I recently created a patch to disable the 32-bit JITs by default. https://bugs.webkit.org/show_bug.cgi?id=182886.
The last time this was discussed was before the discovery of Spectre. In the interim, there have been a number of changes made to JavaScriptCore in an attempt to mitigate Spectre. Nobody has proposed a mitigation plan for 32-bit WebKit. For example, pointer poisoning only works for 64-bit processors as they currently have a number of high bits that will never be set in a valid pointer. In 32-bit code the full address space is mappable so pointer poisoning is not guaranteed to be effective. Given the importance of developing mitigations for Spectre in a timely manner I think we should disable 32-bit JITs, in the near term, but more likely permanently. Thoughts? Keith _______________________________________________ webkit-dev mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-dev
