Title: [225701] trunk/Source/bmalloc
- Revision
- 225701
- Author
- sbar...@apple.com
- Date
- 2017-12-08 14:28:31 -0800 (Fri, 08 Dec 2017)
Log Message
Enable gigacage on iOS with a 32GB runway and ensure it doesn't break WasmBench
https://bugs.webkit.org/show_bug.cgi?id=178557
Reviewed by Mark Lam.
* bmalloc/Algorithm.h:
(bmalloc::isPowerOfTwo):
* bmalloc/Gigacage.cpp:
* bmalloc/Gigacage.h:
Modified Paths
Diff
Modified: trunk/Source/bmalloc/ChangeLog (225700 => 225701)
--- trunk/Source/bmalloc/ChangeLog 2017-12-08 22:23:22 UTC (rev 225700)
+++ trunk/Source/bmalloc/ChangeLog 2017-12-08 22:28:31 UTC (rev 225701)
@@ -1,3 +1,15 @@
+2017-12-08 Saam Barati <sbar...@apple.com>
+
+ Enable gigacage on iOS with a 32GB runway and ensure it doesn't break WasmBench
+ https://bugs.webkit.org/show_bug.cgi?id=178557
+
+ Reviewed by Mark Lam.
+
+ * bmalloc/Algorithm.h:
+ (bmalloc::isPowerOfTwo):
+ * bmalloc/Gigacage.cpp:
+ * bmalloc/Gigacage.h:
+
2017-12-05 Andy Estes <aes...@apple.com>
[Darwin] Simplify use of TargetConditionals
Modified: trunk/Source/bmalloc/bmalloc/Algorithm.h (225700 => 225701)
--- trunk/Source/bmalloc/bmalloc/Algorithm.h 2017-12-08 22:23:22 UTC (rev 225700)
+++ trunk/Source/bmalloc/bmalloc/Algorithm.h 2017-12-08 22:28:31 UTC (rev 225701)
@@ -63,8 +63,10 @@
return !!(reinterpret_cast<uintptr_t>(value) & mask);
}
-inline constexpr bool isPowerOfTwo(size_t size)
+template <typename T>
+inline constexpr bool isPowerOfTwo(T size)
{
+ static_assert(std::is_integral<T>::value, "");
return size && !(size & (size - 1));
}
Modified: trunk/Source/bmalloc/bmalloc/Gigacage.cpp (225700 => 225701)
--- trunk/Source/bmalloc/bmalloc/Gigacage.cpp 2017-12-08 22:23:22 UTC (rev 225700)
+++ trunk/Source/bmalloc/bmalloc/Gigacage.cpp 2017-12-08 22:28:31 UTC (rev 225701)
@@ -34,13 +34,12 @@
#include <cstdio>
#include <mutex>
-#if BCPU(ARM64)
-// FIXME: There is no good reason for ARM64 to be special.
-// https://bugs.webkit.org/show_bug.cgi?id=177605
-#define GIGACAGE_RUNWAY 0
-#else
+// This is exactly 32GB because inside JSC, indexed accesses for arrays, typed arrays, etc,
+// use unsigned 32-bit ints as indices. The items those indices access are 8 bytes or less
+// in size. 2^32 * 8 = 32GB. This means if an access on a caged type happens to go out of
+// bounds, the access is guaranteed to land somewhere else in the cage or inside the runway.
+// If this were less than 32GB, those OOB accesses could reach outside of the cage.
#define GIGACAGE_RUNWAY (32llu * 1024 * 1024 * 1024)
-#endif
char g_gigacageBasePtrs[GIGACAGE_BASE_PTRS_SIZE] __attribute__((aligned(GIGACAGE_BASE_PTRS_SIZE)));
Modified: trunk/Source/bmalloc/bmalloc/Gigacage.h (225700 => 225701)
--- trunk/Source/bmalloc/bmalloc/Gigacage.h 2017-12-08 22:23:22 UTC (rev 225700)
+++ trunk/Source/bmalloc/bmalloc/Gigacage.h 2017-12-08 22:28:31 UTC (rev 225701)
@@ -25,6 +25,7 @@
#pragma once
+#include "Algorithm.h"
#include "BAssert.h"
#include "BExport.h"
#include "BInline.h"
@@ -33,9 +34,7 @@
#include <inttypes.h>
#if BCPU(ARM64)
-// FIXME: This can probably be a lot bigger on iOS. I just haven't tried to make it bigger yet.
-// https://bugs.webkit.org/show_bug.cgi?id=177605
-#define PRIMITIVE_GIGACAGE_SIZE 0x40000000llu
+#define PRIMITIVE_GIGACAGE_SIZE 0x80000000llu
#define JSVALUE_GIGACAGE_SIZE 0x40000000llu
#define STRING_GIGACAGE_SIZE 0x40000000llu
#define GIGACAGE_ALLOCATION_CAN_FAIL 1
@@ -46,6 +45,10 @@
#define GIGACAGE_ALLOCATION_CAN_FAIL 0
#endif
+static_assert(bmalloc::isPowerOfTwo(PRIMITIVE_GIGACAGE_SIZE), "");
+static_assert(bmalloc::isPowerOfTwo(JSVALUE_GIGACAGE_SIZE), "");
+static_assert(bmalloc::isPowerOfTwo(STRING_GIGACAGE_SIZE), "");
+
#define GIGACAGE_SIZE_TO_MASK(size) ((size) - 1)
#define PRIMITIVE_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(PRIMITIVE_GIGACAGE_SIZE)
@@ -52,9 +55,8 @@
#define JSVALUE_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(JSVALUE_GIGACAGE_SIZE)
#define STRING_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(STRING_GIGACAGE_SIZE)
-// FIXME: Make WasmBench run with gigacage on iOS and re-enable on ARM64:
-// https://bugs.webkit.org/show_bug.cgi?id=178557
-#if (BOS(DARWIN) || BOS(LINUX)) && (/* (BCPU(ARM64) && !defined(__ILP32__)) || */ BCPU(X86_64))
+#if ((BOS(DARWIN) || BOS(LINUX)) && \
+ (BCPU(X86_64) || (BCPU(ARM64) && !defined(__ILP32__) && (!BPLATFORM(IOS) || __IPHONE_OS_VERSION_MIN_REQUIRED >= 110300))))
#define GIGACAGE_ENABLED 1
#else
#define GIGACAGE_ENABLED 0
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes