summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--js/src/jit/MacroAssembler.cpp6
-rw-r--r--js/src/jit/ProcessExecutableMemory.cpp8
-rw-r--r--js/src/jit/ProcessExecutableMemory.h8
-rw-r--r--js/src/jit/shared/IonAssemblerBuffer.h4
-rw-r--r--js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h32
5 files changed, 9 insertions, 49 deletions
diff --git a/js/src/jit/MacroAssembler.cpp b/js/src/jit/MacroAssembler.cpp
index 9dbbe7624..f633b9b7b 100644
--- a/js/src/jit/MacroAssembler.cpp
+++ b/js/src/jit/MacroAssembler.cpp
@@ -2214,12 +2214,6 @@ MacroAssembler::finish()
}
MacroAssemblerSpecific::finish();
-
- MOZ_RELEASE_ASSERT(size() <= MaxCodeBytesPerProcess,
- "AssemblerBuffer should ensure we don't exceed MaxCodeBytesPerProcess");
-
- if (bytesNeeded() > MaxCodeBytesPerProcess)
- setOOM();
}
void
diff --git a/js/src/jit/ProcessExecutableMemory.cpp b/js/src/jit/ProcessExecutableMemory.cpp
index 301541541..71c2ab0dc 100644
--- a/js/src/jit/ProcessExecutableMemory.cpp
+++ b/js/src/jit/ProcessExecutableMemory.cpp
@@ -385,6 +385,14 @@ class PageBitSet
#endif
};
+// Limit on the number of bytes of executable memory to prevent JIT spraying
+// attacks.
+#if JS_BITS_PER_WORD == 32
+static const size_t MaxCodeBytesPerProcess = 128 * 1024 * 1024;
+#else
+static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024;
+#endif
+
// Per-process executable memory allocator. It reserves a block of memory of
// MaxCodeBytesPerProcess bytes, then allocates/deallocates pages from that.
//
diff --git a/js/src/jit/ProcessExecutableMemory.h b/js/src/jit/ProcessExecutableMemory.h
index a0e2fab98..078ce7cb7 100644
--- a/js/src/jit/ProcessExecutableMemory.h
+++ b/js/src/jit/ProcessExecutableMemory.h
@@ -17,14 +17,6 @@ namespace jit {
// alignment though.
static const size_t ExecutableCodePageSize = 64 * 1024;
-// Limit on the number of bytes of executable memory to prevent JIT spraying
-// attacks.
-#if JS_BITS_PER_WORD == 32
-static const size_t MaxCodeBytesPerProcess = 128 * 1024 * 1024;
-#else
-static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024;
-#endif
-
enum class ProtectionSetting {
Protected, // Not readable, writable, or executable.
Writable,
diff --git a/js/src/jit/shared/IonAssemblerBuffer.h b/js/src/jit/shared/IonAssemblerBuffer.h
index 3a6552696..cc20e26d2 100644
--- a/js/src/jit/shared/IonAssemblerBuffer.h
+++ b/js/src/jit/shared/IonAssemblerBuffer.h
@@ -181,10 +181,6 @@ class AssemblerBuffer
protected:
virtual Slice* newSlice(LifoAlloc& a) {
- if (size() > MaxCodeBytesPerProcess - sizeof(Slice)) {
- fail_oom();
- return nullptr;
- }
Slice* tmp = static_cast<Slice*>(a.alloc(sizeof(Slice)));
if (!tmp) {
fail_oom();
diff --git a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
index fe678fc7d..8cb557784 100644
--- a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
+++ b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
@@ -68,33 +68,6 @@ namespace js {
namespace jit {
- // AllocPolicy for AssemblerBuffer. OOMs when trying to allocate more than
- // MaxCodeBytesPerProcess bytes. Use private inheritance to make sure we
- // explicitly have to expose SystemAllocPolicy methods.
- class AssemblerBufferAllocPolicy : private SystemAllocPolicy
- {
- public:
- using SystemAllocPolicy::checkSimulatedOOM;
- using SystemAllocPolicy::reportAllocOverflow;
- using SystemAllocPolicy::free_;
-
- template <typename T> T* pod_realloc(T* p, size_t oldSize, size_t newSize) {
- static_assert(sizeof(T) == 1,
- "AssemblerBufferAllocPolicy should only be used with byte vectors");
- MOZ_ASSERT(oldSize <= MaxCodeBytesPerProcess);
- if (MOZ_UNLIKELY(newSize > MaxCodeBytesPerProcess))
- return nullptr;
- return SystemAllocPolicy::pod_realloc<T>(p, oldSize, newSize);
- }
- template <typename T> T* pod_malloc(size_t numElems) {
- static_assert(sizeof(T) == 1,
- "AssemblerBufferAllocPolicy should only be used with byte vectors");
- if (MOZ_UNLIKELY(numElems > MaxCodeBytesPerProcess))
- return nullptr;
- return SystemAllocPolicy::pod_malloc<T>(numElems);
- }
- };
-
class AssemblerBuffer
{
template<size_t size, typename T>
@@ -120,9 +93,6 @@ namespace jit {
void ensureSpace(size_t space)
{
- // This should only be called with small |space| values to ensure
- // we don't overflow below.
- MOZ_ASSERT(space <= 16);
if (MOZ_UNLIKELY(!m_buffer.reserve(m_buffer.length() + space)))
oomDetected();
}
@@ -198,7 +168,7 @@ namespace jit {
m_buffer.clear();
}
- PageProtectingVector<unsigned char, 256, AssemblerBufferAllocPolicy> m_buffer;
+ PageProtectingVector<unsigned char, 256, SystemAllocPolicy> m_buffer;
bool m_oom;
};