From 2c05ba4ae08317c6d0ad7418d5ecb0f971275d69 Mon Sep 17 00:00:00 2001 From: Keith Randall Date: Wed, 28 Apr 2021 23:07:38 -0700 Subject: [PATCH] runtime: top align tinyallocs in race mode Top align allocations in tinyalloc buckets when in race mode. This will make checkptr checks more reliable, because any code that modifies a pointer past the end of the object will trigger a checkptr error. No test, because we need -race for this to actually kick in. We could add it to the race detector tests, but the race detector tests are all geared towards race detector reports, not checkptr reports. Mucking with parsing reports is more than a test is worth. Fixes #38872 Change-Id: Ie56f0fbd1a9385539f6631fd1ac40c3de5600154 Reviewed-on: https://go-review.googlesource.com/c/go/+/315029 Trust: Keith Randall Run-TryBot: Keith Randall Reviewed-by: Cuong Manh Le Reviewed-by: Matthew Dempsky TryBot-Result: Go Bot --- src/runtime/export_test.go | 2 ++ src/runtime/malloc.go | 19 ++++++++++++++++++- src/runtime/malloc_test.go | 6 ++++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/src/runtime/export_test.go b/src/runtime/export_test.go index f742225d51e..a6fc1e4785f 100644 --- a/src/runtime/export_test.go +++ b/src/runtime/export_test.go @@ -1267,3 +1267,5 @@ func GCTestIsReachable(ptrs ...unsafe.Pointer) (mask uint64) { func GCTestPointerClass(p unsafe.Pointer) string { return gcTestPointerClass(p) } + +const Raceenabled = raceenabled diff --git a/src/runtime/malloc.go b/src/runtime/malloc.go index f2d2425f53e..3db884f498b 100644 --- a/src/runtime/malloc.go +++ b/src/runtime/malloc.go @@ -1047,7 +1047,8 @@ func mallocgc(size uintptr, typ *_type, needzero bool) unsafe.Pointer { (*[2]uint64)(x)[1] = 0 // See if we need to replace the existing tiny block with the new one // based on amount of remaining free space. - if size < c.tinyoffset || c.tiny == 0 { + if !raceenabled && (size < c.tinyoffset || c.tiny == 0) { + // Note: disabled when race detector is on, see comment near end of this function. c.tiny = uintptr(x) c.tinyoffset = size } @@ -1165,6 +1166,22 @@ func mallocgc(size uintptr, typ *_type, needzero bool) unsafe.Pointer { } } + if raceenabled && noscan && dataSize < maxTinySize { + // Pad tinysize allocations so they are aligned with the end + // of the tinyalloc region. This ensures that any arithmetic + // that goes off the top end of the object will be detectable + // by checkptr (issue 38872). + // Note that we disable tinyalloc when raceenabled for this to work. + // TODO: This padding is only performed when the race detector + // is enabled. It would be nice to enable it if any package + // was compiled with checkptr, but there's no easy way to + // detect that (especially at compile time). + // TODO: enable this padding for all allocations, not just + // tinyalloc ones. It's tricky because of pointer maps. + // Maybe just all noscan objects? + x = add(x, size-dataSize) + } + return x } diff --git a/src/runtime/malloc_test.go b/src/runtime/malloc_test.go index 4ba94d0494e..e028554b238 100644 --- a/src/runtime/malloc_test.go +++ b/src/runtime/malloc_test.go @@ -154,6 +154,9 @@ func TestStringConcatenationAllocs(t *testing.T) { } func TestTinyAlloc(t *testing.T) { + if runtime.Raceenabled { + t.Skip("tinyalloc suppressed when running in race mode") + } const N = 16 var v [N]unsafe.Pointer for i := range v { @@ -182,6 +185,9 @@ type obj12 struct { } func TestTinyAllocIssue37262(t *testing.T) { + if runtime.Raceenabled { + t.Skip("tinyalloc suppressed when running in race mode") + } // Try to cause an alignment access fault // by atomically accessing the first 64-bit // value of a tiny-allocated object.