Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash on Rosetta for double mapping jitted code #102226

Closed
noahfalk opened this issue May 14, 2024 · 7 comments · Fixed by #102509
Closed

Crash on Rosetta for double mapping jitted code #102226

noahfalk opened this issue May 14, 2024 · 7 comments · Fixed by #102509
Labels
area-VM-coreclr

Comments

@noahfalk
Copy link
Member

Description

Roblox reported that their app crashes when run in Rosetta unless they set DOTNET_EnableWriteXorExecute=0

Reproduction Steps

docker run --platform linux/amd64 -it docker.artifactory.rbx.com/dotnet/sdk:8.0 /bin/bash

root@361134e3e399:/# dotnet new tool-manifest

Expected behavior

No crash

Actual behavior

Segmentation fault

Regression?

Unknown

Known Workarounds

set DOTNET_EnableWriteXorExecute=0

Configuration

No response

Other information

No response
@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label May 14, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @mangod9
See info in area-owners.md if you want to be subscribed.

@noahfalk noahfalk changed the title Crash on Rosetta for double jitting Crash on Rosetta for double mapping jitted code May 14, 2024
@filipnavara
Copy link
Member

Rosetta doesn't support the W^X double mapping. It's disabled on macOS when running under Rosetta. I am not sure if it's possible to detect it under linux-arm64 container/VM.

@mangod9
Copy link
Member

mangod9 commented May 15, 2024

@janvorli
Copy link
Member

I think it could be acceptable, since if we detected that automatically somehow in the runtime, we would do the same thing as setting that env variable would do. But I'd look if there is a way to detect that we are running in linux container on mac.

@noahfalk
Copy link
Member Author

@janvorli. @noahfalk, is the workaround acceptable if documented?

I don't think Roblox cares whether W^X is enabled or not as long as the app doesn't crash. Now that they know about the env var I suspect this is only a small inconvenience for them, but they are reporting it for the benefit of others who might run into the same thing.

My main worries here would be:

  1. When .NET crashes on startup it gives a bad perception for .NET product quality regardless if a workaround exists.
  2. If we documented the workaround, how easily do we expect people hitting this issue would find it? For example if they searched for ".NET seg fault" would they find our doc page when there are probably tons of other web pages talking about seg faults too?

@janvorli
Copy link
Member

Thinking about it more, I need to refresh my mind on what exactly happens when we try to double map under rosetta. I believe I have it recorded in my notes somewhere. If that was something we can reliably test at startup and figure out it doesn't work, we can use that instead of trying to figure out if a linux container is running on rosetta.

@janvorli
Copy link
Member

Ah, found it. The problem is that when a code is modified in memory via a secondary mapping and the preexisting code in the same page was already executed before, rosetta basically ignores the modifications. It doesn't detect that it needs to recompile the code on that page from x64 to arm64 again. I guess this would be detectable by creating a page with some code that e.g. returns a constant. Then modifying the code via double mapping to code that returns a different constant, calling that code and checking the result.

janvorli added a commit to janvorli/runtime that referenced this issue May 21, 2024
@janvorli
Disable W^X on x64 in rosetta based container
42e81bc 
The docker on macOS Arm64 uses Rosetta to run x64 containers. That
has an effect on the double mapping. The Rosetta is unable to detect
when an already executed code page is modified. So we cannot use double
mapping on those containers. To detect that case, this change adds check
that verifies that the double mapping works even when the code is
modified.

Close dotnet#102226
@janvorli janvorli mentioned this issue May 21, 2024
Merged
janvorli added a commit that referenced this issue May 23, 2024
@janvorli
Disable W^X in Rosetta emulated x64 containers on macOS (#102509)
097c8ab 
* Disable W^X on x64 in rosetta based container

The docker on macOS Arm64 uses Rosetta to run x64 containers. That
has an effect on the double mapping. The Rosetta is unable to detect
when an already executed code page is modified. So we cannot use double
mapping on those containers. To detect that case, this change adds check
that verifies that the double mapping works even when the code is
modified.

Close #102226

* Rework based on PR feedback

* Check only for Rosetta

* Enable the rosetta check for x86 too

This will help WINE running 32 bit code under rosetta emulation on
macOS.
@dotnet-policy-service dotnet-policy-service bot removed the untriaged New issue has not been triaged by the area owner label May 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-VM-coreclr
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Disable W^X in Rosetta emulated x64 containers on macOS janvorli/runtime
4 participants
@filipnavara @noahfalk @janvorli @mangod9