Modified: trunk/Source/_javascript_Core/ChangeLog (219272 => 219273)
--- trunk/Source/_javascript_Core/ChangeLog 2017-07-07 22:02:46 UTC (rev 219272)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-07-08 00:03:27 UTC (rev 219273)
@@ -1,3 +1,16 @@
+2017-07-07 AJ Ringer <[email protected]>
+
+ Lower the max_protection for the separated heap
+ https://bugs.webkit.org/show_bug.cgi?id=174281
+
+ Reviewed by Oliver Hunt.
+
+ Switch to vm_protect so we can set maximum page protection.
+
+ * jit/ExecutableAllocator.cpp:
+ (JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
+ (JSC::ExecutableAllocator::allocate):
+
2017-07-07 Devin Rousso <[email protected]>
Web Inspector: Show all elements currently using a given CSS Canvas
Modified: trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp (219272 => 219273)
--- trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp 2017-07-07 22:02:46 UTC (rev 219272)
+++ trunk/Source/_javascript_Core/jit/ExecutableAllocator.cpp 2017-07-08 00:03:27 UTC (rev 219273)
@@ -212,16 +212,16 @@
#if USE(EXECUTE_ONLY_JIT_WRITE_FUNCTION)
// Prevent reading the write thunk code.
- result = mprotect(stubBase, stubSize, VM_PROT_EXECUTE_ONLY);
+ result = vm_protect(mach_task_self(), reinterpret_cast<vm_address_t>(stubBase), stubSize, true, VM_PROT_EXECUTE);
RELEASE_ASSERT(!result);
#endif
// Prevent writing into the executable JIT mapping.
- result = mprotect(jitBase, jitSize, VM_PROT_READ | VM_PROT_EXECUTE);
+ result = vm_protect(mach_task_self(), reinterpret_cast<vm_address_t>(jitBase), jitSize, true, VM_PROT_READ | VM_PROT_EXECUTE);
RELEASE_ASSERT(!result);
// Prevent execution in the writable JIT mapping.
- result = mprotect((void*)writableAddr, jitSize, VM_PROT_READ | VM_PROT_WRITE);
+ result = vm_protect(mach_task_self(), static_cast<vm_address_t>(writableAddr), jitSize, true, VM_PROT_READ | VM_PROT_WRITE);
RELEASE_ASSERT(!result);
// Zero out writableAddr to avoid leaking the address of the writable mapping.
@@ -396,16 +396,16 @@
MetaAllocator::Statistics stats = allocator->currentStatistics();
dataLog("Allocating ", sizeInBytes, " bytes of executable memory with ", stats.bytesAllocated, " bytes allocated, ", stats.bytesReserved, " bytes reserved, and ", stats.bytesCommitted, " committed.\n");
}
-
+
if (effort != JITCompilationCanFail && Options::reportMustSucceedExecutableAllocations()) {
dataLog("Allocating ", sizeInBytes, " bytes of executable memory with JITCompilationMustSucceed.\n");
WTFReportBacktrace();
}
-
+
if (effort == JITCompilationCanFail
&& doExecutableAllocationFuzzingIfEnabled() == PretendToFailExecutableAllocation)
return nullptr;
-
+
if (effort == JITCompilationCanFail) {
// Don't allow allocations if we are down to reserve.
MetaAllocator::Statistics statistics = allocator->currentStatistics();
@@ -418,7 +418,7 @@
return nullptr;
}
}
-
+
RefPtr<ExecutableMemoryHandle> result = allocator->allocate(sizeInBytes, ownerUID);
if (!result) {
if (effort != JITCompilationCanFail) {
@@ -451,7 +451,7 @@
allocator->dumpProfile();
}
#endif
-
+
}
#endif // ENABLE(ASSEMBLER)
