createJitRuntime is called even if JIT is disabled
Categories
(Core :: JavaScript Engine: JIT, defect)
Tracking
()
People
(Reporter: xry111, Unassigned)
Details
Steps to reproduce:
For details see https://gitlab.freedesktop.org/polkit/polkit/-/issues/199.
Actual results:
Even if JIT is disabled via setDisableIon
, setWasmIon(false)
, and setAsmJS(false)
, createJitRuntime is still called by InitSelfHostedCode. So if W/X mapping is disabled, InitSelfHostedCode will crash.
Expected results:
If JIT is disabled, Spidermonkey (expect JIT) should still function normally even if W/X mapping cannot be created.
(In reply to Xi Ruoyao from comment #0)
Expected results:
If JIT is disabled, Spidermonkey (expect JIT) should still function normally even if W/X mapping cannot be created.
Sorry, I mean "except", not "expect".
Comment 2•1 year ago
•
|
||
(In reply to Xi Ruoyao from comment #0)
Even if JIT is disabled via
setDisableIon
,setWasmIon(false)
, andsetAsmJS(false)
, createJitRuntime is still called by InitSelfHostedCode. So if W/X mapping is disabled, InitSelfHostedCode will crash.
This doesn't disable all the JITs. You should call JS::DisableJitBackend()
before creating the first context/runtime (and before JS_Init*
) and that should prevent the engine from reserving JIT memory.
(In reply to Jan de Mooij [:jandem] from comment #2)
(In reply to Xi Ruoyao from comment #0)
Even if JIT is disabled via
setDisableIon
,setWasmIon(false)
, andsetAsmJS(false)
, createJitRuntime is still called by InitSelfHostedCode. So if W/X mapping is disabled, InitSelfHostedCode will crash.This doesn't disable all the JITs. You should call
JS::DisableJitBackend()
before creating the first context/runtime (and beforeJS_Init*
) and that should prevent the engine from reserving JIT memory.
Indeed it works.
Description
•