inline size_t nsRuleData::GetPoisonOffset() { // Fill in mValueOffsets such that mValueStorage + mValueOffsets[i] // will yield the frame poison value for all uninitialized value // offsets. MOZ_STATIC_ASSERT(sizeof(PRUword) == sizeof(size_t), "expect PRUword and size_t to be the same size"); MOZ_STATIC_ASSERT(PRUword(-1) > PRUword(0), "expect PRUword to be unsigned"); MOZ_STATIC_ASSERT(size_t(-1) > size_t(0), "expect size_t to be unsigned"); PRUword framePoisonValue = nsPresArena::GetPoisonValue(); return size_t(framePoisonValue - PRUword(mValueStorage)) / sizeof(nsCSSValue); }
static PRUword ReservePoisonArea(PRUword rgnsize) { if (sizeof(PRUword) == 8) { // Use the hardware-inaccessible region. // We have to avoid 64-bit constants and shifts by 32 bits, since this // code is compiled in 32-bit mode, although it is never executed there. return (((PRUword(0x7FFFFFFFu) << 31) << 1 | PRUword(0xF0DEAFFFu)) & ~(rgnsize-1)); } else { // First see if we can allocate the preferred poison address from the OS. PRUword candidate = (0xF0DEAFFF & ~(rgnsize-1)); void *result = ReserveRegion(candidate, rgnsize); if (result == (void *)candidate) { // success - inaccessible page allocated return candidate; } // That didn't work, so see if the preferred address is within a range // of permanently inacessible memory. if (ProbeRegion(candidate, rgnsize)) { // success - selected page cannot be usable memory if (result != RESERVE_FAILED) ReleaseRegion(result, rgnsize); return candidate; } // The preferred address is already in use. Did the OS give us a // consolation prize? if (result != RESERVE_FAILED) { return PRUword(result); } // It didn't, so try to allocate again, without any constraint on // the address. result = ReserveRegion(0, rgnsize); if (result != RESERVE_FAILED) { return PRUword(result); } NS_RUNTIMEABORT("no usable poison region identified"); return 0; } }