Changeset 165128 in webkit
- Timestamp:
- Mar 5, 2014 1:57:26 PM (10 years ago)
- Location:
- trunk/Source
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r165121 r165128 1 2014-03-05 peavo@outlook.com <peavo@outlook.com> 2 3 [Win32][LLINT] Crash when running JSC stress tests. 4 https://bugs.webkit.org/show_bug.cgi?id=129429 5 6 On Windows the reserved stack space consists of committed memory, a guard page, and uncommitted memory, 7 where the guard page is a barrier between committed and uncommitted memory. 8 When data from the guard page is read or written, the guard page is moved, and memory is committed. 9 This is how the system grows the stack. 10 When using the C stack on Windows we need to precommit the needed stack space. 11 Otherwise we might crash later if we access uncommitted stack memory. 12 This can happen if we allocate stack space larger than the page guard size (4K). 13 The system does not get the chance to move the guard page, and commit more memory, 14 and we crash if uncommitted memory is accessed. 15 The MSVC compiler fixes this by inserting a call to the _chkstk() function, 16 when needed, see http://support.microsoft.com/kb/100775. 17 18 Reviewed by Geoffrey Garen. 19 20 * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh: Enable LLINT. 21 * jit/Repatch.cpp: 22 (JSC::writeBarrier): Compile fix when DFG_JIT is not enabled. 23 * offlineasm/x86.rb: Compile fix, and small simplification. 24 * runtime/VM.cpp: 25 (JSC::preCommitStackMemory): Added function to precommit stack memory. 26 (JSC::VM::updateStackLimit): Call function to precommit stack memory when stack limit is updated. 27 1 28 2014-03-05 Michael Saboff <msaboff@apple.com> 2 29 -
trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh
r164164 r165128 30 30 # When enabling LLINT and switching to the x86 backend, use "LowLevelInterpreterWin.asm" as output file when running asm.rb. 31 31 32 /usr/bin/env ruby "${SRCROOT}/offlineasm/asm.rb" "${SRCROOT}/llint/LowLevelInterpreter.asm" "${BUILT_PRODUCTS_DIR}/LLIntOffsetsExtractor/LLIntOffsetsExtractor${3}.exe" "L LIntAssembly.h" || exit 132 /usr/bin/env ruby "${SRCROOT}/offlineasm/asm.rb" "${SRCROOT}/llint/LowLevelInterpreter.asm" "${BUILT_PRODUCTS_DIR}/LLIntOffsetsExtractor/LLIntOffsetsExtractor${3}.exe" "LowLevelInterpreterWin.asm" || exit 1 -
trunk/Source/JavaScriptCore/jit/Repatch.cpp
r164971 r165128 825 825 ASSERT(owner != scratch2); 826 826 827 #if ENABLE(DFG_JIT) 827 828 MacroAssembler::Jump definitelyNotMarked = DFG::SpeculativeJIT::genericWriteBarrier(jit, owner); 829 #endif 828 830 MacroAssembler::Call call = storeToWriteBarrierBuffer(jit, owner, scratch1, scratch2, allocator); 831 #if ENABLE(DFG_JIT) 829 832 definitelyNotMarked.link(&jit); 833 #endif 830 834 return call; 831 835 } -
trunk/Source/JavaScriptCore/offlineasm/x86.rb
r164612 r165128 415 415 416 416 def x86Operand(kind) 417 if !isIntelSyntax || kind != :double417 if !isIntelSyntax 418 418 x86AddressOperand(:ptr) 419 419 else … … 1327 1327 end 1328 1328 op = operands[0].x86CallOperand(:ptr) 1329 if isMSVC && ( /\Allint_/.match(op) || /\Aslow_path/.match(op))1329 if isMSVC && (operands[0].is_a? LabelReference) 1330 1330 writeSymbolToFile(op) 1331 1331 end -
trunk/Source/JavaScriptCore/runtime/VM.cpp
r165005 r165128 750 750 } 751 751 752 #if PLATFORM(WIN) 753 // On Windows the reserved stack space consists of committed memory, a guard page, and uncommitted memory, 754 // where the guard page is a barrier between committed and uncommitted memory. 755 // When data from the guard page is read or written, the guard page is moved, and memory is committed. 756 // This is how the system grows the stack. 757 // When using the C stack on Windows we need to precommit the needed stack space. 758 // Otherwise we might crash later if we access uncommitted stack memory. 759 // This can happen if we allocate stack space larger than the page guard size (4K). 760 // The system does not get the chance to move the guard page, and commit more memory, 761 // and we crash if uncommitted memory is accessed. 762 // The MSVC compiler fixes this by inserting a call to the _chkstk() function, 763 // when needed, see http://support.microsoft.com/kb/100775. 764 // By touching every page up to the stack limit with a dummy operation, 765 // we force the system to move the guard page, and commit memory. 766 767 static void preCommitStackMemory(void* stackLimit) 768 { 769 const int pageSize = 4096; 770 for (volatile char* p = reinterpret_cast<char*>(&stackLimit); p > stackLimit; p -= pageSize) { 771 char ch = *p; 772 *p = ch; 773 } 774 } 775 #endif 776 752 777 inline void VM::updateStackLimit() 753 778 { 779 #if PLATFORM(WIN) 780 void* lastStackLimit = m_stackLimit; 781 #endif 782 754 783 if (m_stackPointerAtVMEntry) { 755 784 ASSERT(wtfThreadData().stack().isGrowingDownward()); … … 770 799 } 771 800 801 #if PLATFORM(WIN) 802 if (lastStackLimit != m_stackLimit) 803 preCommitStackMemory(m_stackLimit); 804 #endif 772 805 } 773 806 -
trunk/Source/WTF/ChangeLog
r165067 r165128 1 2014-03-05 peavo@outlook.com <peavo@outlook.com> 2 3 [Win32][LLINT] Crash when running JSC stress tests. 4 https://bugs.webkit.org/show_bug.cgi?id=129429 5 6 Reviewed by Geoffrey Garen. 7 8 * wtf/Platform.h: Enable LLINT on Win32. 9 1 10 2014-03-04 Zan Dobersek <zdobersek@igalia.com> 2 11 -
trunk/Source/WTF/wtf/Platform.h
r165067 r165128 641 641 && (CPU(X86) || CPU(X86_64) || CPU(ARM) || CPU(ARM64) || CPU(MIPS)) \ 642 642 && !OS(WINCE) \ 643 && ! OS(WINDOWS)643 && !(OS(WINDOWS) && CPU(X86_64)) 644 644 #define ENABLE_JIT 1 645 645 #endif … … 694 694 #if !defined(ENABLE_LLINT) \ 695 695 && ENABLE(JIT) \ 696 && (OS(DARWIN) || OS(LINUX) || OS(FREEBSD) ) \697 && ((OS(DARWIN) && !PLATFORM(EFL)) || PLATFORM(GTK) ) \696 && (OS(DARWIN) || OS(LINUX) || OS(FREEBSD) || OS(WINDOWS)) \ 697 && ((OS(DARWIN) && !PLATFORM(EFL)) || PLATFORM(GTK) || PLATFORM(WIN)) \ 698 698 && (CPU(X86) || CPU(X86_64) || CPU(ARM_THUMB2) || CPU(ARM_TRADITIONAL) || CPU(ARM64) || CPU(MIPS) || CPU(SH4)) 699 699 #define ENABLE_LLINT 1 … … 784 784 785 785 /* Configure the interpreter */ 786 #if COMPILER(GCC) 786 #if COMPILER(GCC) || COMPILER(MSVC) 787 787 #define HAVE_COMPUTED_GOTO 1 788 788 #endif
Note: See TracChangeset
for help on using the changeset viewer.