mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:18:48 +00:00
roytam1
aec5e5666e
- bug 1083930 - cpu spin during large h2/spdy upload r=hurley (0949388a6a)
- Bug 1241906 - Spdy deadlock on suspended channel r=hurley (f40e9677d5)
- Bug 1247205 - dont loop on http2 softerror r=dragana (2ab3cb69ef)
- Bug 1246778 - dont loop in nshttpconnection during shutdown r=dragana (0677b9d34b)
- Bug 1201037 - only send "HTTP pings" on seemingly idle connections, r=mcmanus (134198bc79)
- Bug 1174899 - discarded spdy data with fin attributed to wrong stream r=bagder (f3b801c734)
- Bug 1236170 - Make Http2Session::UncompressAndDiscard push-aware. r=mcmanus (e71634e853)
- Bug 1240025 - incorrect close state on pushed stream r=hurley (eb2832177a)
- Bug 1227931 - init Http2Stream::mReceivedData in the constructor. r=nwgh (44f1d8e897)
- Bug 241788 - net_FilterURIString should filter \r\n\t from the entire URL r=honzab (734d9b8cae)
- Bug 1259459 - h2 0 length options puts end-stream on headers r=hurley (31ac211a9b)
- Bug 1174899 - fixup log format strings for spdy/h2 r=bagder (967c9ff71e)
- Bug 1211694 - dataLength has been added twice. r=mcmanus (6773981db3)
- cleanup (26517f5de0)
- Bug 1247998 - Let nsHttpChannel::AsyncOpen* throw after nsHttpHandler has been shutdown, r=mcmanus (90bb2364be)
- Bug 1231512 - Allow nsIHttpChannel.redirectTo() work also on an open channel, r=jduell (198fb72816)
- Bug 1242472 - Properly propagate mTopWindowURI through redirects. r=francois/ckerschb (1d27a15770)
- Bug 1133873 - some spdy logs r=hurley (cd95cfed5a)
- bug 1215724 - enable brotli on spdy r=hurley (83cca72fa5)
- Bug 137852 - Add a new working HTTP authentication identity to the begining of the session cache list. r=honzab (f670349771)
- Bug 1245414, part 1 - Delete the mfbt/decimal/LICENSE* files since upstream now just uses inline comments. r=Waldo (15bb211e14)
- Bug 1245414, part 2 - Update mfbt/decimal/update.sh to reflect Blink's switch from svn to git, and the different files we now pull. r=Waldo (4dd0b5916a)
- Bug 1245414, part 3 - Overwrite mfbt/decimal/Decimal.* with vanilla upstream copies. r=Waldo (98f7ba4711)
- Bug 1245414, part 4 - Update mfbt/decimal/zero-serialization.patch. r =Waldo (055e1354a7)
- Bug 1245414, part 5 - Update mfbt/decimal/comparison-with-nan.patch. r=Waldo (583e0f3e76)
- Bug 1245414, part 6 - Update mfbt/decimal/mfbt-abi-markers.patch. r=Waldo (148b1ac08b)
- Bug 1245414, part 7 - Update mfbt/decimal/to-moz-dependencies.patch. r=Waldo (2e2a6a33d7)
- Bug 1245414, part 8 - Remove mfbt/decimal/floor-ceiling.patch now that the issue is fixed upstream. r=Waldo (84fc02c068)
- Bug 1245414, part 9 - Disable mfbt/decimal/fix-wshadow-warnings.patch. r=cpeterson (4476d04c5d)
- Bug 1245414, part 10 - Apply the Mozilla patches via mfbt/decimal/update.sh. r=Waldo (1f95ef5524)
- Bug 1247082 - Suppress rendering of nsBackdropFrame for VR content r=dholbert (0ffeae4267)
- Bug 1206545 - Initialize AccessibleCaretEventHub in nsCanvasFrame. r=roc (687d4997fb)
- Bug 591737 - Add SummaryFrame. r=bz (1b750bfeb8)
- Bug 1165893 - Fix rounding issue in nsDisplaySelectionOverlay::Paint. r=mattwoodro (9994cc983a)
- Bug 1245450 - Only setup AutoSaveRestorePerspectiveIndex for the descendants of the element with perspective. r=roc (fe8a350417)
- Bug 1243282 - Wrap items having clips with a separator. r=mattwoodrow (915737e3d0)
- Bug 1223232 - Use GetUsedBorder() instead of the computed border value when calculating CB size. r=roc (f4c05b30c7)
- Bug 1223232 - Crashtest. (394e112818)
- Bug 1230665 - Make anonymous flex/grid items non-tabbable and non-focusable. r=roc (0d3f70e672)
- Bug 1142295 - Closing descriptor when GECKO_DISPLAY_REFLOW_RULES_FILE is setted. r=erahm (664ae6ba0a)
- minor change (b914bd2602)
- Bug 1237754 part 1 - [css-grid][css-align] Make 'align/justify-content:normal' behave as 'stretch' for Grid containers. r=dholbert (09a9a09629)
- Bug 1237754 part 2 - [css-grid][css-align] Test updates to account for new default behavior for 'align/justify-content'. (5e62e837ff)
- minor of Bug 1141931 part 2 (a12f5b430e)
- Bu 974309: Fixes the IsEditable() logic for table cells. r=ehsan (2a3caa932f)
- Bug 1238137 - Telemetry pings for main thread keyboard-driven scroll input methods. r=ehsan (e9c07427f9)
- Bug 1238137 - Telemetry pings for main thread scrolling to bring the caret into view after moving it in response to keyboard input. r=ehsan (834bc12b7a)
- Bug 1246405 - Declare mTextRun earlier to avoid alignment spill on 64-bit architectures. r=roc (7ba93b72c9)
- Fixing bug 440486. Work around a Windows XP fax dialog bug. r=rstrong. (a59409acd6)
- Bug 1240911 - Prevent SerializedStructuredCloneBuffer from escaping into the heap. r=amarchesini (2c0b7c474b)
- Bug 1240985 - Hold off processing some messages during timeout (r=dvander) (10f6f6d7a2)
- Bug 1146471 - Release thread asserts for IPC (r=dvander) (f94d0ee09a)
- Bug 1240985 - Fix bug where mAwaitingSyncReply can be overwritten in Send after Cancel (r=dvander) (7b95acdca6)
- Bug 1193861: Log to the process log when launching a sandboxed process on Windows. r=billm (0ad1afd0d0)
- Bug 1233061 - add override declarations for MessagePumpForNonMainUIThreads; r=billm (94b9a5bfe9)
- Bug 1172467: Fix an IPC channel file descriptor leak from Nuwa to the child process. r=khuey (908601ed0e)
- Bug 1240985 - Check WasTransactionCanceled after timeout (and avoid timing out) (r=dvander) (33aade0a92)
- Bug 1237458 - Use MOZ_RELEASE_ASSERT for IPC assertions (r=jld) (cb0f058205)
- Bug 1247429 - Warn instead of error if shmem deallocated before IPDL sends it. r=nical (3c94d99b21)
- Bug 1175999 - Deallocate mach SharedMemory properly. r=blassey. (542649b570)
- Bug 1188186 - Fix leak of FDs in |CreateTransport|. r=bds (a40b9a0c58)
- Bg 1240607 - Force CreateWindow hooks to be detours. r=jmathies (895d1c21c4)
- Bug 1209464: Fix missing neutered window region in MessageChannel::WaitForInterruptNotify. Regression from bug 1189709; r=jimm (204256880b)
- Bug 1229825 - Make GIF deinterlacer respect the frame rect bounds. r=tn (904f6bd9b7)
- Bug 1242093 - Fix assertion in Downscaler::ClearRow. r=njn (63ffe82e99)
- Bug 1235859 - Add FrameSize to non-skia downscaler. r=edwin (e7474630e0)
- Bug 1237709: During RasterImage error-handling cleanup, set UniquePtr mAnim to null instead of using reset(), to avoid leaking. r=dholbert (b064f9c20d)
- Bug 1235605 - Use CheckedInt in Deinterlacer and make its buffer allocation fallible. r=tn (f6f3858c65)
- cleanup (f02aa9441e)
- Bug 1242778: Add MOZ_COUNT_CTOR & MOZ_COUNT_DTOR calls to track leaks of imagelib's FrameAnimator class. r=tn (b1aa366694)
- Bug 1241728. Add crashtest. (17d80a3387)
- Bug 1241729. Add crashtest. (bd6d7337d7)
- Bug 1241728. Limit the size of images that we will downscale from to 1048576 pixels. r=edwin (ad38a82aad)
- Bug 1218782 - use fallible allocations in Downscaler.cpp; r=seth (b22caa1121)
- Bug 1224979. Check if we compute usable filters for the downscaler, and if not put the downscaler in error state so it's not used. r=edwin (8fb59463ef)
- Bug 1235297 - Annotate intentional switch fallthroughs to suppress -Wimplicit-fallthrough warnings in image/decoders/. r=tn (094c37c0fe)
- Bug 1238558 (part 1) - Add Decoder::BeforeFinishInternal(). r=tnikkel. (c7922054d6)
- Bug 1238558 (part 2) - Add a test. r=tnikkel. (7e09caf47f)
- Bug 1238551 (part 2) - Add a test. r=tn. (f548a2cb97)
- Bug 1238551 (part 1) - Reject BITMAPV3INFOHEADER BMP images. r=tn. (c4c8f95cb3)
- Bug 1240629. Don't buffer image file data that we are never going to look at in the gap between the header and the pixel data for BMP files. r=njn (f580910cd3)
- Bug 1237171 - Improve a case where ICO and BMP files disagree on an image size. r=tn. (615db65802)
- Bug 1220021 (part 1) - Don't treat 0RGB ICO files as transparent. r=seth. (b97298285f)
- Bug 1220021 (part 2) - Add four reftests. r=seth. (b1e7b58a98)
- Bug 1163856 (Part 2) - Fix tests that depended on image load event timing. r=tn (4304c676a0)
- Bug 1207958 - Fix heuristic for choosing which ICO sub-image to render - r=tn (3d4db5a033)
- Bug 987625 - Conditionally define MOZ_PNG_MAX_DIMENSION. r=jrmuizel (859bae490c)
- Bug 75077 - Interpolate interlaced PNG images instead of libpng blocky display. r=seth (bc17b43fa6)
- fix side-effect of 1219405 (6536821e18)
- Bug 1245845, part 1 - Stop Moz2D Path::CopyToBuilder/TransformedCopyToBuilder implicitly converting the Path's FillRule. r=Bas (ecc552f359)
- Bug 1245845, part 2 - Remove code that is now useless from gfxContext::EnsurePath. r=Bas (2430be2837)
- Bug 1237448 - Moz2Dify two functions in gfxSurfaceDrawable. r=roc. (bb768302c5)
- Bug 1231888 (follow-up) - Simplify CurrentSurface(). r=jrmuizel. (303cea98f3)
- Bug 1247380: Only copy the background if we can succesfully get a snapshot. r=jrmuizel (13b64445e9)
- Bug 1228507 - Initialize mBlendOpacity. r=Bas (b301a2c9f4)
- Bug 1238846 (part 2) - Remove gfxContext::mOriginalDT, which is unused. r=mattwoodrow. (a5b0f948b7)
- Bug 1240819 - cleanup dead branches in gfxXlibNativeRender.cpp. r=jrmuizel (57bbec6693)
- Bug 1234950 - When advancing APZ animations, use the next vsync timestamp instead of the current one, since that is what will be composited. r=mstange (421829d459)
- Bug 1021845 - Don't skip checkerboarding layers during compositing, even if the layer's visible region is empty. r=botond (6cf1497019)
- Bug 1230149 - check bigImgIter to see if it's not null. r=jmuizelaar (aeef579f9f)
- Bug 1248325 - Update BufferTextureHost::GetAsSurface() r=nical (39a8b3ca71)
- reapply per misspatch Bug 1200595 - Consolidate the TextureClient's destruction logic (68966e4dc3)
- Bug 1249245 - Add missing header gfxPrefs.h to GrallocTextureClient.cpp. r=cyu (676669eb01)
- Bug 1245057: Refer to |gfx::IntPoint| in |GrallocTextureHostOGL::SetCropRect|, r=sotaro (99e572f3f6)
- Bug 1240867 - Fix non-unified build bustage in OGLShaderProgram.cpp. r=nical (0071f08285)
- Bug 1238015 - Make sure PTexture actors are destroyed after all messages referring to them are sent. r=sotaro (250f99b4a4)
- Bug 1220895 - Add layerviewer for layer tree & display list visualization NPOTB. r=botond (fa211145a1)
- Bug 1213464 - ImageBridgeChild and CompositorChild should delete their Transport. r=billm (a37a0dbdfd)
- Bug 1234343 (part 1) - Make GfxMemoryImageReporter::sAmount signed. r=Bas. (18f0cb61ec)
- Bug 1234343 (part 2) - Add a missing GfxMemoryImageReporter::DidAlloc() call. r=Bas. (69df7f3674)
- Bug 1245249 - Check actor state before calling Send__delete__(); r=luke (65716a5915)
- Bug 1221418 - A better cleanup method for AsmJSCache::ChildRunnable, r=janv (5c8c023b9d)
- Bug 1235657 - Session storage needs to handle origin attributes correctly - part 1 - createOriginAttributesWithUserContextId, r=huseby (f2df8109ef)
- Bug 1245954 - Console StartTimer/StopTimer and IncrementCounter should run in the owning thread, r=bz (64f73d7759)
- Bug 1245957 - Adding assertions in Console about in which thread is running what, r=bz (291ee70e2d)
- Bug 1248022 - ConsoleEvent.styles can be a sequence of nullable strings, r=bz (b94ec79ac0)
- Bug 1245242 - Normalize to unit vector for DOMMatrix.rotateAxisAngleSelf. r=roc (3a9e684b4d)
- Bug 1236329. Back out the patch for bug 492933 (revision d8012b35413b) because it's not web-compatible in practice. r=smaug (f6540d84c3)
- mTarget can be null in CanvasRenderingContext2D::ClearRect(), return early if so. (13e8a4e26a)
499 lines
14 KiB
C++
499 lines
14 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
|
* vim: sw=2 ts=8 et :
|
|
*/
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "Shmem.h"
|
|
|
|
#include "ProtocolUtils.h"
|
|
#include "SharedMemoryBasic.h"
|
|
|
|
#include "mozilla/unused.h"
|
|
|
|
|
|
namespace mozilla {
|
|
namespace ipc {
|
|
|
|
class ShmemCreated : public IPC::Message
|
|
{
|
|
private:
|
|
typedef Shmem::id_t id_t;
|
|
|
|
public:
|
|
ShmemCreated(int32_t routingId,
|
|
id_t aIPDLId,
|
|
size_t aSize,
|
|
SharedMemory::SharedMemoryType aType) :
|
|
IPC::Message(routingId, SHMEM_CREATED_MESSAGE_TYPE, PRIORITY_NORMAL)
|
|
{
|
|
IPC::WriteParam(this, aIPDLId);
|
|
IPC::WriteParam(this, aSize);
|
|
IPC::WriteParam(this, int32_t(aType));
|
|
}
|
|
|
|
static bool
|
|
ReadInfo(const Message* msg, void** iter,
|
|
id_t* aIPDLId,
|
|
size_t* aSize,
|
|
SharedMemory::SharedMemoryType* aType)
|
|
{
|
|
if (!IPC::ReadParam(msg, iter, aIPDLId) ||
|
|
!IPC::ReadParam(msg, iter, aSize) ||
|
|
!IPC::ReadParam(msg, iter, reinterpret_cast<int32_t*>(aType)))
|
|
return false;
|
|
return true;
|
|
}
|
|
|
|
void Log(const std::string& aPrefix,
|
|
FILE* aOutf) const
|
|
{
|
|
fputs("(special ShmemCreated msg)", aOutf);
|
|
}
|
|
};
|
|
|
|
class ShmemDestroyed : public IPC::Message
|
|
{
|
|
private:
|
|
typedef Shmem::id_t id_t;
|
|
|
|
public:
|
|
ShmemDestroyed(int32_t routingId,
|
|
id_t aIPDLId) :
|
|
IPC::Message(routingId, SHMEM_DESTROYED_MESSAGE_TYPE, PRIORITY_NORMAL)
|
|
{
|
|
IPC::WriteParam(this, aIPDLId);
|
|
}
|
|
};
|
|
|
|
static SharedMemory*
|
|
NewSegment(SharedMemory::SharedMemoryType aType)
|
|
{
|
|
if (SharedMemory::TYPE_BASIC == aType) {
|
|
return new SharedMemoryBasic;
|
|
} else {
|
|
NS_ERROR("unknown Shmem type");
|
|
return nullptr;
|
|
}
|
|
}
|
|
|
|
static already_AddRefed<SharedMemory>
|
|
CreateSegment(SharedMemory::SharedMemoryType aType, size_t aNBytes, size_t aExtraSize)
|
|
{
|
|
RefPtr<SharedMemory> segment = NewSegment(aType);
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
size_t size = SharedMemory::PageAlignedSize(aNBytes + aExtraSize);
|
|
if (!segment->Create(size) || !segment->Map(size)) {
|
|
return nullptr;
|
|
}
|
|
return segment.forget();
|
|
}
|
|
|
|
static already_AddRefed<SharedMemory>
|
|
ReadSegment(const IPC::Message& aDescriptor, Shmem::id_t* aId, size_t* aNBytes, size_t aExtraSize)
|
|
{
|
|
if (SHMEM_CREATED_MESSAGE_TYPE != aDescriptor.type()) {
|
|
NS_ERROR("expected 'shmem created' message");
|
|
return nullptr;
|
|
}
|
|
SharedMemory::SharedMemoryType type;
|
|
void* iter = nullptr;
|
|
if (!ShmemCreated::ReadInfo(&aDescriptor, &iter, aId, aNBytes, &type)) {
|
|
return nullptr;
|
|
}
|
|
RefPtr<SharedMemory> segment = NewSegment(type);
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
if (!segment->ReadHandle(&aDescriptor, &iter)) {
|
|
NS_ERROR("trying to open invalid handle");
|
|
return nullptr;
|
|
}
|
|
aDescriptor.EndRead(iter);
|
|
size_t size = SharedMemory::PageAlignedSize(*aNBytes + aExtraSize);
|
|
if (!segment->Map(size)) {
|
|
return nullptr;
|
|
}
|
|
// close the handle to the segment after it is mapped
|
|
segment->CloseHandle();
|
|
return segment.forget();
|
|
}
|
|
|
|
static void
|
|
DestroySegment(SharedMemory* aSegment)
|
|
{
|
|
// the SharedMemory dtor closes and unmaps the actual OS shmem segment
|
|
if (aSegment) {
|
|
aSegment->Release();
|
|
}
|
|
}
|
|
|
|
|
|
#if defined(DEBUG)
|
|
|
|
static const char sMagic[] =
|
|
"This little piggy went to market.\n"
|
|
"This little piggy stayed at home.\n"
|
|
"This little piggy has roast beef,\n"
|
|
"This little piggy had none.\n"
|
|
"And this little piggy cried \"Wee! Wee! Wee!\" all the way home";
|
|
|
|
|
|
struct Header {
|
|
// Don't use size_t or bool here because their size depends on the
|
|
// architecture.
|
|
uint32_t mSize;
|
|
uint32_t mUnsafe;
|
|
char mMagic[sizeof(sMagic)];
|
|
};
|
|
|
|
static void
|
|
GetSections(Shmem::SharedMemory* aSegment,
|
|
Header** aHeader,
|
|
char** aFrontSentinel,
|
|
char** aData,
|
|
char** aBackSentinel)
|
|
{
|
|
MOZ_ASSERT(aSegment && aFrontSentinel && aData && aBackSentinel,
|
|
"null param(s)");
|
|
|
|
*aFrontSentinel = reinterpret_cast<char*>(aSegment->memory());
|
|
MOZ_ASSERT(*aFrontSentinel, "null memory()");
|
|
|
|
*aHeader = reinterpret_cast<Header*>(*aFrontSentinel);
|
|
|
|
size_t pageSize = Shmem::SharedMemory::SystemPageSize();
|
|
*aData = *aFrontSentinel + pageSize;
|
|
|
|
*aBackSentinel = *aFrontSentinel + aSegment->Size() - pageSize;
|
|
}
|
|
|
|
static Header*
|
|
GetHeader(Shmem::SharedMemory* aSegment)
|
|
{
|
|
Header* header;
|
|
char* dontcare;
|
|
GetSections(aSegment, &header, &dontcare, &dontcare, &dontcare);
|
|
return header;
|
|
}
|
|
|
|
static void
|
|
Protect(SharedMemory* aSegment)
|
|
{
|
|
MOZ_ASSERT(aSegment, "null segment");
|
|
aSegment->Protect(reinterpret_cast<char*>(aSegment->memory()),
|
|
aSegment->Size(),
|
|
RightsNone);
|
|
}
|
|
|
|
static void
|
|
Unprotect(SharedMemory* aSegment)
|
|
{
|
|
MOZ_ASSERT(aSegment, "null segment");
|
|
aSegment->Protect(reinterpret_cast<char*>(aSegment->memory()),
|
|
aSegment->Size(),
|
|
RightsRead | RightsWrite);
|
|
}
|
|
|
|
//
|
|
// In debug builds, we specially allocate shmem segments. The layout
|
|
// is as follows
|
|
//
|
|
// Page 0: "front sentinel"
|
|
// size of mapping
|
|
// magic bytes
|
|
// Page 1 through n-1:
|
|
// user data
|
|
// Page n: "back sentinel"
|
|
// [nothing]
|
|
//
|
|
// The mapping can be in one of the following states, wrt to the
|
|
// current process.
|
|
//
|
|
// State "unmapped": all pages are mapped with no access rights.
|
|
//
|
|
// State "mapping": all pages are mapped with read/write access.
|
|
//
|
|
// State "mapped": the front and back sentinels are mapped with no
|
|
// access rights, and all the other pages are mapped with
|
|
// read/write access.
|
|
//
|
|
// When a SharedMemory segment is first allocated, it starts out in
|
|
// the "mapping" state for the process that allocates the segment, and
|
|
// in the "unmapped" state for the other process. The allocating
|
|
// process will then create a Shmem, which takes the segment into the
|
|
// "mapped" state, where it can be accessed by clients.
|
|
//
|
|
// When a Shmem is sent to another process in an IPDL message, the
|
|
// segment transitions into the "unmapped" state for the sending
|
|
// process, and into the "mapping" state for the receiving process.
|
|
// The receiving process will then create a Shmem from the underlying
|
|
// segment, and take the segment into the "mapped" state.
|
|
//
|
|
// In the "mapping" state, we use the front sentinel to verify the
|
|
// integrity of the shmem segment. If valid, it has a size_t
|
|
// containing the number of bytes the user allocated followed by the
|
|
// magic bytes above.
|
|
//
|
|
// In the "mapped" state, the front and back sentinels have no access
|
|
// rights. They act as guards against buffer overflows and underflows
|
|
// in client code; if clients touch a sentinel, they die with SIGSEGV.
|
|
//
|
|
// The "unmapped" state is used to enforce single-owner semantics of
|
|
// the shmem segment. If a process other than the current owner tries
|
|
// to touch the segment, it dies with SIGSEGV.
|
|
//
|
|
|
|
Shmem::Shmem(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
SharedMemory* aSegment, id_t aId) :
|
|
mSegment(aSegment),
|
|
mData(nullptr),
|
|
mSize(0)
|
|
{
|
|
MOZ_ASSERT(mSegment, "null segment");
|
|
MOZ_ASSERT(aId != 0, "invalid ID");
|
|
|
|
Unprotect(mSegment);
|
|
|
|
Header* header;
|
|
char* frontSentinel;
|
|
char* data;
|
|
char* backSentinel;
|
|
GetSections(aSegment, &header, &frontSentinel, &data, &backSentinel);
|
|
|
|
// do a quick validity check to avoid weird-looking crashes in libc
|
|
char check = *frontSentinel;
|
|
(void)check;
|
|
|
|
MOZ_ASSERT(!strncmp(header->mMagic, sMagic, sizeof(sMagic)),
|
|
"invalid segment");
|
|
mSize = static_cast<size_t>(header->mSize);
|
|
|
|
size_t pageSize = SharedMemory::SystemPageSize();
|
|
// transition into the "mapped" state by protecting the front and
|
|
// back sentinels (which guard against buffer under/overflows)
|
|
mSegment->Protect(frontSentinel, pageSize, RightsNone);
|
|
mSegment->Protect(backSentinel, pageSize, RightsNone);
|
|
|
|
// don't set these until we know they're valid
|
|
mData = data;
|
|
mId = aId;
|
|
}
|
|
|
|
void
|
|
Shmem::AssertInvariants() const
|
|
{
|
|
MOZ_ASSERT(mSegment, "null segment");
|
|
MOZ_ASSERT(mData, "null data pointer");
|
|
MOZ_ASSERT(mSize > 0, "invalid size");
|
|
// if the segment isn't owned by the current process, these will
|
|
// trigger SIGSEGV
|
|
char checkMappingFront = *reinterpret_cast<char*>(mData);
|
|
char checkMappingBack = *(reinterpret_cast<char*>(mData) + mSize - 1);
|
|
|
|
// avoid "unused" warnings for these variables:
|
|
Unused << checkMappingFront;
|
|
Unused << checkMappingBack;
|
|
}
|
|
|
|
void
|
|
Shmem::RevokeRights(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead)
|
|
{
|
|
AssertInvariants();
|
|
|
|
size_t pageSize = SharedMemory::SystemPageSize();
|
|
Header* header = GetHeader(mSegment);
|
|
|
|
// Open this up for reading temporarily
|
|
mSegment->Protect(reinterpret_cast<char*>(header), pageSize, RightsRead);
|
|
|
|
if (!header->mUnsafe) {
|
|
Protect(mSegment);
|
|
} else {
|
|
mSegment->Protect(reinterpret_cast<char*>(header), pageSize, RightsNone);
|
|
}
|
|
}
|
|
|
|
// static
|
|
already_AddRefed<Shmem::SharedMemory>
|
|
Shmem::Alloc(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
size_t aNBytes,
|
|
SharedMemoryType aType,
|
|
bool aUnsafe,
|
|
bool aProtect)
|
|
{
|
|
NS_ASSERTION(aNBytes <= UINT32_MAX, "Will truncate shmem segment size!");
|
|
MOZ_ASSERT(!aProtect || !aUnsafe, "protect => !unsafe");
|
|
|
|
size_t pageSize = SharedMemory::SystemPageSize();
|
|
// |2*pageSize| is for the front and back sentinel
|
|
RefPtr<SharedMemory> segment = CreateSegment(aType, aNBytes, 2*pageSize);
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
|
|
Header* header;
|
|
char *frontSentinel;
|
|
char *data;
|
|
char *backSentinel;
|
|
GetSections(segment, &header, &frontSentinel, &data, &backSentinel);
|
|
|
|
// initialize the segment with Shmem-internal information
|
|
|
|
// NB: this can't be a static assert because technically pageSize
|
|
// isn't known at compile time, event though in practice it's always
|
|
// going to be 4KiB
|
|
MOZ_ASSERT(sizeof(Header) <= pageSize,
|
|
"Shmem::Header has gotten too big");
|
|
memcpy(header->mMagic, sMagic, sizeof(sMagic));
|
|
header->mSize = static_cast<uint32_t>(aNBytes);
|
|
header->mUnsafe = aUnsafe;
|
|
|
|
if (aProtect)
|
|
Protect(segment);
|
|
|
|
return segment.forget();
|
|
}
|
|
|
|
// static
|
|
already_AddRefed<Shmem::SharedMemory>
|
|
Shmem::OpenExisting(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
const IPC::Message& aDescriptor,
|
|
id_t* aId,
|
|
bool aProtect)
|
|
{
|
|
size_t size;
|
|
size_t pageSize = SharedMemory::SystemPageSize();
|
|
// |2*pageSize| is for the front and back sentinels
|
|
RefPtr<SharedMemory> segment = ReadSegment(aDescriptor, aId, &size, 2*pageSize);
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
|
|
Header* header = GetHeader(segment);
|
|
|
|
if (size != header->mSize) {
|
|
// Deallocation should zero out the header, so check for that.
|
|
if (header->mSize || header->mUnsafe || header->mMagic[0] ||
|
|
memcmp(header->mMagic, &header->mMagic[1], sizeof(header->mMagic)-1)) {
|
|
NS_ERROR("Wrong size for this Shmem!");
|
|
} else {
|
|
NS_WARNING("Shmem was deallocated");
|
|
}
|
|
return nullptr;
|
|
}
|
|
|
|
// The caller of this function may not know whether the segment is
|
|
// unsafe or not
|
|
if (!header->mUnsafe && aProtect)
|
|
Protect(segment);
|
|
|
|
return segment.forget();
|
|
}
|
|
|
|
// static
|
|
void
|
|
Shmem::Dealloc(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
SharedMemory* aSegment)
|
|
{
|
|
if (!aSegment)
|
|
return;
|
|
|
|
size_t pageSize = SharedMemory::SystemPageSize();
|
|
Header* header;
|
|
char *frontSentinel;
|
|
char *data;
|
|
char *backSentinel;
|
|
GetSections(aSegment, &header, &frontSentinel, &data, &backSentinel);
|
|
|
|
aSegment->Protect(frontSentinel, pageSize, RightsWrite | RightsRead);
|
|
memset(header->mMagic, 0, sizeof(sMagic));
|
|
header->mSize = 0;
|
|
header->mUnsafe = false; // make it "safe" so as to catch errors
|
|
|
|
DestroySegment(aSegment);
|
|
}
|
|
|
|
|
|
#else // !defined(DEBUG)
|
|
|
|
// static
|
|
already_AddRefed<Shmem::SharedMemory>
|
|
Shmem::Alloc(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
size_t aNBytes,
|
|
SharedMemoryType aType,
|
|
bool /*unused*/,
|
|
bool /*unused*/)
|
|
{
|
|
RefPtr<SharedMemory> segment = CreateSegment(aType, aNBytes, sizeof(uint32_t));
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
|
|
*PtrToSize(segment) = static_cast<uint32_t>(aNBytes);
|
|
|
|
return segment.forget();
|
|
}
|
|
|
|
// static
|
|
already_AddRefed<Shmem::SharedMemory>
|
|
Shmem::OpenExisting(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
const IPC::Message& aDescriptor,
|
|
id_t* aId,
|
|
bool /*unused*/)
|
|
{
|
|
size_t size;
|
|
RefPtr<SharedMemory> segment = ReadSegment(aDescriptor, aId, &size, sizeof(uint32_t));
|
|
if (!segment) {
|
|
return nullptr;
|
|
}
|
|
|
|
// this is the only validity check done in non-DEBUG builds
|
|
if (size != static_cast<size_t>(*PtrToSize(segment))) {
|
|
return nullptr;
|
|
}
|
|
|
|
return segment.forget();
|
|
}
|
|
|
|
// static
|
|
void
|
|
Shmem::Dealloc(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
SharedMemory* aSegment)
|
|
{
|
|
DestroySegment(aSegment);
|
|
}
|
|
|
|
#endif // if defined(DEBUG)
|
|
|
|
IPC::Message*
|
|
Shmem::ShareTo(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
base::ProcessId aTargetPid,
|
|
int32_t routingId)
|
|
{
|
|
AssertInvariants();
|
|
|
|
IPC::Message *msg = new ShmemCreated(routingId, mId, mSize, mSegment->Type());
|
|
if (!mSegment->ShareHandle(aTargetPid, msg)) {
|
|
return nullptr;
|
|
}
|
|
// close the handle to the segment after it is shared
|
|
mSegment->CloseHandle();
|
|
return msg;
|
|
}
|
|
|
|
IPC::Message*
|
|
Shmem::UnshareFrom(IHadBetterBeIPDLCodeCallingThis_OtherwiseIAmADoodyhead,
|
|
base::ProcessId aTargetPid,
|
|
int32_t routingId)
|
|
{
|
|
AssertInvariants();
|
|
return new ShmemDestroyed(routingId, mId);
|
|
}
|
|
|
|
} // namespace ipc
|
|
} // namespace mozilla
|