Changeset 176762 in webkit

Timestamp:

Dec 3, 2014 4:16:38 PM (9 years ago)

Author:

andersca@apple.com

Message:

Unreviewed, rolling out r176452 and r176559.
​https://bugs.webkit.org/show_bug.cgi?id=139239

Broke iOS (Requested by andersca on #webkit).

Reverted changesets:

"Remove alignment code from IPC coders"
​https://bugs.webkit.org/show_bug.cgi?id=138963
​http://trac.webkit.org/changeset/176452

"[WK2] SecComp buildfix after r176452"
​https://bugs.webkit.org/show_bug.cgi?id=139081
​http://trac.webkit.org/changeset/176559

Patch by Commit Queue <​commit-queue@webkit.org> on 2014-12-03

Location:

trunk/Source/WebKit2

Files:

• ChangeLog (modified) (1 diff)
• Platform/IPC/ArgumentCoders.cpp (modified) (4 diffs)
• Platform/IPC/ArgumentCoders.h (modified) (3 diffs)
• Platform/IPC/ArgumentDecoder.cpp (modified) (4 diffs)
• Platform/IPC/ArgumentDecoder.h (modified) (3 diffs)
• Platform/IPC/ArgumentEncoder.cpp (modified) (3 diffs)
• Platform/IPC/ArgumentEncoder.h (modified) (4 diffs)
• Platform/IPC/DataReference.cpp (modified) (1 diff)
• Platform/IPC/MessageEncoder.cpp (modified) (2 diffs)
• Platform/IPC/mac/ConnectionMac.mm (modified) (1 diff)
• Platform/IPC/unix/ConnectionUnix.cpp (modified) (1 diff)
• Shared/linux/SeccompFilters/SeccompBroker.cpp (modified) (2 diffs)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2014-12-03  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, rolling out r176452 and r176559.
+        https://bugs.webkit.org/show_bug.cgi?id=139239
+
+        Broke iOS (Requested by andersca on #webkit).
+
+        Reverted changesets:
+
+        "Remove alignment code from IPC coders"
+        https://bugs.webkit.org/show_bug.cgi?id=138963
+        http://trac.webkit.org/changeset/176452
+
+        "[WK2] SecComp buildfix after r176452"
+        https://bugs.webkit.org/show_bug.cgi?id=139081
+        http://trac.webkit.org/changeset/176559
+
 2014-12-03  Tim Horton  <timothy_horton@apple.com>
 

trunk/Source/WebKit2/Platform/IPC/ArgumentCoders.cpp

@@ -58 +58 @@
     uint32_t length = string.length();
     encoder << length;
-    encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.data()), length);
+    encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.data()), length, 1);
 }
 
@@ -81 +81 @@
     char* buffer;
     CString string = CString::newUninitialized(length, buffer);
-    if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(buffer), length))
+    if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(buffer), length, 1))
         return false;
 
@@ -103 +103 @@
 
     if (is8Bit)
-        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.characters8()), length * sizeof(LChar));
+        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.characters8()), length * sizeof(LChar), alignof(LChar));
     else
-        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.characters16()), length * sizeof(UChar));
+        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(string.characters16()), length * sizeof(UChar), alignof(UChar));
 }
 
@@ -119 +119 @@
     CharacterType* buffer;
     String string = String::createUninitialized(length, buffer);
-    if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(buffer), length * sizeof(CharacterType)))
+    if (!decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(buffer), length * sizeof(CharacterType), alignof(CharacterType)))
         return false;
     

trunk/Source/WebKit2/Platform/IPC/ArgumentCoders.h

@@ -42 +42 @@
     static void encode(ArgumentEncoder& encoder, const T& t)
     {
-        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(&t), sizeof(T));
+        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(&t), sizeof(T), alignof(T));
     }
 
     static bool decode(ArgumentDecoder& decoder, T& t)
     {
-        return decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(&t), sizeof(T));
+        return decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(&t), sizeof(T), alignof(T));
     }
 };
@@ -179 +179 @@
     {
         encoder << static_cast<uint64_t>(vector.size());
-        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(vector.data()), vector.size() * sizeof(T));
+        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(vector.data()), vector.size() * sizeof(T), alignof(T));
     }
     
@@ -199 +199 @@
         temp.resize(size);
 
-        decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(temp.data()), size * sizeof(T));
+        decoder.decodeFixedLengthData(reinterpret_cast<uint8_t*>(temp.data()), size * sizeof(T), alignof(T));
 
         vector.swap(temp);

trunk/Source/WebKit2/Platform/IPC/ArgumentDecoder.cpp

@@ -57 +57 @@
 }
 
+static inline uint8_t* roundUpToAlignment(uint8_t* ptr, unsigned alignment)
+{
+    // Assert that the alignment is a power of 2.
+    ASSERT(alignment && !(alignment & (alignment - 1)));
+
+    uintptr_t alignmentMask = alignment - 1;
+    return reinterpret_cast<uint8_t*>((reinterpret_cast<uintptr_t>(ptr) + alignmentMask) & ~alignmentMask);
+}
+
 void ArgumentDecoder::initialize(const uint8_t* buffer, size_t bufferSize)
 {
@@ -63 +72 @@
     ASSERT(!(reinterpret_cast<uintptr_t>(m_buffer) % alignof(uint64_t)));
 
-    m_bufferPosition = m_buffer;
+    m_bufferPos = m_buffer;
     m_bufferEnd = m_buffer + bufferSize;
     memcpy(m_buffer, buffer, bufferSize);
 }
 
-bool ArgumentDecoder::bufferIsLargeEnoughToContain(size_t size) const
-{
-    return m_buffer + size <= m_bufferEnd;
-}
-
-bool ArgumentDecoder::decodeFixedLengthData(uint8_t* data, size_t size)
-{
-    if (!bufferIsLargeEnoughToContain(size))
-        return false;
-
-    memcpy(data, m_bufferPosition, size);
-    m_bufferPosition += size;
+static inline bool alignedBufferIsLargeEnoughToContain(const uint8_t* alignedPosition, const uint8_t* bufferEnd, size_t size)
+{
+    return bufferEnd >= alignedPosition && static_cast<size_t>(bufferEnd - alignedPosition) >= size;
+}
+
+bool ArgumentDecoder::alignBufferPosition(unsigned alignment, size_t size)
+{
+    uint8_t* alignedPosition = roundUpToAlignment(m_bufferPos, alignment);
+    if (!alignedBufferIsLargeEnoughToContain(alignedPosition, m_bufferEnd, size)) {
+        // We've walked off the end of this buffer.
+        markInvalid();
+        return false;
+    }
+    
+    m_bufferPos = alignedPosition;
+    return true;
+}
+
+bool ArgumentDecoder::bufferIsLargeEnoughToContain(unsigned alignment, size_t size) const
+{
+    return alignedBufferIsLargeEnoughToContain(roundUpToAlignment(m_bufferPos, alignment), m_bufferEnd, size);
+}
+
+bool ArgumentDecoder::decodeFixedLengthData(uint8_t* data, size_t size, unsigned alignment)
+{
+    if (!alignBufferPosition(alignment, size))
+        return false;
+
+    memcpy(data, m_bufferPos, size);
+    m_bufferPos += size;
 
     return true;
@@ -90 +117 @@
         return false;
     
-    if (!bufferIsLargeEnoughToContain(size))
-        return false;
-
-    uint8_t* data = m_bufferPosition;
-    m_bufferPosition += size;
+    if (!alignBufferPosition(1, size))
+        return false;
+
+    uint8_t* data = m_bufferPos;
+    m_bufferPos += size;
 
     dataReference = DataReference(data, size);
@@ -101 +128 @@
 
 template<typename Type>
-bool ArgumentDecoder::decodeNumber(Type& value)
-{
-    if (!bufferIsLargeEnoughToContain(sizeof(Type)))
-        return false;
-
-    memcpy(&value, m_bufferPosition, sizeof(Type));
-    m_bufferPosition += sizeof(Type);
-
-    return true;
+static void decodeValueFromBuffer(Type& value, uint8_t*& bufferPosition)
+{
+    memcpy(&value, bufferPosition, sizeof(value));
+    bufferPosition += sizeof(Type);
 }
 
 bool ArgumentDecoder::decode(bool& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+    
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(uint8_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(uint16_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(uint32_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(uint64_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+    
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(int32_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+    
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(int64_t& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(float& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 
 bool ArgumentDecoder::decode(double& result)
 {
-    return decodeNumber(result);
+    if (!alignBufferPosition(sizeof(result), sizeof(result)))
+        return false;
+    
+    decodeValueFromBuffer(result, m_bufferPos);
+    return true;
 }
 

trunk/Source/WebKit2/Platform/IPC/ArgumentDecoder.h

@@ -43 +43 @@
     size_t length() const { return m_bufferEnd - m_buffer; }
 
-    bool isInvalid() const { return m_bufferPosition > m_bufferEnd; }
-    void markInvalid() { m_bufferPosition = m_bufferEnd + 1; }
+    bool isInvalid() const { return m_bufferPos > m_bufferEnd; }
+    void markInvalid() { m_bufferPos = m_bufferEnd + 1; }
 
-    bool decodeFixedLengthData(uint8_t*, size_t);
+    bool decodeFixedLengthData(uint8_t*, size_t, unsigned alignment);
 
     // The data in the data reference here will only be valid for the lifetime of the ArgumentDecoder object.
@@ -81 +81 @@
             return false;
 
-        return bufferIsLargeEnoughToContain(numElements * sizeof(T));
+        return bufferIsLargeEnoughToContain(alignof(T), numElements * sizeof(T));
     }
 
@@ -97 +97 @@
     void initialize(const uint8_t* buffer, size_t bufferSize);
 
-    bool bufferIsLargeEnoughToContain(size_t) const;
-    template <typename Type> bool decodeNumber(Type& value);
+    bool alignBufferPosition(unsigned alignment, size_t size);
+    bool bufferIsLargeEnoughToContain(unsigned alignment, size_t size) const;
 
 private:
     uint8_t* m_buffer;
-    uint8_t* m_bufferPosition;
+    uint8_t* m_bufferPos;
     uint8_t* m_bufferEnd;
 

trunk/Source/WebKit2/Platform/IPC/ArgumentEncoder.cpp

@@ -58 +58 @@
 ArgumentEncoder::ArgumentEncoder()
     : m_buffer(m_inlineBuffer)
+    , m_bufferPointer(m_inlineBuffer)
     , m_bufferSize(0)
     , m_bufferCapacity(sizeof(m_inlineBuffer))
@@ -103 +104 @@
 }
 
-uint8_t* ArgumentEncoder::grow(size_t size)
-{
-    size_t position = m_bufferSize;
-    reserve(m_bufferSize + size);
-
-    m_bufferSize += size;
-
-    return m_buffer + position;
-}
-
-void ArgumentEncoder::encodeFixedLengthData(const uint8_t* data, size_t size)
-{
-    uint8_t* buffer = grow(size);
+uint8_t* ArgumentEncoder::grow(unsigned alignment, size_t size)
+{
+    size_t alignedSize = roundUpToAlignment(m_bufferSize, alignment);
+    reserve(alignedSize + size);
+
+    m_bufferSize = alignedSize + size;
+    m_bufferPointer = m_buffer + alignedSize + size;
+    
+    return m_buffer + alignedSize;
+}
+
+void ArgumentEncoder::encodeFixedLengthData(const uint8_t* data, size_t size, unsigned alignment)
+{
+    ASSERT(!(reinterpret_cast<uintptr_t>(data) % alignment));
+
+    uint8_t* buffer = grow(alignment, size);
     memcpy(buffer, data, size);
 }
@@ -122 +126 @@
 {
     encode(static_cast<uint64_t>(dataReference.size()));
-    encodeFixedLengthData(dataReference.data(), dataReference.size());
+    encodeFixedLengthData(dataReference.data(), dataReference.size(), 1);
 }
 
 template<typename Type>
-void ArgumentEncoder::encodeNumber(Type value)
-{
-    uint8_t* bufferPosition = grow(sizeof(Type));
+static void copyValueToBuffer(Type value, uint8_t* bufferPosition)
+{
     memcpy(bufferPosition, &value, sizeof(Type));
 }
 
-void ArgumentEncoder::encode(bool value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(uint8_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(uint16_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(uint32_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(uint64_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(int32_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(int64_t value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(float value)
-{
-    encodeNumber(value);
-}
-
-void ArgumentEncoder::encode(double value)
-{
-    encodeNumber(value);
+void ArgumentEncoder::encode(bool n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(uint8_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(uint16_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(uint32_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(uint64_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(int32_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(int64_t n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(float n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
+}
+
+void ArgumentEncoder::encode(double n)
+{
+    uint8_t* buffer = grow(sizeof(n), sizeof(n));
+    copyValueToBuffer(n, buffer);
 }
 

trunk/Source/WebKit2/Platform/IPC/ArgumentEncoder.h

@@ -42 +42 @@
     virtual ~ArgumentEncoder();
 
-    void encodeFixedLengthData(const uint8_t*, size_t);
+    void encodeFixedLengthData(const uint8_t*, size_t, unsigned alignment);
     void encodeVariableLengthByteArray(const DataReference&);
 
@@ -63 +63 @@
     }
 
-    const uint8_t* buffer() const { return m_buffer; }
+    uint8_t* buffer() const { return m_buffer; }
     size_t bufferSize() const { return m_bufferSize; }
 
@@ -69 +69 @@
     Vector<Attachment> releaseAttachments();
     void reserve(size_t);
-
-protected:
-    uint8_t* mutableBuffer() { return m_buffer; }
 
 private:
@@ -83 +80 @@
     void encode(float);
     void encode(double);
-    template<typename Type> void encodeNumber(Type);
 
-    uint8_t* grow(size_t);
+    uint8_t* grow(unsigned alignment, size_t size);
 
     uint8_t m_inlineBuffer[512];
+
     uint8_t* m_buffer;
-
+    uint8_t* m_bufferPointer;
+    
     size_t m_bufferSize;
     size_t m_bufferCapacity;

trunk/Source/WebKit2/Platform/IPC/DataReference.cpp

@@ -52 +52 @@
     while (position < bufferSize) {
         unsigned bytesToWrite = m_buffer->getSomeData(partialData, position);
-        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(partialData), bytesToWrite);
+        encoder.encodeFixedLengthData(reinterpret_cast<const uint8_t*>(partialData), bytesToWrite, 1);
         position += bytesToWrite;
     }

trunk/Source/WebKit2/Platform/IPC/MessageEncoder.cpp

@@ -52 +52 @@
 {
     if (isSyncMessage)
-        *mutableBuffer() |= SyncMessage;
+        *buffer() |= SyncMessage;
     else
-        *mutableBuffer() &= ~SyncMessage;
+        *buffer() &= ~SyncMessage;
 }
 
@@ -60 +60 @@
 {
     if (shouldDispatchMessageWhenWaitingForSyncReply)
-        *mutableBuffer() |= DispatchMessageWhenWaitingForSyncReply;
+        *buffer() |= DispatchMessageWhenWaitingForSyncReply;
     else
-        *mutableBuffer() &= ~DispatchMessageWhenWaitingForSyncReply;
+        *buffer() &= ~DispatchMessageWhenWaitingForSyncReply;
 }
 

trunk/Source/WebKit2/Platform/IPC/mac/ConnectionMac.mm

@@ -328 +328 @@
             mach_msg_descriptor_t* descriptor = reinterpret_cast<mach_msg_descriptor_t*>(descriptorData);
 
-            descriptor->out_of_line.address = const_cast<uint8_t*>(encoder->buffer());
+            descriptor->out_of_line.address = encoder->buffer();
             descriptor->out_of_line.size = encoder->bufferSize();
             descriptor->out_of_line.copy = MACH_MSG_VIRTUAL_COPY;

trunk/Source/WebKit2/Platform/IPC/unix/ConnectionUnix.cpp

@@ -515 +515 @@
 
     if (!messageInfo.isMessageBodyIsOutOfLine() && encoder->bufferSize()) {
-        iov[iovLength].iov_base = reinterpret_cast<void*>(const_cast<uint8_t*>(encoder->buffer()));
+        iov[iovLength].iov_base = reinterpret_cast<void*>(encoder->buffer());
         iov[iovLength].iov_len = encoder->bufferSize();
         ++iovLength;

trunk/Source/WebKit2/Shared/linux/SeccompFilters/SeccompBroker.cpp

@@ -206 +206 @@
     m_socketLock.lock();
 
-    if (sendMessage(m_socket, reinterpret_cast<void*>(const_cast<uint8_t*>(encoder->buffer())), encoder->bufferSize()) < 0)
+    if (sendMessage(m_socket, encoder->buffer(), encoder->bufferSize()) < 0)
         CRASH();
 
@@ -341 +341 @@
 
         // The client is down, the broker should go away.
-        if (sendMessage(socket, reinterpret_cast<void*>(const_cast<uint8_t*>(encoder->buffer())), encoder->bufferSize(), fd) < 0)
+        if (sendMessage(socket, encoder->buffer(), encoder->bufferSize(), fd) < 0)
             exit(EXIT_SUCCESS);
     }