[MERGE chakra-core#4797 @digitalinfinity] Support disabling interpreter thunks in JSRT

digitalinfinity · digitalinfinity · commit b793fe4b7c1c · 2018-03-09T20:44:57.000-08:00
Merge pull request chakra-core#4797 from digitalinfinity:jsrt_thunk_master JsRuntimeAttributeDisableNativeCodeGeneration is not sufficient to disable all allocation of executable memory. Added a new attribute with explicitly this intent so that hosts running in locked down processes can embed ChakraCore
diff --git a/bin/NativeTests/JsRTApiTest.cpp b/bin/NativeTests/JsRTApiTest.cpp
@@ -66,6 +66,7 @@ namespace JsRTApiTest
         WithSetup(JsRuntimeAttributeAllowScriptInterrupt, handler);
         WithSetup(JsRuntimeAttributeEnableIdleProcessing, handler);
         WithSetup(JsRuntimeAttributeDisableNativeCodeGeneration, handler);
+        WithSetup(JsRuntimeAttributeDisableExecutablePageAllocation, handler);
         WithSetup(JsRuntimeAttributeDisableEval, handler);
         WithSetup((JsRuntimeAttributes)(JsRuntimeAttributeDisableBackgroundWork | JsRuntimeAttributeAllowScriptInterrupt | JsRuntimeAttributeEnableIdleProcessing), handler);
     }
diff --git a/lib/Backend/InterpreterThunkEmitter.cpp b/lib/Backend/InterpreterThunkEmitter.cpp
@@ -323,6 +323,11 @@ void* InterpreterThunkEmitter::ConvertToEntryPoint(PVOID dynamicInterpreterThunk
 
 bool InterpreterThunkEmitter::NewThunkBlock()
 {
+    if (this->scriptContext->GetConfig()->IsNoDynamicThunks())
+    {
+        return false;
+    }
+
 #ifdef ENABLE_OOP_NATIVE_CODEGEN
     if (CONFIG_FLAG(ForceStaticInterpreterThunk))
     {
diff --git a/lib/Jsrt/ChakraCommon.h b/lib/Jsrt/ChakraCommon.h
@@ -454,6 +454,15 @@ typedef unsigned short uint16_t;
         ///     Disable Failfast fatal error on OOM
         /// </summary>
         JsRuntimeAttributeDisableFatalOnOOM = 0x00000080,
+        /// <summary>
+        ///     Runtime will not allocate executable code pages
+        ///     This also implies that Native Code generation will be turned off
+        ///     Note that this will break JavaScript stack decoding in tools
+        //      like WPA since they rely on allocation of unique thunks to
+        //      interpret each function and allocation of those thunks will be
+        //      disabled as well
+        /// </summary>
+        JsRuntimeAttributeDisableExecutablePageAllocation = 0x00000100,
 
     } JsRuntimeAttributes;
 
diff --git a/lib/Jsrt/Jsrt.cpp b/lib/Jsrt/Jsrt.cpp
@@ -285,6 +285,7 @@ JsErrorCode CreateRuntimeCore(_In_ JsRuntimeAttributes attributes,
             JsRuntimeAttributeEnableIdleProcessing |
             JsRuntimeAttributeDisableEval |
             JsRuntimeAttributeDisableNativeCodeGeneration |
+            JsRuntimeAttributeDisableExecutablePageAllocation |
             JsRuntimeAttributeEnableExperimentalFeatures |
             JsRuntimeAttributeDispatchSetExceptionsToDebugger |
             JsRuntimeAttributeDisableFatalOnOOM
@@ -339,6 +340,12 @@ JsErrorCode CreateRuntimeCore(_In_ JsRuntimeAttributes attributes,
             threadContext->SetThreadContextFlag(ThreadContextFlagNoJIT);
         }
 
+        if (attributes & JsRuntimeAttributeDisableExecutablePageAllocation)
+        {
+            threadContext->SetThreadContextFlag(ThreadContextFlagNoJIT);
+            threadContext->SetThreadContextFlag(ThreadContextFlagNoDynamicThunks);
+        }
+
         if (attributes & JsRuntimeAttributeDisableFatalOnOOM)
         {
             threadContext->SetThreadContextFlag(ThreadContextFlagDisableFatalOnOOM);
diff --git a/lib/Runtime/Base/FunctionBody.cpp b/lib/Runtime/Base/FunctionBody.cpp
@@ -3664,6 +3664,23 @@ namespace Js
         {
             this->SetOriginalEntryPoint((JavascriptMethod)InterpreterThunkEmitter::ConvertToEntryPoint(this->m_dynamicInterpreterThunk));
         }
+
+#if DBG
+        if (GetScriptContext()->GetThreadContext()->NoDynamicThunks())
+        {
+            Assert(this->m_dynamicInterpreterThunk == nullptr);
+#ifdef ASMJS_PLAT
+            if (m_isAsmJsFunction)
+            {
+                Assert(this->GetOriginalEntryPoint_Unchecked() == (JavascriptMethod)&Js::InterpreterStackFrame::StaticInterpreterAsmThunk);
+            }
+            else
+#endif
+            {
+                Assert(this->GetOriginalEntryPoint_Unchecked() == (JavascriptMethod)&Js::InterpreterStackFrame::StaticInterpreterThunk);
+            }
+        }
+#endif
     }
 
     JavascriptMethod FunctionBody::EnsureDynamicInterpreterThunk(FunctionEntryPointInfo* entryPointInfo)
@@ -3673,7 +3690,6 @@ namespace Js
         // We need to ensure dynamic profile info even if we didn't generate a dynamic interpreter thunk
         // This happens when we go through CheckCodeGen thunk, to DelayDynamicInterpreterThunk, to here
         // but the background codegen thread updated the entry point with the native entry point.
-
         this->EnsureDynamicProfileInfo();
 
         Assert(HasValidEntryPoint());
diff --git a/lib/Runtime/Base/ScriptContext.h b/lib/Runtime/Base/ScriptContext.h
@@ -273,6 +273,7 @@ namespace Js
             WinRTConstructorAllowed(Configuration::Global.flags.WinRTConstructorAllowed),
 #endif
             NoNative(Configuration::Global.flags.NoNative),
+            NoDynamicThunks(false),
             isOptimizedForManyInstances(isOptimizedForManyInstances),
             threadConfig(threadConfig)
         {
@@ -298,6 +299,9 @@ namespace Js
 
         bool SupportsCollectGarbage() const { return true; }
 
+        void ForceNoDynamicThunks() { this->NoDynamicThunks = true; }
+        bool IsNoDynamicThunks() const { return this->NoDynamicThunks; }
+
         void ForceNoNative() { this->NoNative = true; }
         void ForceNative() { this->NoNative = false; }
         bool IsNoNative() const { return this->NoNative; }
@@ -341,6 +345,7 @@ namespace Js
 
         // Per script configurations
         bool NoNative;
+        bool NoDynamicThunks;
         BOOL fCanOptimizeGlobalLookup;
         const bool isOptimizedForManyInstances;
         const ThreadConfiguration * const threadConfig;
@@ -1056,6 +1061,7 @@ namespace Js
         inline bool IsHeapEnumInProgress() { return GetRecycler()->IsHeapEnumInProgress(); }
 
         bool IsInterpreted() { return config.IsNoNative(); }
+        void ForceNoDynamicThunks() { config.ForceNoDynamicThunks(); }
         void ForceNoNative() { config.ForceNoNative(); }
         void ForceNative() { config.ForceNative(); }
         ScriptConfiguration const * GetConfig(void) const { return &config; }
diff --git a/lib/Runtime/Base/ThreadContext.cpp b/lib/Runtime/Base/ThreadContext.cpp
@@ -2415,6 +2415,12 @@ ThreadContext::RegisterScriptContext(Js::ScriptContext *scriptContext)
     {
         scriptContext->ForceNoNative();
     }
+
+    if (NoDynamicThunks())
+    {
+        scriptContext->ForceNoDynamicThunks();
+    }
+
 #if DBG || defined(RUNTIME_DATA_COLLECTION)
     scriptContextCount++;
 #endif
diff --git a/lib/Runtime/Base/ThreadContext.h b/lib/Runtime/Base/ThreadContext.h
@@ -44,6 +44,7 @@ enum ThreadContextFlags
     ThreadContextFlagEvalDisabled                  = 0x00000002,
     ThreadContextFlagNoJIT                         = 0x00000004,
     ThreadContextFlagDisableFatalOnOOM             = 0x00000008,
+    ThreadContextFlagNoDynamicThunks               = 0x00000010,
 };
 
 const int LS_MAX_STACK_SIZE_KB = 300;
@@ -945,6 +946,11 @@ class ThreadContext sealed :
         return this->TestThreadContextFlag(ThreadContextFlagNoJIT);
     }
 
+    bool NoDynamicThunks() const
+    {
+        return this->TestThreadContextFlag(ThreadContextFlagNoDynamicThunks);
+    }
+
 #ifdef ENABLE_DEBUG_CONFIG_OPTIONS
     Js::Var GetMemoryStat(Js::ScriptContext* scriptContext);
     void SetAutoProxyName(LPCWSTR objectName);

Original file line number	Diff line number	Diff line change
`@@ -66,6 +66,7 @@ namespace JsRTApiTest`
`66`	`66`	`WithSetup(JsRuntimeAttributeAllowScriptInterrupt, handler);`
`67`	`67`	`WithSetup(JsRuntimeAttributeEnableIdleProcessing, handler);`
`68`	`68`	`WithSetup(JsRuntimeAttributeDisableNativeCodeGeneration, handler);`
	`69`	`+ WithSetup(JsRuntimeAttributeDisableExecutablePageAllocation, handler);`
`69`	`70`	`WithSetup(JsRuntimeAttributeDisableEval, handler);`
`70`	`71`	`WithSetup((JsRuntimeAttributes)(JsRuntimeAttributeDisableBackgroundWork \| JsRuntimeAttributeAllowScriptInterrupt \| JsRuntimeAttributeEnableIdleProcessing), handler);`
`71`	`72`	`}`
Original file line number	Diff line number	Diff line change
`@@ -323,6 +323,11 @@ void* InterpreterThunkEmitter::ConvertToEntryPoint(PVOID dynamicInterpreterThunk`
`323`	`323`
`324`	`324`	`bool InterpreterThunkEmitter::NewThunkBlock()`
`325`	`325`	`{`
	`326`	`+ if (this->scriptContext->GetConfig()->IsNoDynamicThunks())`
	`327`	`+ {`
	`328`	`+ return false;`
	`329`	`+ }`
	`330`	`+`
`326`	`331`	`#ifdef ENABLE_OOP_NATIVE_CODEGEN`
`327`	`332`	`if (CONFIG_FLAG(ForceStaticInterpreterThunk))`
`328`	`333`	`{`
Original file line number	Diff line number	Diff line change
`@@ -2415,6 +2415,12 @@ ThreadContext::RegisterScriptContext(Js::ScriptContext *scriptContext)`
`2415`	`2415`	`{`
`2416`	`2416`	`scriptContext->ForceNoNative();`
`2417`	`2417`	`}`
	`2418`	`+`
	`2419`	`+ if (NoDynamicThunks())`
	`2420`	`+ {`
	`2421`	`+ scriptContext->ForceNoDynamicThunks();`
	`2422`	`+ }`
	`2423`	`+`
`2418`	`2424`	`#if DBG \|\| defined(RUNTIME_DATA_COLLECTION)`
`2419`	`2425`	`scriptContextCount++;`
`2420`	`2426`	`#endif`