Attachment 359555 Details for Bug 193601 – Patch

[patch] Patch

bug-193601-20190118163631.patch (text/plain), 3.90 KB, created by Keith Miller on 2019-01-18 16:36:33 PST

(hide)

Description:

Filename:

MIME Type:

Creator: Keith Miller

Created: 2019-01-18 16:36:33 PST

Size: 3.90 KB

patch

obsolete

>Subversion Revision: 240175
>diff --git a/Source/bmalloc/ChangeLog b/Source/bmalloc/ChangeLog
>index 019f289e64bdd4e47dea7b05e33feaaed8c38da8..6bfe89277e4a1eb0789db17c635a98d0a5c46e94 100644
>--- a/Source/bmalloc/ChangeLog
>+++ b/Source/bmalloc/ChangeLog
>@@ -1,3 +1,19 @@
>+2019-01-18  Keith Miller  <keith_miller@apple.com>
>+
>+        gigacage slide should randomize both start and end
>+        https://bugs.webkit.org/show_bug.cgi?id=193601
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        This patch makes it so that the gigacade slide has an arbitrary
>+        distance from the end as well as the start. This is done by
>+        picking a random size then based on that size picking an random
>+        starting offset.
>+
>+        * bmalloc/Gigacage.h:
>+        * bmalloc/Heap.cpp:
>+        (bmalloc::Heap::Heap):
>+
> 2019-01-18  Keith Miller  <keith_miller@apple.com>
> 
>         Gigacages should start allocations from a slide
>diff --git a/Source/bmalloc/bmalloc/Gigacage.h b/Source/bmalloc/bmalloc/Gigacage.h
>index 7121dff64b9d8fa9d3020da31dc72bdc9db5af33..70cce67a245b43395132bfddaa4166a3be833b42 100644
>--- a/Source/bmalloc/bmalloc/Gigacage.h
>+++ b/Source/bmalloc/bmalloc/Gigacage.h
>@@ -70,13 +70,13 @@ BINLINE const char* name(Kind kind)
> constexpr size_t primitiveGigacageSize = 2 * bmalloc::Sizes::GB;
> constexpr size_t jsValueGigacageSize = 1 * bmalloc::Sizes::GB;
> constexpr size_t gigacageBasePtrsSize = 16 * bmalloc::Sizes::kB;
>-constexpr size_t minimumCageSizeAfterSlide = bmalloc::Sizes::GB / 2;
>+constexpr size_t maximumCageSizeReductionForSlide = bmalloc::Sizes::GB / 2;
> #define GIGACAGE_ALLOCATION_CAN_FAIL 1
> #else
> constexpr size_t primitiveGigacageSize = 32 * bmalloc::Sizes::GB;
> constexpr size_t jsValueGigacageSize = 16 * bmalloc::Sizes::GB;
> constexpr size_t gigacageBasePtrsSize = 4 * bmalloc::Sizes::kB;
>-constexpr size_t minimumCageSizeAfterSlide = 4 * bmalloc::Sizes::GB;
>+constexpr size_t maximumCageSizeReductionForSlide = 4 * bmalloc::Sizes::GB;
> #define GIGACAGE_ALLOCATION_CAN_FAIL 0
> #endif
> 
>@@ -90,8 +90,8 @@ constexpr size_t minimumCageSizeAfterSlide = 4 * bmalloc::Sizes::GB;
> 
> static_assert(bmalloc::isPowerOfTwo(primitiveGigacageSize), "");
> static_assert(bmalloc::isPowerOfTwo(jsValueGigacageSize), "");
>-static_assert(primitiveGigacageSize > minimumCageSizeAfterSlide, "");
>-static_assert(jsValueGigacageSize > minimumCageSizeAfterSlide, "");
>+static_assert(primitiveGigacageSize > maximumCageSizeReductionForSlide, "");
>+static_assert(jsValueGigacageSize > maximumCageSizeReductionForSlide, "");
> 
> constexpr size_t gigacageSizeToMask(size_t size) { return size - 1; }
> 
>diff --git a/Source/bmalloc/bmalloc/Heap.cpp b/Source/bmalloc/bmalloc/Heap.cpp
>index e0e300459d2dd8788091928e89bef35621a13b1c..528cfebf973d23d8c3453e279396b22da726cc0c 100644
>--- a/Source/bmalloc/bmalloc/Heap.cpp
>+++ b/Source/bmalloc/bmalloc/Heap.cpp
>@@ -62,12 +62,12 @@ Heap::Heap(HeapKind kind, std::lock_guard<Mutex>&)
> #if GIGACAGE_ENABLED
>         if (usingGigacage()) {
>             RELEASE_BASSERT(gigacageBasePtr());
>-            uint64_t random;
>-            cryptoRandom(reinterpret_cast<unsigned char*>(&random), sizeof(random));
>-            ptrdiff_t offset = random % (gigacageSize() - Gigacage::minimumCageSizeAfterSlide);
>-            offset = reinterpret_cast<ptrdiff_t>(roundDownToMultipleOf(vmPageSize(), reinterpret_cast<void*>(offset)));
>+            uint64_t random[2];
>+            cryptoRandom(reinterpret_cast<unsigned char*>(random), sizeof(random));
>+            size_t size = roundDownToMultipleOf(vmPageSize(), gigacageSize() - (random[0] % Gigacage::maximumCageSizeReductionForSlide));
>+            ptrdiff_t offset = roundDownToMultipleOf(vmPageSize(), random[1] % (gigacageSize() - size));
>             void* base = reinterpret_cast<unsigned char*>(gigacageBasePtr()) + offset;
>-            m_largeFree.add(LargeRange(base, gigacageSize() - offset, 0, 0));
>+            m_largeFree.add(LargeRange(base, size, 0, 0));
>         }
> #endif
>     }

Actions: View | Formatted Diff | Diff

Attachments on bug 193601: 359555 | 359569