Commit 2890419f authored by Clemens Backes's avatar Clemens Backes Committed by V8 LUCI CQ

[wasm] Disable permission switching if MAP_JIT is available

The combination of --wasm-write-protect-code-memory and MAP_JIT was not
handled correctly. We were trying to unnecessarily switch permissions,
and a DCHECK was failing because the writers count was not increased
previously (because the {CodeSpaceWriteScope} uses a separate
implementation if MAP_JIT is available).

This CL fixes the issues by explicitly setting
{WasmCodeAllocator::protect_code_memory_} to false if MAP_JIT is being
used.

R=jkummerow@chromium.org

Bug: v8:12070
Change-Id: Ifb05ba01f8e2e7781d7c29fe80d1144a3d65543b
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3089159Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76233}
parent 615feab7
...@@ -515,6 +515,7 @@ constexpr size_t WasmCodeAllocator::kMaxCodeSpaceSize; ...@@ -515,6 +515,7 @@ constexpr size_t WasmCodeAllocator::kMaxCodeSpaceSize;
WasmCodeAllocator::WasmCodeAllocator(std::shared_ptr<Counters> async_counters) WasmCodeAllocator::WasmCodeAllocator(std::shared_ptr<Counters> async_counters)
: protect_code_memory_( : protect_code_memory_(
!V8_HAS_PTHREAD_JIT_WRITE_PROTECT &&
FLAG_wasm_write_protect_code_memory && FLAG_wasm_write_protect_code_memory &&
!GetWasmCodeManager()->HasMemoryProtectionKeySupport()), !GetWasmCodeManager()->HasMemoryProtectionKeySupport()),
async_counters_(std::move(async_counters)) { async_counters_(std::move(async_counters)) {
......
...@@ -560,6 +560,9 @@ class WasmCodeAllocator { ...@@ -560,6 +560,9 @@ class WasmCodeAllocator {
// End of fields protected by {mutex_}. // End of fields protected by {mutex_}.
////////////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////////////
// {protect_code_memory_} is true if traditional memory permission switching
// is used to protect code space. It is false if {MAP_JIT} on Mac or PKU is
// being used, or protection is completely disabled.
const bool protect_code_memory_; const bool protect_code_memory_;
std::atomic<size_t> committed_code_space_{0}; std::atomic<size_t> committed_code_space_{0};
std::atomic<size_t> generated_code_size_{0}; std::atomic<size_t> generated_code_size_{0};
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment