[Webkit-unassigned] [Bug 130156] Allocate the data section on the heap again for FTL on ARM64
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 13 07:12:20 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=130156
--- Comment #3 from Filip Pizlo <fpizlo at apple.com> 2014-03-13 07:12:42 PST ---
(In reply to comment #2)
> (From update of attachment 226549 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=226549&action=review
>
> r=me
>
> > Source/JavaScriptCore/ftl/FTLCompile.cpp:84
> > + // Allocate the GOT in the code section to make it reachable for all code.
> > + if (!strcmp(sectionName, "__got"))
> > + return mmAllocateCodeSection(opaqueState, size, alignment, sectionID, sectionName);
>
> As a follow-up, we'll need to allocate the GOT outside executable memory -- otherwise we're still subject to "JIT spray" attacks.
No it won't. The GOT is just a table of pointers. We control it entirely.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list