From 661fcc0156b78fd40937c0844034605f430b94c6 Mon Sep 17 00:00:00 2001 From: Chris Palmer Date: Tue, 11 Apr 2017 16:51:43 -0700 Subject: Pull in the latest PartitionAlloc fixes from upstream. BUG=pdfium:691 Change-Id: If6f1e200e763827ec640b2b79171f3899ea7927e Reviewed-on: https://pdfium-review.googlesource.com/4050 Reviewed-by: Tom Sepez Commit-Queue: Chris Palmer --- .../address_space_randomization.cc | 19 +++++++++++++++---- .../allocator/partition_allocator/partition_alloc.cc | 9 +++++++-- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/third_party/base/allocator/partition_allocator/address_space_randomization.cc b/third_party/base/allocator/partition_allocator/address_space_randomization.cc index fdcc5911b9..08f22be80a 100644 --- a/third_party/base/allocator/partition_allocator/address_space_randomization.cc +++ b/third_party/base/allocator/partition_allocator/address_space_randomization.cc @@ -15,6 +15,11 @@ #include #endif +// VersionHelpers.h must be included after windows.h. +#if defined(OS_WIN) +#include +#endif + namespace pdfium { namespace base { @@ -90,11 +95,17 @@ void* GetRandomPageBase() { // This address mask gives a low likelihood of address space collisions. We // handle the situation gracefully if there is a collision. #if defined(OS_WIN) - // 64-bit Windows has a bizarrely small 8TB user address space. Allocates in - // the 1-5TB region. TODO(palmer): See if Windows >= 8.1 has the full 47 bits, - // and use it if so. crbug.com/672219 random &= 0x3ffffffffffUL; - random += 0x10000000000UL; + // Windows >= 8.1 has the full 47 bits. Use them where available. + static bool windows_81 = false; + static bool windows_81_initialized = false; + if (!windows_81_initialized) { + windows_81 = IsWindows8Point1OrGreater(); + windows_81_initialized = true; + } + if (!windows_81) { + random += 0x10000000000UL; + } #elif defined(MEMORY_TOOL_REPLACES_ALLOCATOR) // This range is copied from the TSan source, but works for all tools. random &= 0x007fffffffffUL; diff --git a/third_party/base/allocator/partition_allocator/partition_alloc.cc b/third_party/base/allocator/partition_allocator/partition_alloc.cc index 9523e78d46..a33d7f1d13 100644 --- a/third_party/base/allocator/partition_allocator/partition_alloc.cc +++ b/third_party/base/allocator/partition_allocator/partition_alloc.cc @@ -1061,8 +1061,13 @@ void* PartitionReallocGeneric(PartitionRootGeneric* root, // determine it is a win. if (actual_new_size == actual_old_size) { // Trying to allocate a block of size new_size would give us a block of - // the same size as the one we've already got, so no point in doing - // anything here. + // the same size as the one we've already got, so re-use the allocation + // after updating statistics (and cookies, if present). + PartitionPageSetRawSize(page, PartitionCookieSizeAdjustAdd(new_size)); +#if DCHECK_IS_ON() + // Write a new trailing cookie. + PartitionCookieWriteValue(static_cast(ptr) + new_size); +#endif return ptr; } -- cgit v1.2.3