Bug 242600

Summary: [ARMv7] SHOULD NEVER BE REACHED in Expected<JSC::Wasm::PageCount, JSC::Wasm::Memory::GrowFailReason> JSC::Wasm::Memory::growShared(JSC::Wasm::PageCount)
Product: WebKit Reporter: Mikhail R. Gadelha <mikhail>
Component: JavaScriptCoreAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Testcase none

Mikhail R. Gadelha
Reported 2022-07-11 12:29:09 PDT
Created attachment 460796 [details] Testcase Found by Igalia Fuzzing Campaign. The attached test case fails with the following message: SHOULD NEVER BE REACHED WebKit//Source/JavaScriptCore/wasm/WasmMemory.cpp(503) : Expected<JSC::Wasm::PageCount, JSC::Wasm::Memory::GrowFailReason> JSC::Wasm::Memory::growShared(JSC::Wasm::PageCount)
Attachments
Testcase (121 bytes, text/javascript)
2022-07-11 12:29 PDT, Mikhail R. Gadelha 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-07-11 12:29:21 PDT
<rdar://problem/96836953>
Yusuke Suzuki
Comment 2 2022-07-12 14:06:50 PDT
This crash is because ARMv7 port incorrectly enabled shared Wasm memory. This does not happen in ARM64 and x64.
Yusuke Suzuki
Comment 3 2022-07-12 14:07:04 PDT
Changing it to normal bug since it is release-assert.
Yusuke Suzuki
Comment 4 2022-07-12 14:21:48 PDT
This is ARMv7 specific Linux only issue by https://github.com/WebKit/WebKit/commit/b58fb7e9473cc9227e4d52d17e93f25a3970522e
Yusuke Suzuki
Comment 5 2022-07-12 14:31:16 PDT
Pull request: https://github.com/WebKit/WebKit/pull/2341
EWS
Comment 6 2022-07-12 15:36:28 PDT
Committed 252395@main (12ed8dc6d020): <https://commits.webkit.org/252395@main> Reviewed commits have been landed. Closing PR #2341 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.