[webkit-dev] Disabling the 32-bit JITs by default.

Filip Pizlo fpizlo at apple.com
Mon Feb 19 11:05:27 PST 2018 

> On Feb 19, 2018, at 10:53 AM, Guillaume Emont <guijemont at igalia.com> wrote:
> 
> Hi Keith,
> 
> We at Igalia have been trying to provide a better story for 32-bit
> platforms, in particular for Armv7 and MIPS. These platforms are very
> important to us, and disabling JIT renders many use cases impossible.

What use cases?

I realize that having a JIT is good for marketing, but it’s better to have a stable and well-maintained interpreter than a decrepit JIT.  Right now the 32-bit JIT is basically unmaintained.

> We
> want to continue this effort to support these platforms. We have been
> short on resources for that effort, which is why we did not realize
> early enough that more mitigation was needed for 32-bit platforms. We
> now have grown our team dedicated to this and we are hopeful that we
> will avoid that kind of issue in the future.

I feel like I’ve heard this exact story before.  Every time we say that there isn’t any effort going into 32-bit, y’all say that you’ll put more effort into it Real Soon Now.  And then nothing happens, and we have the same conversation in 6 months.

> 
> We are working on a plan to mitigate Spectre on 32-bit platforms. We
> would welcome community feedback on that, as well as what kinds of
> mitigations would be considered sufficient.
> 
> Regarding your patch, I think you should note that some specific 32-bit
> CPUs are immune to Spectre (at least the Raspberry Pi[1] and some
> MIPS[2] devices), I think the deactivation should be done at run-time
> for CPUs not on a white list.

Keith’s main point is that the presence of 32-bit makes it harder to implement mitigations for 64-bit.  I don’t think it’s justifiable to hold back development of 64-bit Spectre mitigations because of a hardly-used and mostly-broken 32-bit JIT port that will be maintained by someone Real Soon Now.

-Filip


> 
> Best regards,
> 
> Guilaume Emont and the Igalia compilers team
> 
> [1] https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
> [2] https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/
> 
> Quoting Keith Miller (2018-02-16 16:58:07)
>> I recently created a patch to disable the 32-bit JITs by default. https://bugs.webkit.org/show_bug.cgi?id=182886. 
>> 
>> The last time this was discussed was before the discovery of Spectre. In the interim, there have been a number of changes made to JavaScriptCore in an attempt to mitigate Spectre. Nobody has proposed a mitigation plan for 32-bit WebKit. For example, pointer poisoning only works for 64-bit processors as they currently have a number of high bits that will never be set in a valid pointer. In 32-bit code the full address space is mappable so pointer poisoning is not guaranteed to be effective.
>> 
>> Given the importance of developing mitigations for Spectre in a timely manner I think we should disable 32-bit JITs, in the near term, but more likely permanently.
>> 
>> Thoughts?
>> Keith
>> _______________________________________________
>> webkit-dev mailing list
>> webkit-dev at lists.webkit.org
>> https://lists.webkit.org/mailman/listinfo/webkit-dev
>> 
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> https://lists.webkit.org/mailman/listinfo/webkit-dev

More information about the webkit-dev mailing list