Randomize allocation addresses on windows.

src/platform-win32.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 811 matching lines @@
 // VirtualAlloc'ed blocks of memory.
 size_t OS::AllocateAlignment() {
   static size_t allocate_alignment = 0;
   if (allocate_alignment == 0) {
     SYSTEM_INFO info;
     GetSystemInfo(&info);
     allocate_alignment = info.dwAllocationGranularity;
   }
   return allocate_alignment;
 }
 

[Vyacheslav Egorov (Chromium), 2012/02/22 12:22:36]

one more new line

-
-void* OS::Allocate(const size_t requested,
-                   size_t* allocated,
-                   bool is_executable) {
+void* OS::GetRandomAddr() {
   // The address range used to randomize RWX allocations in OS::Allocate
   // Try not to map pages into the default range that windows loads DLLs
   // Use a multiple of 64k to prevent committing unused memory.
   // Note: This does not guarantee RWX regions will be within the
   // range kAllocationRandomAddressMin to kAllocationRandomAddressMax
 #ifdef V8_HOST_ARCH_64_BIT
   static const intptr_t kAllocationRandomAddressMin = 0x0000000080000000;
   static const intptr_t kAllocationRandomAddressMax = 0x000003FFFFFF0000;
 #else
   static const intptr_t kAllocationRandomAddressMin = 0x04000000;
   static const intptr_t kAllocationRandomAddressMax = 0x3FFF0000;
 #endif
+  uintptr_t address = (V8::RandomPrivate(Isolate::Current()) << kPageSizeBits)
+      | kAllocationRandomAddressMin;
+  address &= kAllocationRandomAddressMax;
+  return reinterpret_cast<void *>(address);
+}
 

[Vyacheslav Egorov (Chromium), 2012/02/22 12:22:36]

one more new line

+void* OS::Allocate(const size_t requested,
+                   size_t* allocated,
+                   bool is_executable) {
   // VirtualAlloc rounds allocated size to page size automatically.
   size_t msize = RoundUp(requested, static_cast<int>(GetPageSize()));
-  intptr_t address = 0;
+  void* address = 0;
 
   // Windows XP SP2 allows Data Excution Prevention (DEP).
   int prot = is_executable ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE;
 
   // For exectutable pages try and randomize the allocation address
   if (prot == PAGE_EXECUTE_READWRITE &&
       msize >= static_cast<size_t>(Page::kPageSize)) {
-    address = (V8::RandomPrivate(Isolate::Current()) << kPageSizeBits)
-      | kAllocationRandomAddressMin;
-    address &= kAllocationRandomAddressMax;
+    address = OS::GetRandomAddr();

[Vyacheslav Egorov (Chromium), 2012/02/22 12:22:36]

I don't think GetRandomAddr has to be member of OS it could as well be just a
static global function.

   }
 
-  LPVOID mbase = VirtualAlloc(reinterpret_cast<void *>(address),
+  LPVOID mbase = VirtualAlloc(address,
                               msize,
                               MEM_COMMIT | MEM_RESERVE,
                               prot);
   if (mbase == NULL && address != 0)
     mbase = VirtualAlloc(NULL, msize, MEM_COMMIT | MEM_RESERVE, prot);
 
   if (mbase == NULL) {
     LOG(ISOLATE, StringEvent("OS::Allocate", "VirtualAlloc failed"));
     return NULL;
   }
@@ skipping 588 matching lines @@
 }
 
 
 bool VirtualMemory::Uncommit(void* address, size_t size) {
   ASSERT(IsReserved());
   return UncommitRegion(address, size);
 }
 
 
 void* VirtualMemory::ReserveRegion(size_t size) {
-  return VirtualAlloc(NULL, size, MEM_RESERVE, PAGE_NOACCESS);
+  void* address = 0;
+  LPVOID mbase = NULL;
+
+  for (size_t attempts = 0; mbase == NULL && attempts < 3; ++attempts) {
+    address = OS::GetRandomAddr();
+    mbase = VirtualAlloc(address, size, MEM_RESERVE, PAGE_NOACCESS);
+  }
+
+  // After three attempts give up and let the OS find an address to use.
+  if (mbase == NULL)
+    mbase = VirtualAlloc(NULL, size, MEM_RESERVE, PAGE_NOACCESS);

[Vyacheslav Egorov (Chromium), 2012/02/22 12:22:36]

we do not omit {} for if-s that span several lines.

+  return mbase;

[Vyacheslav Egorov (Chromium), 2012/02/22 12:22:36]

I would abstract loop and last attempt into a function and call it from two
different places. 

 }
 
 
 bool VirtualMemory::CommitRegion(void* base, size_t size, bool is_executable) {
   int prot = is_executable ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE;
   if (NULL == VirtualAlloc(base, size, MEM_COMMIT, prot)) {
     return false;
   }
 
   UpdateAllocatedSpaceLimits(base, static_cast<int>(size));
@@ skipping 549 matching lines @@
 
 
 void Sampler::Stop() {
   ASSERT(IsActive());
   SamplerThread::RemoveActiveSampler(this);
   SetActive(false);
 }
 
 
 } }  // namespace v8::internal