Bug 998997 - Use PROT_NONE on POSIX and PAGE_NOACCESS on Windows when protecting JIT code. (r=luke)
authorShu-yu Guo <shu@rfrn.org>
Tue, 22 Apr 2014 14:13:14 -0700
changeset 199219 c2672cd82c959f0289b759a1fb63eb790ba3ed14
parent 199218 4e1aafbda8e4fd73909d756e53f5bd518f018584
child 199220 31b79b2c4a7a1afb3c521a74564a520bf044cbd8
push id486
push userasasaki@mozilla.com
push dateMon, 14 Jul 2014 18:39:42 +0000
treeherdermozilla-release@d33428174ff1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersluke
bugs998997
milestone31.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 998997 - Use PROT_NONE on POSIX and PAGE_NOACCESS on Windows when protecting JIT code. (r=luke)
js/src/assembler/jit/ExecutableAllocatorPosix.cpp
js/src/assembler/jit/ExecutableAllocatorWin.cpp
js/src/jit-test/tests/ion/iloop.js
--- a/js/src/assembler/jit/ExecutableAllocatorPosix.cpp
+++ b/js/src/assembler/jit/ExecutableAllocatorPosix.cpp
@@ -94,19 +94,20 @@ void ExecutableAllocator::reprotectRegio
 
 void
 ExecutablePool::toggleAllCodeAsAccessible(bool accessible)
 {
     char* begin = m_allocation.pages;
     size_t size = m_freePtr - begin;
 
     if (size) {
-        int flags = accessible
-                    ? PROT_READ | PROT_WRITE | PROT_EXEC
-                    : PROT_READ | PROT_WRITE;
+        // N.B. Some systems, like 32bit Mac OS 10.6, implicitly add PROT_EXEC
+        // when mprotect'ing memory with any flag other than PROT_NONE. Be
+        // sure to use PROT_NONE when making inaccessible.
+        int flags = accessible ? PROT_READ | PROT_WRITE | PROT_EXEC : PROT_NONE;
         if (mprotect(begin, size, flags))
             MOZ_CRASH();
     }
 }
 
 }
 
 #endif // HAVE(ASSEMBLER)
--- a/js/src/assembler/jit/ExecutableAllocatorWin.cpp
+++ b/js/src/assembler/jit/ExecutableAllocatorWin.cpp
@@ -111,18 +111,20 @@ void ExecutableAllocator::systemRelease(
 
 void
 ExecutablePool::toggleAllCodeAsAccessible(bool accessible)
 {
     char* begin = m_allocation.pages;
     size_t size = m_freePtr - begin;
 
     if (size) {
+        // N.B. DEP is not on automatically in Windows XP, so be sure to use
+        // PAGE_NOACCESS instead of PAGE_READWRITE when making inaccessible.
         DWORD oldProtect;
-        int flags = accessible ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE;
+        int flags = accessible ? PAGE_EXECUTE_READWRITE : PAGE_NOACCESS;
         if (!VirtualProtect(begin, size, flags, &oldProtect))
             MOZ_CRASH();
     }
 }
 
 #if ENABLE_ASSEMBLER_WX_EXCLUSIVE
 #error "ASSEMBLER_WX_EXCLUSIVE not yet suported on this platform."
 #endif
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/ion/iloop.js
@@ -0,0 +1,4 @@
+// |jit-test| exitstatus: 6;
+
+timeout(1);
+for(;;);