yln: Important parts of the mapping: ``` /* C/C++ on Darwin/iOS/ARM64 (36-bit VMA, 64 GB VM) 0000…
# else # else
ProtectRange(LoAppMemEnd(), ShadowBeg()); ProtectRange(LoAppMemEnd(), ShadowBeg());
ProtectRange(ShadowEnd(), MetaShadowBeg()); ProtectRange(ShadowEnd(), MetaShadowBeg());
if (MidAppMemBeg()) { if (MidAppMemBeg()) {
ProtectRange(MetaShadowEnd(), MidAppMemBeg()); ProtectRange(MetaShadowEnd(), MidAppMemBeg());
ProtectRange(MidAppMemEnd(), HeapMemBeg()); ProtectRange(MidAppMemEnd(), HeapMemBeg());
} else { } else {
ProtectRange(MetaShadowEnd(), HeapMemBeg()); ProtectRange(MetaShadowEnd(), HeapMemBeg());
Show All 19 Lines