[Webkit-unassigned] [Bug 77712] New: [JSC] Range of cache flush is not guaranteed by Linux kernel

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 2 21:28:30 PST 2012 

https://bugs.webkit.org/show_bug.cgi?id=77712

           Summary: [JSC] Range of cache flush is not guaranteed by Linux
                    kernel
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: hojong.han at samsung.com


Current MetaAllocator concept, always coalesces adjacent free spaces, doesn't meet memory management of Linux kernel.
In a certain case Linux kernel doesn't regard contiguous virtual memory areas as one but two.

Let's assume that mmap is called by MetaAllocator three times like below.

1. 8KB allocated from 0x41000000 to 0x41002000 by the 1st mmap call
2. 8KB allocated from 0x41004000 to 0x41006000 by the 2nd mmap call
3. 8KB allocated from 0x41002000 to 0x41004000 by the 3rd mmap call

These virtual memory areas(VMAs) above are contiguous from 0x41000000 to 0x41006000,
but the kernel merges only the third allocated 8KB with the first allocated 8KB although the second one is adjacent to the third.
Because newly allocated VMA can be coalesced with the previously allocated 
and it's not allowed between previously allocated VMAs which internally have different information about annoymous pages.

But current MetaAllocator is not considered on this kernel operation,
thereby it just coalesces adjacent spaces when those are freed.

This different mergence operation between MetaAllocator and Linux kernel finally causes the problem during cache flush.
MetaAllocator hands over coalesced free space that the kernel regards it just as parts of two separated VMAs.
The free space, coalesced by MetaAllocator, will be filled with JIT and cache flush will be run before the execution.
At that time the flush range of the coalesced space is not guaranteed by kernel.
It means inconsistency of data and instruction cache, and nobody knows what happens when this JIT code runs.

The bottom line is that routines, handling this kernel operation, is necessary in MetaAllocator.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list