Bug 242600 - [ARMv7] SHOULD NEVER BE REACHED in Expected<JSC::Wasm::PageCount, JSC::Wasm::Memory::GrowFailReason> JSC::Wasm::Memory::growShared(JSC::Wasm::PageCount)
Summary: [ARMv7] SHOULD NEVER BE REACHED in Expected<JSC::Wasm::PageCount, JSC::Wasm::...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Yusuke Suzuki
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-07-11 12:29 PDT by Mikhail R. Gadelha
Modified: 2022-07-12 15:36 PDT (History)
3 users (show)

See Also:

Attachments
Testcase (121 bytes, text/javascript)
2022-07-11 12:29 PDT, Mikhail R. Gadelha 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail R. Gadelha 2022-07-11 12:29:09 PDT 
Created attachment 460796 [details]
Testcase

Found by Igalia Fuzzing Campaign.

The attached test case fails with the following message:

SHOULD NEVER BE REACHED
WebKit//Source/JavaScriptCore/wasm/WasmMemory.cpp(503) : Expected<JSC::Wasm::PageCount, JSC::Wasm::Memory::GrowFailReason> JSC::Wasm::Memory::growShared(JSC::Wasm::PageCount)
Comment 1 Radar WebKit Bug Importer 2022-07-11 12:29:21 PDT 
<rdar://problem/96836953>
Comment 2 Yusuke Suzuki 2022-07-12 14:06:50 PDT 
This crash is because ARMv7 port incorrectly enabled shared Wasm memory.
This does not happen in ARM64 and x64.
Comment 3 Yusuke Suzuki 2022-07-12 14:07:04 PDT 
Changing it to normal bug since it is release-assert.
Comment 4 Yusuke Suzuki 2022-07-12 14:21:48 PDT 
This is ARMv7 specific Linux only issue by https://github.com/WebKit/WebKit/commit/b58fb7e9473cc9227e4d52d17e93f25a3970522e
Comment 5 Yusuke Suzuki 2022-07-12 14:31:16 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/2341
Comment 6 EWS 2022-07-12 15:36:28 PDT 
Committed 252395@main (12ed8dc6d020): <https://commits.webkit.org/252395@main>

Reviewed commits have been landed. Closing PR #2341 and removing active labels.