This is an archive of the discontinued LLVM Phabricator instance.

Differential D149020

[sanitizer][asan][win] Enable commit on demand for i686
DraftPublic

Authored by alvinhochun on Apr 23 2023, 8:33 AM.
This is a draft revision that has not yet been submitted for review.

Details

Reviewers
None
Summary

D21942 / 1128db8fe1c13800ebc77206efc50d0a219b8750 added support for
committing shadow memory on demand on Win 64-bit. The reason it is not
enabled on 32-bit wasn't clear but the page table overhead on Windows 7
may be a contributing factor.

In AsanMapUnmapCallback::OnUnmap, FlushUnneededASanShadowMemory is
called to release shadow memory. It calls ReleaseMemoryPagesToOS,
which had been a no-op on Windows, until D95892 /
81b1d3da094c54ffd75e05c8d4683792edf17f4c in which it was changed to
unmap full pages that the memory region covers. This was done on both
32-bit and 64-bit.

AddressSanitizerInterface.GetHeapSizeTest appears to fail on i686
targets as a side effect of this. This test allocates and frees a huge
chunk of memory which causes shadow memory to be unmapped immediately.
When the test allocates the chunk of memory a second time, asan tries to
reuse the same shadow memory region, but because the shadow memory has
now been unmapped, it causes an access violation and crashes the test.

x86_64 is not affected, because the code that handles commiting shadow
memory on demand also handles this situation, allowing the test to work
without crashing.

This change fixes the above issue by also enabling the commit-on-demand
feature on i686 target.

Diff Detail

Revision Contents

PathSize
compiler-rt/
lib/
asan/
7 lines
sanitizer_common/
2 lines

Diff 516169

compiler-rt/lib/asan/asan_win.cpp

Show First 20 LinesShow All 261 Lines▼ Show 20 Lines
void AsanCheckDynamicRTPrereqs() {} void AsanCheckDynamicRTPrereqs() {}
void AsanCheckIncompatibleRT() {} void AsanCheckIncompatibleRT() {}
void AsanOnDeadlySignal(int, void *siginfo, void *context) { UNIMPLEMENTED(); } void AsanOnDeadlySignal(int, void *siginfo, void *context) { UNIMPLEMENTED(); }
bool PlatformUnpoisonStacks() { return false; } bool PlatformUnpoisonStacks() { return false; }
#if SANITIZER_WINDOWS64
// Exception handler for dealing with shadow memory. // Exception handler for dealing with shadow memory.
static LONG CALLBACK static LONG CALLBACK
ShadowExceptionHandler(PEXCEPTION_POINTERS exception_pointers) { ShadowExceptionHandler(PEXCEPTION_POINTERS exception_pointers) {
uptr page_size = GetPageSizeCached(); uptr page_size = GetPageSizeCached();
// Only handle access violations. // Only handle access violations.
if (exception_pointers->ExceptionRecord->ExceptionCode != if (exception_pointers->ExceptionRecord->ExceptionCode !=
EXCEPTION_ACCESS_VIOLATION || EXCEPTION_ACCESS_VIOLATION ||
exception_pointers->ExceptionRecord->NumberParameters < 2) { exception_pointers->ExceptionRecord->NumberParameters < 2) {
Show All 22 Lines uptr result =
(uptr)::VirtualAlloc((LPVOID)page, page_size, MEM_COMMIT, PAGE_READWRITE); (uptr)::VirtualAlloc((LPVOID)page, page_size, MEM_COMMIT, PAGE_READWRITE);
if (result != page) if (result != page)
return EXCEPTION_CONTINUE_SEARCH; return EXCEPTION_CONTINUE_SEARCH;
// The page mapping succeeded, so continue execution as usual. // The page mapping succeeded, so continue execution as usual.
return EXCEPTION_CONTINUE_EXECUTION; return EXCEPTION_CONTINUE_EXECUTION;
} }
#endif
void InitializePlatformExceptionHandlers() { void InitializePlatformExceptionHandlers() {
#if SANITIZER_WINDOWS64 // On Windows, we map memory on demand with access violation handler.
// On Win64, we map memory on demand with access violation handler.
// Install our exception handler. // Install our exception handler.
CHECK(AddVectoredExceptionHandler(TRUE, &ShadowExceptionHandler)); CHECK(AddVectoredExceptionHandler(TRUE, &ShadowExceptionHandler));
#endif
} }
bool IsSystemHeapAddress(uptr addr) { bool IsSystemHeapAddress(uptr addr) {
return ::HeapValidate(GetProcessHeap(), 0, (void *)addr) != FALSE; return ::HeapValidate(GetProcessHeap(), 0, (void *)addr) != FALSE;
} }
// We want to install our own exception handler (EH) to print helpful reports // We want to install our own exception handler (EH) to print helpful reports
// on access violations and whatnot. Unfortunately, the CRT initializers assume // on access violations and whatnot. Unfortunately, the CRT initializers assume
▲ Show 20 LinesShow All 76 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_win.cpp

Show First 20 LinesShow All 243 Lines▼ Show 20 Linesbool ZeroMmapFixedRegion(uptr fixed_addr, uptr size) {
internal_memset((void*) fixed_addr, 0, size); internal_memset((void*) fixed_addr, 0, size);
return true; return true;
} }
bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) { bool MmapFixedNoReserve(uptr fixed_addr, uptr size, const char *name) {
// FIXME: is this really "NoReserve"? On Win32 this does not matter much, // FIXME: is this really "NoReserve"? On Win32 this does not matter much,
// but on Win64 it does. // but on Win64 it does.
(void)name; // unsupported (void)name; // unsupported
#if !SANITIZER_GO && SANITIZER_WINDOWS64 #if !SANITIZER_GO
// On asan/Windows64, use MEM_COMMIT would result in error // On asan/Windows64, use MEM_COMMIT would result in error
// 1455:ERROR_COMMITMENT_LIMIT. // 1455:ERROR_COMMITMENT_LIMIT.
// Asan uses exception handler to commit page on demand. // Asan uses exception handler to commit page on demand.
void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE, PAGE_READWRITE); void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE, PAGE_READWRITE);
#else #else
void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE | MEM_COMMIT, void *p = VirtualAlloc((LPVOID)fixed_addr, size, MEM_RESERVE | MEM_COMMIT,
PAGE_READWRITE); PAGE_READWRITE);
#endif #endif
▲ Show 20 LinesShow All 942 LinesShow Last 20 Lines