Comment #12 on issue 2473 by [email protected]: http://www.chaostoperfection.com/ crashes in V8 initialization on 64-bit platforms
http://code.google.com/p/v8/issues/detail?id=2473
Then there seems to have been a miscommunication. As I noted at the start of my last comment, I agree that V8 should not be prevented from reserving a 512mb (or more) range per thread. If that's the only problem, then it is a bug in the sandbox and will be fixed. My concern was that all the comments here gave me the impression that the RWX limit had been increased to 512mb without consulting the security team, but apparently that's not the case.
Accepting all that, we are at the point where we should revisit our mitigations, and look at catching smaller RWX spikes (rather than lifetime usage) associated with JIT spraying exploits. Although, that's a discussion for another bug.
-- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
