Title: [242301] trunk/Source/_javascript_Core
- Revision
- 242301
- Author
- sbar...@apple.com
- Date
- 2019-03-01 17:33:17 -0800 (Fri, 01 Mar 2019)
Log Message
Create SPI to crash if a JSC VM is created
https://bugs.webkit.org/show_bug.cgi?id=195231
<rdar://problem/47717990>
Reviewed by Mark Lam.
* API/JSVirtualMachine.mm:
(+[JSVirtualMachine setCrashOnVMCreation:]):
* API/JSVirtualMachinePrivate.h:
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::VM::setCrashOnVMCreation):
* runtime/VM.h:
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/API/JSVirtualMachine.mm (242300 => 242301)
--- trunk/Source/_javascript_Core/API/JSVirtualMachine.mm 2019-03-02 01:18:13 UTC (rev 242300)
+++ trunk/Source/_javascript_Core/API/JSVirtualMachine.mm 2019-03-02 01:33:17 UTC (rev 242301)
@@ -302,6 +302,11 @@
return *toJS(m_group);
}
++ (void)setCrashOnVMCreation:(BOOL)shouldCrash
+{
+ JSC::VM::setCrashOnVMCreation(shouldCrash);
+}
+
@end
static void scanExternalObjectGraph(JSC::VM& vm, JSC::SlotVisitor& visitor, void* root, bool lockAcquired)
Modified: trunk/Source/_javascript_Core/API/JSVirtualMachinePrivate.h (242300 => 242301)
--- trunk/Source/_javascript_Core/API/JSVirtualMachinePrivate.h 2019-03-02 01:18:13 UTC (rev 242300)
+++ trunk/Source/_javascript_Core/API/JSVirtualMachinePrivate.h 2019-03-02 01:33:17 UTC (rev 242301)
@@ -73,6 +73,13 @@
*/
+ (NSUInteger)setNumberOfFTLCompilerThreads:(NSUInteger)numberOfThreads JSC_API_AVAILABLE(macosx(10.14), ios(12.0));
+/*!
+@method
+@abstract Allows embedders of JSC to specify that JSC should crash the process if a VM is created when unexpected.
+@param shouldCrash Sets process-wide state that indicates whether VM creation should crash or not.
+*/
++ (void)setCrashOnVMCreation:(BOOL)shouldCrash;
+
#endif // ENABLE(DFG_JIT)
@end
Modified: trunk/Source/_javascript_Core/ChangeLog (242300 => 242301)
--- trunk/Source/_javascript_Core/ChangeLog 2019-03-02 01:18:13 UTC (rev 242300)
+++ trunk/Source/_javascript_Core/ChangeLog 2019-03-02 01:33:17 UTC (rev 242301)
@@ -1,3 +1,19 @@
+2019-03-01 Saam Barati <sbar...@apple.com>
+
+ Create SPI to crash if a JSC VM is created
+ https://bugs.webkit.org/show_bug.cgi?id=195231
+ <rdar://problem/47717990>
+
+ Reviewed by Mark Lam.
+
+ * API/JSVirtualMachine.mm:
+ (+[JSVirtualMachine setCrashOnVMCreation:]):
+ * API/JSVirtualMachinePrivate.h:
+ * runtime/VM.cpp:
+ (JSC::VM::VM):
+ (JSC::VM::setCrashOnVMCreation):
+ * runtime/VM.h:
+
2019-03-01 Yusuke Suzuki <ysuz...@apple.com>
[JSC] Fix FTL build on ARM32_64 by adding stubs for JSRopeString::offsetOfXXX
Modified: trunk/Source/_javascript_Core/runtime/VM.cpp (242300 => 242301)
--- trunk/Source/_javascript_Core/runtime/VM.cpp 2019-03-02 01:18:13 UTC (rev 242300)
+++ trunk/Source/_javascript_Core/runtime/VM.cpp 2019-03-02 01:33:17 UTC (rev 242301)
@@ -256,6 +256,7 @@
}
}
+static bool vmCreationShouldCrash = false;
VM::VM(VMType vmType, HeapType heapType)
: m_id(nextID())
@@ -330,6 +331,9 @@
, m_primitiveGigacageEnabled(IsWatched)
, m_controlFlowProfilerEnabledCount(0)
{
+ if (UNLIKELY(vmCreationShouldCrash))
+ CRASH_WITH_INFO(0x4242424220202020, 0xbadbeef0badbeef, 0x1234123412341234, 0x1337133713371337);
+
interpreter = new Interpreter(*this);
StackBounds stack = Thread::current().stack();
updateSoftReservedZoneSize(Options::softReservedZoneSize());
@@ -1315,4 +1319,9 @@
return entryScope->globalObject();
}
+void VM::setCrashOnVMCreation(bool shouldCrash)
+{
+ vmCreationShouldCrash = shouldCrash;
+}
+
} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/VM.h (242300 => 242301)
--- trunk/Source/_javascript_Core/runtime/VM.h 2019-03-02 01:18:13 UTC (rev 242300)
+++ trunk/Source/_javascript_Core/runtime/VM.h 2019-03-02 01:33:17 UTC (rev 242301)
@@ -885,6 +885,8 @@
JS_EXPORT_PRIVATE void setRunLoop(CFRunLoopRef);
#endif // USE(CF)
+ static void setCrashOnVMCreation(bool);
+
class DeferExceptionScope {
public:
DeferExceptionScope(VM& vm)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
