Lion x86 compatibility for mach_override.

This enables makeIslandExecutable for x86. Main executables linked and run on Mac OS X 10.7 ("Lion") have non-executable heap pages by default. BUG=79642 TEST=Build and run on Lion. Renderers should not crash instantly. Review URL: http://codereview.chromium.org/7492012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93690 0039d316-1c4b-4281-b951-d872f2087c98
author: mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-07-22 20:08:01 +0000
committer: mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-07-22 20:08:01 +0000
commit: 6201e21a3f78df752d25f8ac4dd8a34e0c8e5139 (patch)
tree: 0e2ba6a473fd0979fd0c47351d1c2f43277a76be /third_party/mach_override
parent: 534b2ea0e41937778fe56dcbf5ef9f777dc981de (diff)
download: chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.zip
chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.tar.gz
chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.tar.bz2
2 files changed, 31 insertions, 13 deletions
diff --git a/third_party/mach_override/README.chromium b/third_party/mach_override/README.chromium
index 20bbae5..a1d5c69 100644
--- a/third_party/mach_override/README.chromium
+++ b/third_party/mach_override/README.chromium
@@ -5,12 +5,11 @@ URL: https://github.com/rentzsch/mach_star
 Date: 04/18/2011
 Revision: 32c4560eb09848073f69
 License: MIT
-Security Critical: Yes.
+Security Critical: Yes
 
 
 Description:
-This is the mach_override part of the lastest (as of 04/11/2011) revision of
-mach_star, namely:
+This is the mach_override part of mach_star, namely:
 
   https://github.com/rentzsch/mach_star/tree/aeb1720815c7255070da0f548267ccfdf7bd50b7
 
@@ -20,4 +19,21 @@ implementations at run time.
 
 Local Modifications:
 
-None; all local changes have been upstreamed.
+Enabled makeIslandExecutable for 32-bit i386. Main executables linked and run
+on Mac OS X 10.7 ("Lion") have non-executable heap pages by default. See
+http://crbug.com/79642.
+
+Changed the logic surrounding calls to makeIslandExecutable so that
+mach_override_ptr can return successfully when originalFunctionReentryIsland,
+an optional argument, is NULL. Failure in makeIslandExecutable will now
+trigger cleanup of allocated memory.
+
+Changed allocateBranchIsland to use a more appropriate address range per
+http://developer.apple.com/library/mac/#documentation/Performance/Conceptual/LaunchTime/Articles/Prebinding.html.
+The range for x86 (32-bit) with kAllocateHigh set is now [0xffc00000,
+0xffe00000). In this configuration, the loop is now guaranteed to terminate
+instead of exceeding its permitted range. Previously, this function would
+begin looking for a page at 0xfefff000 and would not stop, even after wrapping
+around to low memory. The URL above states 0xfefff000 is within a range marked
+"Reserved for use by the pasteboard and other system services. Do not use this
+address range."
diff --git a/third_party/mach_override/mach_override.c b/third_party/mach_override/mach_override.c
index 30b6afd..4e1c4bc 100644
--- a/third_party/mach_override/mach_override.c
+++ b/third_party/mach_override/mach_override.c
@@ -145,12 +145,12 @@ eatKnownInstructions(
 #pragma mark	-
 #pragma mark	(Interface)
 
-#if defined(__x86_64__)
+#if defined(__i386__) || defined(__x86_64__)
 mach_error_t makeIslandExecutable(void *address) {
 	mach_error_t err = err_none;
     vm_size_t pageSize;
     host_page_size( mach_host_self(), &pageSize );
-    uint64_t page = (uint64_t)address & ~(uint64_t)(pageSize-1);
+    uintptr_t page = (uintptr_t)address & ~(uintptr_t)(pageSize-1);
     int e = err_none;
     e |= mprotect((void *)page, pageSize, PROT_EXEC | PROT_READ | PROT_WRITE);
     e |= msync((void *)page, pageSize, MS_INVALIDATE );
@@ -301,6 +301,13 @@ mach_override_ptr(
 	}
 #endif
 	
+#if defined(__i386__) || defined(__x86_64__)
+	if ( !err )
+	        err = makeIslandExecutable( escapeIsland );
+	if ( !err && reentryIsland )
+	        err = makeIslandExecutable( reentryIsland );
+#endif
+	
 	//	Clean up on error.
 	if( err ) {
 		if( reentryIsland )
@@ -309,11 +316,6 @@ mach_override_ptr(
 			freeBranchIsland( escapeIsland );
 	}
 
-#if defined(__x86_64__)
-        err = makeIslandExecutable(escapeIsland);
-        err = makeIslandExecutable(reentryIsland);
-#endif
-	
 	return err;
 }
 
@@ -355,8 +357,8 @@ allocateBranchIsland(
 			vm_address_t first = (uint64_t)originalFunctionAddress & ~(uint64_t)(((uint64_t)1 << 31) - 1) | ((uint64_t)1 << 31); // start in the middle of the page?
 			vm_address_t last = 0x0;
 #else
-			vm_address_t first = 0xfeffffff;
-			vm_address_t last = 0xfe000000 + pageSize;
+			vm_address_t first = 0xffc00000;
+			vm_address_t last = 0xfffe0000;
 #endif
 
 			vm_address_t page = first;
author	mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-07-22 20:08:01 +0000
committer	mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-07-22 20:08:01 +0000
commit	6201e21a3f78df752d25f8ac4dd8a34e0c8e5139 (patch)
tree	0e2ba6a473fd0979fd0c47351d1c2f43277a76be /third_party/mach_override
parent	534b2ea0e41937778fe56dcbf5ef9f777dc981de (diff)
download	chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.zip chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.tar.gz chromium_src-6201e21a3f78df752d25f8ac4dd8a34e0c8e5139.tar.bz2