Ariane van der Steldt wrote: > On Tue, May 31, 2011 at 03:28:11PM -0500, Amit Kulkarni wrote: > > >> > basically rewriting the memory > > >> > management part of the OS in your browser. > > >> > > >> Do some browsers do this on OpenBSD? > > Googles v8 javascript engine has Pages, Spaces, Heaps and Pagination > logic. It even has its own code to map files in. However, the managed to > avoid the common pitfall of requiring all platforms to have 4 kB pages: > they hardcoded to 8 kB instead. They actually managed to create their > own VM inside the browser, running on top of our VM and being almost as > complex. Chrome are the ones that use 32-bit relative pointers, I doubt > I need to explain how that fails on 64-bit... But hey, it's fast. > > Webkit allocates 2 GB at startup. Within that area, it will do its own > memory management for the JIT. They also use 32-bit relative addressing. > > Firefox uses the unused bits in your pointer to store some tags there. > Because on 64-bit computers we have all these bits, but only 48 are > used. So we can store 16 bit worth of data, for free! Ofcourse, your > address randomization will be friendly enough to pick memory close to > the base of your memory, so of those 48 bits, only 34 are really in > use...
Why do they need such a trick instead of simply storing tags in a associative array, where key is a pointer and value is a set of tags (or any other arbitrary data)? Lookup against properly aligned array is relatively fast. Am I missing something? Alexey
