wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 926778 - Prevent executable allocator from handing out poisoned pointers with JSGC_ROOT_ANALYSIS, r=terrence

Browse Source
This commit is contained in:
Steve Fink 2013-10-15 15:35:00 -07:00
parent 243fdceb01
commit a59449cc10
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
js/src/assembler/jit/ExecutableAllocatorPosix.cpp
View File

@ -32,6 +32,7 @@
#include "assembler/wtf/Assertions.h"
#include "assembler/wtf/VMTags.h"
#include "js/Utility.h"
namespace JSC {
@ -42,7 +43,14 @@ size_t ExecutableAllocator::determinePageSize()
ExecutablePool::Allocation ExecutableAllocator::systemAlloc(size_t n)
{
void* allocation = mmap(NULL, n, INITIAL_PROTECTION_FLAGS, MAP_PRIVATE | MAP_ANON, VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY, 0);
void* allocation;
#ifdef JSGC_ROOT_ANALYSIS
do {
#endif
allocation = mmap(NULL, n, INITIAL_PROTECTION_FLAGS, MAP_PRIVATE | MAP_ANON, VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY, 0);
#ifdef JSGC_ROOT_ANALYSIS
} while (allocation && JS::IsPoisonedPtr(allocation));
#endif
if (allocation == MAP_FAILED)
allocation = NULL;
ExecutablePool::Allocation alloc = { reinterpret_cast<char*>(allocation), n };