This is an archive of the discontinued LLVM Phabricator instance.

Differential D139030

[asan][aarch64] Don't use 64 bit allocator for Apple ios family
ClosedPublic

Authored by rsundahl on Nov 30 2022, 10:07 AM.

Details

Reviewers
vitalybuka
MaskRay
kubamracek
wrotki
thetruestblue
yln
Commits
rGad6c8092dcb2: [asan][aarch64] Don't use 64 bit allocator for Apple ios family
Summary

The recent change (https://reviews.llvm.org/D137136) to unconditionally
choose the 64 bit allocator on aarch64 breaks Apple iOS family of devices
which purposely use a smaller address space than is used with macOS.

rdar://102527313

Diff Detail

Event Timeline

rsundahl created this revision.Nov 30 2022, 10:07 AM
Herald added a project: Restricted Project. · View Herald TranscriptNov 30 2022, 10:07 AM
Herald added subscribers: Enna1, kristof.beyls, arichardson. · View Herald Transcript
rsundahl requested review of this revision.Nov 30 2022, 10:07 AM
Herald added a project: Restricted Project. · View Herald TranscriptNov 30 2022, 10:07 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
rsundahl added reviewers: vitalybuka, MaskRay, kubamracek, wrotki, thetruestblue, yln.Nov 30 2022, 10:13 AM
rsundahl removed rG LLVM Github Monorepo as the repository for this revision.
Herald added a subscriber: StephenFan. · View Herald TranscriptNov 30 2022, 10:13 AM
thetruestblue accepted this revision.EditedNov 30 2022, 10:24 AM

This looks fine to me.

Although this comment:

//   - SANITIZER_IOS: devices (iOS and iOS-like)
//     - SANITIZER_WATCHOS
//     - SANITIZER_TVOS

Seems to suggest that SANITIZER_IOS includes all IOS-like devices.
Can we not do (SANITIZER_APPLE && SANITIZER_IOS) ?

And if the logic is that simple can we add it to the existing condition?

Edit: or, actually, can we not just add SANITIZER_IOS to existing condition?

This revision is now accepted and ready to land.Nov 30 2022, 10:24 AM
Harbormaster completed remote builds in B200314: Diff 479005.Nov 30 2022, 10:28 AM
rsundahl edited the summary of this revision. (Show Details)Nov 30 2022, 10:28 AM
rsundahl added a comment.Nov 30 2022, 11:05 AM
In D139030#3961123, @thetruestblue wrote:

Can we not do (SANITIZER_APPLE && SANITIZER_IOS) ?

I didn't want to depend on the overloading of SANITIZER_IOS which means both actual iOS and similar to iOS, so I chose to come at the logic the way I did.

yln added inline comments.Nov 30 2022, 11:09 AM
compiler-rt/lib/sanitizer_common/sanitizer_platform.h
289–290
// - SANITIZER_APPLE: all Apple code
//   - TARGET_OS_OSX: macOS
//   - SANITIZER_IOS: devices (iOS and iOS-like)
//     - SANITIZER_WATCHOS
//     - SANITIZER_TVOS
//   - SANITIZER_IOSSIM: simulators (iOS and iOS-like)
//   - SANITIZER_DRIVERKIT
In D139030#3961123, @thetruestblue wrote:

And if the logic is that simple can we add it to the existing condition?

Let's have a separate branch SANITIZER_APPLE to insulate a bit better from future changes.

Edit: or, actually, can we not just add SANITIZER_IOS to existing condition?

I agree, I think we should list the platforms to opt-out to avoid the double negation.

I think there is some additional complications:

  • For DriverKit, we can't tell if we are compiling for iPhone or macOS.
  • Did we consider the simulators?

I am assuming that the using ALLOCATOR64 is better if we can. The default is "yes" for 64-bit platforms (SANITIZER_WORDSIZE == 64), which is the fall through if no other branch says "don't use". So let's specify all those cases; include DriverKit (just to make sure DriverKit on iOS is covered).

yln added a comment.EditedNov 30 2022, 11:10 AM
In D139030#3961252, @rsundahl wrote:
In D139030#3961123, @thetruestblue wrote:

Can we not do (SANITIZER_APPLE && SANITIZER_IOS) ?

I didn't want to depend on the overloading of SANITIZER_IOS which means both actual iOS and similar to iOS, so I chose to come at the logic the way I did.

I think we want to actually cover watchOS & tvOS which has the same (or even stricter) constraints...

thetruestblue added inline comments.Nov 30 2022, 11:18 AM
compiler-rt/lib/sanitizer_common/sanitizer_platform.h
289–290

+1 on this.

yln added inline comments.Nov 30 2022, 11:33 AM
compiler-rt/lib/sanitizer_common/sanitizer_platform.h
289–290
rsundahl updated this revision to Diff 479039.Nov 30 2022, 11:36 AM

Integrate suggestions from review.

rsundahl marked an inline comment as done.Nov 30 2022, 11:37 AM
rsundahl added inline comments.Nov 30 2022, 11:48 AM
compiler-rt/lib/sanitizer_common/sanitizer_platform.h
289–290

This will have the effect of unconditionally using the 32 bit allocator on Driverkit for x86_64 platforms.

Harbormaster completed remote builds in B200335: Diff 479039.Nov 30 2022, 11:58 AM
thetruestblue added inline comments.Nov 30 2022, 12:28 PM
compiler-rt/lib/sanitizer_common/sanitizer_platform.h
289–290

Why do we need to specify DriverKit at all? Wouldn't the allocator be determined elsewhere in this logic? i.e. platform/wordsize?

rsundahl added a comment.Nov 30 2022, 1:04 PM

The change as I originally made it was to use the 32 bit allocator in all of the cases that it had been used in up until things broke. I was conservative and explicit about enabling the 64 bit allocator for macOS because I tested it and it worked. The reviews here tell me that we want to go further but have questions so I'm going to revert to the original behavior of using the 32 bit allocator for SANITIZER_APPLE on aarch64.

rsundahl updated this revision to Diff 479053.Nov 30 2022, 1:05 PM

Revert to original use of 32 bit allocator in all SANITIZER_APPLE on aarch64

Herald added subscribers: pcwang-thead, s.egerton, simoncook. · View Herald TranscriptNov 30 2022, 1:05 PM
yln accepted this revision.Nov 30 2022, 1:12 PM
In D139030#3961494, @rsundahl wrote:

The change as I originally made it was to use the 32 bit allocator in all of the cases that it had been used in up until things broke. I was conservative and explicit about enabling the 64 bit allocator for macOS because I tested it and it worked. The reviews here tell me that we want to go further but have questions so I'm going to revert to the original behavior of using the 32 bit allocator for SANITIZER_APPLE on aarch64.

That's a good strategy, sorry for the distractions!

Yes, let's revert to previous state. We can then make incremental improvements once we are back in a working state.

rsundahl edited the summary of this revision. (Show Details)Nov 30 2022, 1:15 PM
This revision was landed with ongoing or failed builds.Nov 30 2022, 1:17 PM
Closed by commit rGad6c8092dcb2: [asan][aarch64] Don't use 64 bit allocator for Apple ios family (authored by rsundahl). · Explain Why
This revision was automatically updated to reflect the committed changes.
rsundahl added a commit: rGad6c8092dcb2: [asan][aarch64] Don't use 64 bit allocator for Apple ios family.
Harbormaster completed remote builds in B200345: Diff 479053.Nov 30 2022, 1:30 PM

Revision Contents

PathSize
compiler-rt/
lib/
sanitizer_common/
3 lines

Diff 479057

compiler-rt/lib/sanitizer_common/sanitizer_platform.h

Show First 20 LinesShow All 280 Lines▼ Show 20 Lines
// By default we allow to use SizeClassAllocator64 on 64-bit platform. // By default we allow to use SizeClassAllocator64 on 64-bit platform.
// But in some cases (e.g. AArch64's 39-bit address space) SizeClassAllocator64 // But in some cases (e.g. AArch64's 39-bit address space) SizeClassAllocator64
// does not work well and we need to fallback to SizeClassAllocator32. // does not work well and we need to fallback to SizeClassAllocator32.
// For such platforms build this code with -DSANITIZER_CAN_USE_ALLOCATOR64=0 or // For such platforms build this code with -DSANITIZER_CAN_USE_ALLOCATOR64=0 or
// change the definition of SANITIZER_CAN_USE_ALLOCATOR64 here. // change the definition of SANITIZER_CAN_USE_ALLOCATOR64 here.
#ifndef SANITIZER_CAN_USE_ALLOCATOR64 #ifndef SANITIZER_CAN_USE_ALLOCATOR64
# if (SANITIZER_ANDROID && defined(__aarch64__)) || SANITIZER_FUCHSIA # if (SANITIZER_ANDROID && defined(__aarch64__)) || SANITIZER_FUCHSIA
# define SANITIZER_CAN_USE_ALLOCATOR64 1 # define SANITIZER_CAN_USE_ALLOCATOR64 1
# elif defined(__mips64) || defined(__arm__) || defined(__i386__) || \ # elif defined(__mips64) || defined(__arm__) || defined(__i386__) || \
SANITIZER_RISCV64 || defined(__hexagon__) SANITIZER_RISCV64 || defined(__hexagon__) || \
ylnUnsubmitted
Done
ReplyInline Actions
# define SANITIZER_CAN_USE_ALLOCATOR64 1
- # elif (SANITIZER_APPLE && defined(__aarch64__) && \
- !(SANITIZER_OSX || SANITIZER_DRIVERKIT))
+ # elif (SANITIZER_APPLE && (SANITIZER_IOS || SANITIZER_DRIVERKIT))
# define SANITIZER_CAN_USE_ALLOCATOR64 0 
// - SANITIZER_APPLE: all Apple code
//   - TARGET_OS_OSX: macOS
//   - SANITIZER_IOS: devices (iOS and iOS-like)
//     - SANITIZER_WATCHOS
//     - SANITIZER_TVOS
//   - SANITIZER_IOSSIM: simulators (iOS and iOS-like)
//   - SANITIZER_DRIVERKIT
In D139030#3961123, @thetruestblue wrote:

And if the logic is that simple can we add it to the existing condition?

Let's have a separate branch SANITIZER_APPLE to insulate a bit better from future changes.

Edit: or, actually, can we not just add SANITIZER_IOS to existing condition?

I agree, I think we should list the platforms to opt-out to avoid the double negation.

I think there is some additional complications:

  • For DriverKit, we can't tell if we are compiling for iPhone or macOS.
  • Did we consider the simulators?

I am assuming that the using ALLOCATOR64 is better if we can. The default is "yes" for 64-bit platforms (SANITIZER_WORDSIZE == 64), which is the fall through if no other branch says "don't use". So let's specify all those cases; include DriverKit (just to make sure DriverKit on iOS is covered).

yln: ``` // - SANITIZER_APPLE: all Apple code // - TARGET_OS_OSX: macOS // - SANITIZER_IOS…
thetruestblueUnsubmitted
Not Done
ReplyInline Actions

+1 on this.

thetruestblue: +1 on this.
ylnUnsubmitted
Not Done
ReplyInline Actions
# define SANITIZER_CAN_USE_ALLOCATOR64 1
- # elif (SANITIZER_APPLE && defined(__aarch64__) && \
- !(SANITIZER_OSX || SANITIZER_DRIVERKIT))
+ # elif (SANITIZER_APPLE && (SANITIZER_IOS || SANITIZER_DRIVERKIT) && !SANITIZER_IOSSIM)
# define SANITIZER_CAN_USE_ALLOCATOR64 0
yln:
rsundahlAuthorUnsubmitted
Done
ReplyInline Actions

This will have the effect of unconditionally using the 32 bit allocator on Driverkit for x86_64 platforms.

rsundahl: This will have the effect of unconditionally using the 32 bit allocator on Driverkit for x86_64…
thetruestblueUnsubmitted
Not Done
ReplyInline Actions

Why do we need to specify DriverKit at all? Wouldn't the allocator be determined elsewhere in this logic? i.e. platform/wordsize?

thetruestblue: Why do we need to specify DriverKit at all? Wouldn't the allocator be determined elsewhere in…
(SANITIZER_APPLE && defined(__aarch64__))
# define SANITIZER_CAN_USE_ALLOCATOR64 0 # define SANITIZER_CAN_USE_ALLOCATOR64 0
# else # else
# define SANITIZER_CAN_USE_ALLOCATOR64 (SANITIZER_WORDSIZE == 64) # define SANITIZER_CAN_USE_ALLOCATOR64 (SANITIZER_WORDSIZE == 64)
# endif # endif
#endif #endif
// The range of addresses which can be returned my mmap. // The range of addresses which can be returned my mmap.
// FIXME: this value should be different on different platforms. Larger values // FIXME: this value should be different on different platforms. Larger values
▲ Show 20 LinesShow All 151 LinesShow Last 20 Lines