Reland [Memory] Speculative fix for sanitizer flakiness.

- Uses a mutex to prevent races on getting random mmap addresses, on POSIX and Windows. Original change's description: > [Memory] Speculative fix for sanitizer flakiness. > > - When allocating virtual memory, make sure addresses don't interfere > with hard-coded sanitizer regions. > > Bug: v8:7146 > Change-Id: I5bcb664b32bf53c8581772fe329190da6033701f > Reviewed-on: https://chromium-review.googlesource.com/833171 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Commit-Queue: Bill Budge <bbudge@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50208} Bug: v8:7146 Change-Id: I5a82f2a1f6136498fb2aa7a37e0206c506545073 Reviewed-on: https://chromium-review.googlesource.com/834453Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#50216}

Reland [Memory] Speculative fix for sanitizer flakiness.
- Uses a mutex to prevent races on getting random mmap addresses, on POSIX and Windows. Original change's description: > [Memory] Speculative fix for sanitizer flakiness. > > - When allocating virtual memory, make sure addresses don't interfere > with hard-coded sanitizer regions. > > Bug: v8:7146 > Change-Id: I5bcb664b32bf53c8581772fe329190da6033701f > Reviewed-on: https://chromium-review.googlesource.com/833171 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Commit-Queue: Bill Budge <bbudge@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50208} Bug: v8:7146 Change-Id: I5a82f2a1f6136498fb2aa7a37e0206c506545073 Reviewed-on: https://chromium-review.googlesource.com/834453Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#50216}
52cc5fe0 · Bill Budge · Commit Bot · 42ac7fe0 · 52cc5fe0 · 52cc5fe0
Commit 52cc5fe0 authored Dec 19, 2017 by Bill Budge Committed by Commit Bot Dec 19, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 10 deletions

platform-posix.cc src/base/platform/platform-posix.cc +16 -8

platform-win32.cc src/base/platform/platform-win32.cc +6 -2

No files found.
--- a/src/base/platform/platform-posix.cc
+++ b/src/base/platform/platform-posix.cc
@@ -89,6 +89,7 @@ const char* g_gc_fake_mmap = nullptr;

 static LazyInstance<RandomNumberGenerator>::type
    platform_random_number_generator = LAZY_INSTANCE_INITIALIZER;
+static LazyMutex rng_mutex = LAZY_MUTEX_INITIALIZER;

 #if !V8_OS_FUCHSIA
 #if V8_OS_MACOSX
@@ -206,14 +207,21 @@ size_t OS::CommitPageSize() {

 // static
 void* OS::GetRandomMmapAddr() {
-#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
-    defined(THREAD_SANITIZER)
-  // Dynamic tools do not support custom mmap addresses.
-  return nullptr;
-#else
  uintptr_t raw_addr;
-  platform_random_number_generator.Pointer()->NextBytes(&raw_addr,
-                                                        sizeof(raw_addr));
+  {
+    LockGuard<Mutex> guard(rng_mutex.Pointer());
+    platform_random_number_generator.Pointer()->NextBytes(&raw_addr,
+                                                          sizeof(raw_addr));
+  }
+#if defined(V8_USE_ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
+    defined(THREAD_SANITIZER) || defined(LEAK_SANITIZER)
+  // If random hint addresses interfere with address ranges hard coded in
+  // sanitizers, bad things happen. This address range is copied from TSAN
+  // source but works with all tools.
+  // See crbug.com/539863.
+  raw_addr &= 0x007fffff0000ULL;
+  raw_addr += 0x7e8000000000ULL;
+#else
 #if V8_TARGET_ARCH_X64
  // Currently available CPUs have 48 bits of virtual addressing.  Truncate
  // the hint address to 46 bits to give the kernel a fighting chance of
@@ -267,8 +275,8 @@ void* OS::GetRandomMmapAddr() {
  raw_addr += 0x20000000;
 #endif
 #endif
-  return reinterpret_cast<void*>(raw_addr);
 #endif
+  return reinterpret_cast<void*>(raw_addr);
 }

 // TODO(bbudge) Move Cygwin and Fuschia stuff into platform-specific files.

--- a/src/base/platform/platform-win32.cc
+++ b/src/base/platform/platform-win32.cc
@@ -699,6 +699,7 @@ size_t OS::CommitPageSize() {

 static LazyInstance<RandomNumberGenerator>::type
    platform_random_number_generator = LAZY_INSTANCE_INITIALIZER;
+static LazyMutex rng_mutex = LAZY_MUTEX_INITIALIZER;

 void OS::Initialize(int64_t random_seed, bool hard_abort,
                    const char* const gc_fake_mmap) {
@@ -722,8 +723,11 @@ void* OS::GetRandomMmapAddr() {
  static const uintptr_t kAllocationRandomAddressMax = 0x3FFF0000;
 #endif
  uintptr_t address;
-  platform_random_number_generator.Pointer()->NextBytes(&address,
-                                                        sizeof(address));
+  {
+    LockGuard<Mutex> guard(rng_mutex.Pointer());
+    platform_random_number_generator.Pointer()->NextBytes(&address,
+                                                          sizeof(address));
+  }
  address <<= kPageSizeBits;
  address += kAllocationRandomAddressMin;
  address &= kAllocationRandomAddressMax;