Diff
Modified: branches/safari-614.1.3-branch/Source/_javascript_Core/ChangeLog (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/_javascript_Core/ChangeLog 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/_javascript_Core/ChangeLog 2022-02-15 00:14:57 UTC (rev 289781)
@@ -1,3 +1,54 @@
+2022-02-14 Russell Epstein <[email protected]>
+
+ Cherry-pick r289592. rdar://problem/88323950
+
+ tryReserveUncommittedAligned should explicitly take the alignment requested
+ https://bugs.webkit.org/show_bug.cgi?id=236460
+
+ Reviewed by Yusuke Suzuki.
+
+ Source/_javascript_Core:
+
+ When reducing the size of VA space reserved for Structures, we
+ didn't take care to ensure the alignment matched the required
+ alignment for our bit mask. To fix this we need to pass the
+ original alignment to the allocator as a new parameter.
+
+ * heap/StructureAlignedMemoryAllocator.cpp:
+ (JSC::StructureMemoryManager::StructureMemoryManager):
+
+ Source/WTF:
+
+ This patch adds a new ifdef for Unix flavors that support the
+ MAP_ALIGNED macro/parameter to mmap.
+
+ Also, fix a bug where on windows we wouldn't request enough
+ space to guarantee that allocation is aligned.
+
+ * wtf/OSAllocator.h:
+ * wtf/posix/OSAllocatorPOSIX.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+ * wtf/win/OSAllocatorWin.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289592 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2022-02-10 Keith Miller <[email protected]>
+
+ tryReserveUncommittedAligned should explicitly take the alignment requested
+ https://bugs.webkit.org/show_bug.cgi?id=236460
+
+ Reviewed by Yusuke Suzuki.
+
+ When reducing the size of VA space reserved for Structures, we
+ didn't take care to ensure the alignment matched the required
+ alignment for our bit mask. To fix this we need to pass the
+ original alignment to the allocator as a new parameter.
+
+ * heap/StructureAlignedMemoryAllocator.cpp:
+ (JSC::StructureMemoryManager::StructureMemoryManager):
+
2022-02-06 Lauro Moura <[email protected]>
Unreviewed, non-unified build fixes
Modified: branches/safari-614.1.3-branch/Source/_javascript_Core/heap/StructureAlignedMemoryAllocator.cpp (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/_javascript_Core/heap/StructureAlignedMemoryAllocator.cpp 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/_javascript_Core/heap/StructureAlignedMemoryAllocator.cpp 2022-02-15 00:14:57 UTC (rev 289781)
@@ -76,7 +76,7 @@
m_mappedHeapSize = structureHeapAddressSize;
for (unsigned i = 0; i < 8; ++i) {
- g_jscConfig.startOfStructureHeap = reinterpret_cast<uintptr_t>(OSAllocator::tryReserveUncommittedAligned(m_mappedHeapSize, OSAllocator::FastMallocPages));
+ g_jscConfig.startOfStructureHeap = reinterpret_cast<uintptr_t>(OSAllocator::tryReserveUncommittedAligned(m_mappedHeapSize, structureHeapAddressSize, OSAllocator::FastMallocPages));
if (g_jscConfig.startOfStructureHeap)
break;
m_mappedHeapSize /= 2;
Modified: branches/safari-614.1.3-branch/Source/WTF/ChangeLog (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/WTF/ChangeLog 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/WTF/ChangeLog 2022-02-15 00:14:57 UTC (rev 289781)
@@ -1,3 +1,59 @@
+2022-02-14 Russell Epstein <[email protected]>
+
+ Cherry-pick r289592. rdar://problem/88323950
+
+ tryReserveUncommittedAligned should explicitly take the alignment requested
+ https://bugs.webkit.org/show_bug.cgi?id=236460
+
+ Reviewed by Yusuke Suzuki.
+
+ Source/_javascript_Core:
+
+ When reducing the size of VA space reserved for Structures, we
+ didn't take care to ensure the alignment matched the required
+ alignment for our bit mask. To fix this we need to pass the
+ original alignment to the allocator as a new parameter.
+
+ * heap/StructureAlignedMemoryAllocator.cpp:
+ (JSC::StructureMemoryManager::StructureMemoryManager):
+
+ Source/WTF:
+
+ This patch adds a new ifdef for Unix flavors that support the
+ MAP_ALIGNED macro/parameter to mmap.
+
+ Also, fix a bug where on windows we wouldn't request enough
+ space to guarantee that allocation is aligned.
+
+ * wtf/OSAllocator.h:
+ * wtf/posix/OSAllocatorPOSIX.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+ * wtf/win/OSAllocatorWin.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289592 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2022-02-10 Keith Miller <[email protected]>
+
+ tryReserveUncommittedAligned should explicitly take the alignment requested
+ https://bugs.webkit.org/show_bug.cgi?id=236460
+
+ Reviewed by Yusuke Suzuki.
+
+ This patch adds a new ifdef for Unix flavors that support the
+ MAP_ALIGNED macro/parameter to mmap.
+
+ Also, fix a bug where on windows we wouldn't request enough
+ space to guarantee that allocation is aligned.
+
+
+ * wtf/OSAllocator.h:
+ * wtf/posix/OSAllocatorPOSIX.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+ * wtf/win/OSAllocatorWin.cpp:
+ (WTF::OSAllocator::tryReserveUncommittedAligned):
+
2022-02-06 Yusuke Suzuki <[email protected]>
[WTF] Make Bitmap constexpr friendly
Modified: branches/safari-614.1.3-branch/Source/WTF/wtf/OSAllocator.h (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/WTF/wtf/OSAllocator.h 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/WTF/wtf/OSAllocator.h 2022-02-15 00:14:57 UTC (rev 289781)
@@ -39,15 +39,18 @@
JSJITCodePages = VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY,
};
- // These methods are symmetric; reserveUncommitted(Aligned) allocates VM in an uncommitted state,
+ // The requested alignment must be a power of two and greater than the system page size.
+ // The memory returned by this cannot be released as on Windows there's no guaranteed API to
+ // get an aligned address and the size + alignment then rounding trick cannot release the unused parts
+ // due to how the Windows syscalls work.
+ WTF_EXPORT_PRIVATE static void* tryReserveUncommittedAligned(size_t size, size_t alignment, Usage = UnknownUsage, bool writable = true, bool executable = false, bool jitCageEnabled = false, bool includesGuardPages = false);
+
+ // These methods are symmetric; reserveUncommitted allocates VM in an uncommitted state,
// releaseDecommitted should be called on a region of VM allocated by a single reservation,
- // the memory must all currently be in a decommitted state. reserveUncommitted(Aligned) returns to
+ // the memory must all currently be in a decommitted state. reserveUncommitted returns to
// you memory that is zeroed.
WTF_EXPORT_PRIVATE static void* reserveUncommitted(size_t, Usage = UnknownUsage, bool writable = true, bool executable = false, bool jitCageEnabled = false, bool includesGuardPages = false);
WTF_EXPORT_PRIVATE static void* tryReserveUncommitted(size_t, Usage = UnknownUsage, bool writable = true, bool executable = false, bool jitCageEnabled = false, bool includesGuardPages = false);
- // This guarantees the memory will be aligned to a multiple of the requested size. The requested
- // size must be a power of two and greater than the system page size.
- WTF_EXPORT_PRIVATE static void* tryReserveUncommittedAligned(size_t, Usage = UnknownUsage, bool writable = true, bool executable = false, bool jitCageEnabled = false, bool includesGuardPages = false);
WTF_EXPORT_PRIVATE static void releaseDecommitted(void*, size_t);
// These methods are symmetric; they commit or decommit a region of VM (uncommitted VM should
Modified: branches/safari-614.1.3-branch/Source/WTF/wtf/posix/OSAllocatorPOSIX.cpp (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/WTF/wtf/posix/OSAllocatorPOSIX.cpp 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/WTF/wtf/posix/OSAllocatorPOSIX.cpp 2022-02-15 00:14:57 UTC (rev 289781)
@@ -148,9 +148,9 @@
return result;
}
-void* OSAllocator::tryReserveUncommittedAligned(size_t bytes, Usage usage, bool writable, bool executable, bool jitCageEnabled, bool includesGuardPages)
+void* OSAllocator::tryReserveUncommittedAligned(size_t bytes, size_t alignment, Usage usage, bool writable, bool executable, bool jitCageEnabled, bool includesGuardPages)
{
- ASSERT(hasOneBitSet(bytes) && bytes >= pageSize());
+ ASSERT(hasOneBitSet(alignment) && alignment >= pageSize());
#if PLATFORM(MAC) || USE(APPLE_INTERNAL_SDK)
UNUSED_PARAM(usage); // Not supported for mach API.
@@ -167,7 +167,7 @@
const int flags = VM_FLAGS_ANYWHERE;
void* aligned = nullptr;
- kern_return_t result = mach_vm_map(mach_task_self(), reinterpret_cast<mach_vm_address_t*>(&aligned), bytes, bytes - 1, flags, MEMORY_OBJECT_NULL, 0, copy, protections, protections, childProcessInheritance);
+ kern_return_t result = mach_vm_map(mach_task_self(), reinterpret_cast<mach_vm_address_t*>(&aligned), bytes, alignment - 1, flags, MEMORY_OBJECT_NULL, 0, copy, protections, protections, childProcessInheritance);
ASSERT_UNUSED(result, result == KERN_SUCCESS || !aligned);
#if HAVE(MADV_FREE_REUSE)
if (aligned) {
@@ -178,8 +178,18 @@
return aligned;
#else
- // Double the size so we can ensure enough mapped memory to get an aligned start.
- size_t mappedSize = bytes * 2;
+#ifdef MAP_ALIGNED
+
+ void* result = mmap(0, bytes, PROT_NONE, MAP_NORESERVE | MAP_PRIVATE | MAP_ANON | MAP_ALIGNED(getLSBSet(alignment)), -1, 0);
+ if (result == MAP_FAILED)
+ return nullptr;
+ if (result)
+ madvise(result, bytes, MADV_DONTNEED);
+ return result;
+#else
+
+ // Add the alignment so we can ensure enough mapped memory to get an aligned start.
+ size_t mappedSize = bytes + alignment;
char* mapped = reinterpret_cast<char*>(tryReserveUncommitted(mappedSize, usage, writable, executable, jitCageEnabled, includesGuardPages));
char* mappedEnd = mapped + mappedSize;
@@ -195,7 +205,8 @@
releaseDecommitted(alignedEnd, rightExtra);
return aligned;
-#endif
+#endif // MAP_ALIGNED
+#endif // PLATFORM(MAC) || USE(APPLE_INTERNAL_SDK)
}
void* OSAllocator::reserveAndCommit(size_t bytes, Usage usage, bool writable, bool executable, bool jitCageEnabled, bool includesGuardPages)
Modified: branches/safari-614.1.3-branch/Source/WTF/wtf/win/OSAllocatorWin.cpp (289780 => 289781)
--- branches/safari-614.1.3-branch/Source/WTF/wtf/win/OSAllocatorWin.cpp 2022-02-15 00:14:28 UTC (rev 289780)
+++ branches/safari-614.1.3-branch/Source/WTF/wtf/win/OSAllocatorWin.cpp 2022-02-15 00:14:57 UTC (rev 289781)
@@ -56,13 +56,14 @@
return result;
}
-void* OSAllocator::tryReserveUncommittedAligned(size_t bytes, Usage usage, bool writable, bool executable, bool, bool)
+void* OSAllocator::tryReserveUncommittedAligned(size_t bytes, size_t alignment, Usage usage, bool writable, bool executable, bool, bool)
{
- ASSERT(hasOneBitSet(bytes) && bytes >= pageSize());
+ ASSERT(hasOneBitSet(alignment) && alignment >= pageSize());
+
if (VirtualAlloc2Ptr()) {
MEM_ADDRESS_REQUIREMENTS addressReqs = { };
MEM_EXTENDED_PARAMETER param = { };
- addressReqs.Alignment = bytes;
+ addressReqs.Alignment = alignment;
param.Type = MemExtendedParameterAddressRequirements;
param.Pointer = &addressReqs;
void* result = VirtualAlloc2Ptr()(nullptr, nullptr, bytes, MEM_RESERVE, protection(writable, executable), ¶m, 1);
@@ -69,8 +70,9 @@
return result;
}
- void* result = VirtualAlloc(nullptr, bytes, MEM_RESERVE, protection(writable, executable));
- char* aligned = reinterpret_cast<char*>(roundUpToMultipleOf(bytes, reinterpret_cast<uintptr_t>(result)));
+ void* result = tryReserveUncommitted(bytes + alignment);
+ // There's no way to release the reserved memory on Windows, from what I can tell as the whole segment has to be released at once.
+ char* aligned = reinterpret_cast<char*>(roundUpToMultipleOf(alignment, reinterpret_cast<uintptr_t>(result)));
return aligned;
}
