Closed
Bug 998129
Opened 11 years ago
Closed 10 years ago
Do not read from the main heap while running off the main thread
Categories
(Core :: JavaScript Engine: JIT, defect)
Core
JavaScript Engine: JIT
Tracking
()
RESOLVED
DUPLICATE
of bug 1181255
flash10
People
(Reporter: terrence, Assigned: terrence)
References
Details
In bug 995649, I am attempting to implement a diagnostic where we mprotect the full gc heap with PROT_NONE any time we leave a request. The goal here is to quickly identify any places in the browser that accidentally scribble over our memory, resulting in GC crashes.
Unfortunately, this has identified a number of places where we access the heap from background compilation. Luckily, these all seem to be safe accesses to constants in the compiling script or the runtime, so are not vulnerable.
|
||
Comment 1•11 years ago
|
||
If you want to catch scribbling, could you use PROT_READ?
|
Assignee | |
Comment 2•11 years ago
|
||
(In reply to Luke Wagner [:luke] from comment #1)
> If you want to catch scribbling, could you use PROT_READ?
I was also hoping to catch improper reads as a side-effect -- you're right though, we could use PROT_READ to ship most of the protection right now and clean up these innocuous reads later
|
|
Assignee | |
Comment 3•10 years ago
|
||
The correct solution here is to get TSAN running on try.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•