Skip to content

Commit 27af192

Browse files
thetruestbluethetruestblue
committed
[Sanitizers][Apple] Fix logic bugs that break RestrictMemoryToMaxAddress
There are two logic bugs breaking RestrictMemoryToMaxAddress -- adding left_padding within MapDynamicShadow. There is also an issue with the expectation of hitting KERN_INVALID_ADDRESS when we are beyond the addressable regions. For most embedded scenarios, we exceed vm_max_address and setting max_occupied address to a memory region the process doesn't have access to. Because of this, our check if (new_max_vm < max_occupied_addr) { will always fail and we will never restrict the address on smaller devices. rdar://66603866
1 parent b968fd9 commit 27af192

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

compiler-rt/lib/sanitizer_common/sanitizer_mac.cpp

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1203,7 +1203,7 @@ uptr MapDynamicShadow(uptr shadow_size_bytes, uptr shadow_scale,
12031203
const uptr left_padding =
12041204
Max<uptr>(granularity, 1ULL << min_shadow_base_alignment);
12051205

1206-
uptr space_size = shadow_size_bytes + left_padding;
1206+
uptr space_size = shadow_size_bytes;
12071207

12081208
uptr largest_gap_found = 0;
12091209
uptr max_occupied_addr = 0;
@@ -1229,7 +1229,7 @@ uptr MapDynamicShadow(uptr shadow_size_bytes, uptr shadow_scale,
12291229
}
12301230
RestrictMemoryToMaxAddress(new_max_vm);
12311231
high_mem_end = new_max_vm - 1;
1232-
space_size = (high_mem_end >> shadow_scale) + left_padding;
1232+
space_size = (high_mem_end >> shadow_scale);
12331233
VReport(2, "FindDynamicShadowStart, space_size = %p\n", (void *)space_size);
12341234
shadow_start = FindAvailableMemoryRange(space_size, alignment, granularity,
12351235
nullptr, nullptr);
@@ -1272,10 +1272,11 @@ uptr FindAvailableMemoryRange(uptr size, uptr alignment, uptr left_padding,
12721272
mach_msg_type_number_t count = kRegionInfoSize;
12731273
kr = mach_vm_region_recurse(mach_task_self(), &address, &vmsize, &depth,
12741274
(vm_region_info_t)&vminfo, &count);
1275-
if (kr == KERN_INVALID_ADDRESS) {
1275+
if (kr == KERN_INVALID_ADDRESS || address > GetMaxVirtualAddress()) {
12761276
// No more regions beyond "address", consider the gap at the end of VM.
12771277
address = max_vm_address;
12781278
vmsize = 0;
1279+
kr = -1; // break after this iteration.
12791280
} else {
12801281
if (max_occupied_addr) *max_occupied_addr = address + vmsize;
12811282
}

0 commit comments

Comments
 (0)