Title: [199936] trunk/Source/bmalloc
- Revision
- 199936
- Author
- gga...@apple.com
- Date
- 2016-04-22 16:56:53 -0700 (Fri, 22 Apr 2016)
Log Message
bmalloc: vm allocations should plant guard pages
https://bugs.webkit.org/show_bug.cgi?id=156937
Reviewed by Michael Saboff.
* bmalloc/Object.h:
(bmalloc::Object::operator-): Added a - helper.
* bmalloc/VMAllocate.h:
(bmalloc::vmRevokePermissions): Added a helper to revoke permissions on
a VM region. We use this for guard pages.
* bmalloc/VMHeap.cpp:
(bmalloc::VMHeap::allocateSmallChunk): Add guard pages to the start and
end of the chunk.
Note that we don't guard large chunks becuase we need to be able to merge
them. Otherwise, we will run out of virtual addresses.
Modified Paths
Diff
Modified: trunk/Source/bmalloc/ChangeLog (199935 => 199936)
--- trunk/Source/bmalloc/ChangeLog 2016-04-22 23:48:44 UTC (rev 199935)
+++ trunk/Source/bmalloc/ChangeLog 2016-04-22 23:56:53 UTC (rev 199936)
@@ -1,5 +1,26 @@
2016-04-22 Geoffrey Garen <gga...@apple.com>
+ bmalloc: vm allocations should plant guard pages
+ https://bugs.webkit.org/show_bug.cgi?id=156937
+
+ Reviewed by Michael Saboff.
+
+ * bmalloc/Object.h:
+ (bmalloc::Object::operator-): Added a - helper.
+
+ * bmalloc/VMAllocate.h:
+ (bmalloc::vmRevokePermissions): Added a helper to revoke permissions on
+ a VM region. We use this for guard pages.
+
+ * bmalloc/VMHeap.cpp:
+ (bmalloc::VMHeap::allocateSmallChunk): Add guard pages to the start and
+ end of the chunk.
+
+ Note that we don't guard large chunks becuase we need to be able to merge
+ them. Otherwise, we will run out of virtual addresses.
+
+2016-04-22 Geoffrey Garen <gga...@apple.com>
+
bmalloc: Constify introspect function pointer table
https://bugs.webkit.org/show_bug.cgi?id=156936
Modified: trunk/Source/bmalloc/bmalloc/Object.h (199935 => 199936)
--- trunk/Source/bmalloc/bmalloc/Object.h 2016-04-22 23:48:44 UTC (rev 199935)
+++ trunk/Source/bmalloc/bmalloc/Object.h 2016-04-22 23:56:53 UTC (rev 199936)
@@ -52,6 +52,7 @@
SmallPage* page();
Object operator+(size_t);
+ Object operator-(size_t);
bool operator<=(const Object&);
private:
@@ -64,6 +65,11 @@
return Object(m_chunk, m_offset + offset);
}
+inline Object Object::operator-(size_t offset)
+{
+ return Object(m_chunk, m_offset - offset);
+}
+
inline bool Object::operator<=(const Object& other)
{
BASSERT(m_chunk == other.m_chunk);
Modified: trunk/Source/bmalloc/bmalloc/VMAllocate.h (199935 => 199936)
--- trunk/Source/bmalloc/bmalloc/VMAllocate.h 2016-04-22 23:48:44 UTC (rev 199935)
+++ trunk/Source/bmalloc/bmalloc/VMAllocate.h 2016-04-22 23:56:53 UTC (rev 199936)
@@ -137,6 +137,12 @@
munmap(p, vmSize);
}
+inline void vmRevokePermissions(void* p, size_t vmSize)
+{
+ vmValidate(p, vmSize);
+ mprotect(p, vmSize, PROT_NONE);
+}
+
// Allocates vmSize bytes at a specified power-of-two alignment.
// Use this function to create maskable memory regions.
Modified: trunk/Source/bmalloc/bmalloc/VMHeap.cpp (199935 => 199936)
--- trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-04-22 23:48:44 UTC (rev 199935)
+++ trunk/Source/bmalloc/bmalloc/VMHeap.cpp 2016-04-22 23:56:53 UTC (rev 199936)
@@ -75,6 +75,12 @@
Object begin(chunk, metadataSize);
Object end(chunk, chunkSize);
+ vmRevokePermissions(begin.begin(), pageSize);
+ vmRevokePermissions(end.begin() - pageSize, pageSize);
+
+ begin = begin + pageSize;
+ end = end - pageSize;
+
for (Object it = begin; it + pageSize <= end; it = it + pageSize) {
SmallPage* page = it.page();
new (page) SmallPage;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
