This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
compiler-rt/lib/sanitizer_common/
-
lib/
-
sanitizer_common/
-
sanitizer_mac.cpp

Differential D85389

Fix bug where we request a shadow memory one page larger than necessary.
AcceptedPublic

Authored by delcypher on Aug 5 2020, 6:43 PM.

Download Raw Diff

Details

Reviewers

kubamracek
tejohnson
vitalybuka
yln

Summary

The passed in space_size had left_padding added to it.
This is wrong because in the implementation FindAvailableMemoryRange
the computed size of the found region has the left_padding subtracted
(possibly more due to alignment) already.

Here's the relevant snippet from FindAvailableMemoryRange.

// We found a free region [free_begin..address-1].
uptr gap_start = RoundUpTo((uptr)free_begin + left_padding, alignment);
uptr gap_end = RoundDownTo((uptr)address, alignment);
uptr gap_size = gap_end > gap_start ? gap_end - gap_start : 0;
if (size < gap_size) {
  return gap_start;
}

In the size comparison (size < gap_size) gap_size doesn't
include padding so size shouldn't either.

rdar://problem/66603866

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

delcypher created this revision.Aug 5 2020, 6:43 PM

Herald added a project: Restricted Project. · View Herald TranscriptAug 5 2020, 6:43 PM

Herald added a subscriber: Restricted Project. · View Herald Transcript

delcypher requested review of this revision.Aug 5 2020, 6:43 PM

Harbormaster completed remote builds in B67239: Diff 283467.Aug 5 2020, 6:43 PM

delcypher added a parent revision: D85387: [NFC] Make argument name passed to `FindAvailableMemoryRange()` consistent with parameter name..Aug 5 2020, 6:51 PM

delcypher edited the summary of this revision. (Show Details)

Ahh, this is directly related to D85387 and already addresses one of my questions there!
Happy with this change, let's get @tejohnson's feedback.

Thanks for investigating this!

tejohnson added a reviewer: vitalybuka.Aug 6 2020, 11:10 AM

It looks reasonable, but adding @vitalybuka since this predates my recent refactoring, and he is probably a better person to review. It looks like the win code has the exact same issue, so should get a similar fix. The linux code doesn't seem to (it doesn't call FindAvailableMemoryRange, and doesn't have a similar comparison).

@yln Note there are other bugs here but I plan to fix this in future commits (e.g. if (size < gap_size) should be if (size <= gap_size)).

vitalybuka accepted this revision.Aug 18 2020, 8:19 PM

This revision is now accepted and ready to land.Aug 18 2020, 8:19 PM

This looks reasonable, but just for verification, could you post the "before" and "after" of the little shadow map printout from ASAN_OPTIONS=verbosity=1?

kubamracek accepted this revision.Aug 19 2020, 9:23 AM

yln resigned from this revision.Mar 3 2023, 9:34 AM

Herald added a project: Restricted Project. · View Herald TranscriptMar 3 2023, 9:34 AM

Herald added a subscriber: Enna1. · View Herald Transcript

Revision Contents

Path

Size

compiler-rt/

lib/

sanitizer_common/

sanitizer_mac.cpp

4 lines

Diff 283467

compiler-rt/lib/sanitizer_common/sanitizer_mac.cpp

	Show First 20 Lines • Show All 1,131 Lines • ▼ Show 20 Lines
	uptr MapDynamicShadow(uptr shadow_size_bytes, uptr shadow_scale,			uptr MapDynamicShadow(uptr shadow_size_bytes, uptr shadow_scale,
	uptr min_shadow_base_alignment, uptr &high_mem_end) {			uptr min_shadow_base_alignment, uptr &high_mem_end) {
	const uptr granularity = GetMmapGranularity();			const uptr granularity = GetMmapGranularity();
	const uptr alignment =			const uptr alignment =
	Max<uptr>(granularity << shadow_scale, 1ULL << min_shadow_base_alignment);			Max<uptr>(granularity << shadow_scale, 1ULL << min_shadow_base_alignment);
	const uptr left_padding =			const uptr left_padding =
	Max<uptr>(granularity, 1ULL << min_shadow_base_alignment);			Max<uptr>(granularity, 1ULL << min_shadow_base_alignment);

	uptr space_size = shadow_size_bytes + left_padding;			uptr space_size = shadow_size_bytes;

	uptr largest_gap_found = 0;			uptr largest_gap_found = 0;
	uptr max_occupied_addr = 0;			uptr max_occupied_addr = 0;
	VReport(2, "FindDynamicShadowStart, space_size = %p\n", space_size);			VReport(2, "FindDynamicShadowStart, space_size = %p\n", space_size);
	uptr shadow_start =			uptr shadow_start =
	FindAvailableMemoryRange(space_size, alignment, left_padding,			FindAvailableMemoryRange(space_size, alignment, left_padding,
	&largest_gap_found, &max_occupied_addr);			&largest_gap_found, &max_occupied_addr);
	// If the shadow doesn't fit, restrict the address space to make it fit.			// If the shadow doesn't fit, restrict the address space to make it fit.
	if (shadow_start == 0) {			if (shadow_start == 0) {
	VReport(			VReport(
	2,			2,
	"Shadow doesn't fit, largest_gap_found = %p, max_occupied_addr = %p\n",			"Shadow doesn't fit, largest_gap_found = %p, max_occupied_addr = %p\n",
	largest_gap_found, max_occupied_addr);			largest_gap_found, max_occupied_addr);
	uptr new_max_vm = RoundDownTo(largest_gap_found << shadow_scale, alignment);			uptr new_max_vm = RoundDownTo(largest_gap_found << shadow_scale, alignment);
	if (new_max_vm < max_occupied_addr) {			if (new_max_vm < max_occupied_addr) {
	Report("Unable to find a memory range for dynamic shadow.\n");			Report("Unable to find a memory range for dynamic shadow.\n");
	Report(			Report(
	"space_size = %p, largest_gap_found = %p, max_occupied_addr = %p, "			"space_size = %p, largest_gap_found = %p, max_occupied_addr = %p, "
	"new_max_vm = %p\n",			"new_max_vm = %p\n",
	space_size, largest_gap_found, max_occupied_addr, new_max_vm);			space_size, largest_gap_found, max_occupied_addr, new_max_vm);
	CHECK(0 && "cannot place shadow");			CHECK(0 && "cannot place shadow");
	}			}
	RestrictMemoryToMaxAddress(new_max_vm);			RestrictMemoryToMaxAddress(new_max_vm);
	high_mem_end = new_max_vm - 1;			high_mem_end = new_max_vm - 1;
	space_size = (high_mem_end >> shadow_scale) + left_padding;			space_size = (high_mem_end >> shadow_scale);
	VReport(2, "FindDynamicShadowStart, space_size = %p\n", space_size);			VReport(2, "FindDynamicShadowStart, space_size = %p\n", space_size);
	shadow_start = FindAvailableMemoryRange(space_size, alignment, left_padding,			shadow_start = FindAvailableMemoryRange(space_size, alignment, left_padding,
	nullptr, nullptr);			nullptr, nullptr);
	if (shadow_start == 0) {			if (shadow_start == 0) {
	Report("Unable to find a memory range after restricting VM.\n");			Report("Unable to find a memory range after restricting VM.\n");
	CHECK(0 && "cannot place shadow after restricting vm");			CHECK(0 && "cannot place shadow after restricting vm");
	}			}
	}			}
	▲ Show 20 Lines • Show All 161 Lines • Show Last 20 Lines