Skip to site navigation (Press enter)

[webkit-changes] [259953] releases/WebKitGTK/webkit-2.28/Source/JavaScriptCore

carlosgc Sun, 12 Apr 2020 06:04:46 -0700

Title: [259953] releases/WebKitGTK/webkit-2.28/Source/_javascript_Core

Revision: 259953
Author: [email protected]
Date: 2020-04-12 06:03:27 -0700 (Sun, 12 Apr 2020)

Log Message

Merge r258717 - sanitizeStackForVMImpl writes below stack pointer, triggers huge warning spam from valgrind
https://bugs.webkit.org/show_bug.cgi?id=199295


Reviewed by Mark Lam.

During sanitizeStackForVMImpl, we should not access to the region beyond the stack-pointer.
This patch changes stack-pointer while sanitizeStackForVMImpl is zero-filling the old stack region.

* llint/LowLevelInterpreter.asm:

Modified Paths

releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/ChangeLog
releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/llint/LowLevelInterpreter.asm

Diff

Modified: releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/ChangeLog (259952 => 259953)


--- releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/ChangeLog	2020-04-12 13:03:23 UTC (rev 259952)
+++ releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/ChangeLog	2020-04-12 13:03:27 UTC (rev 259953)
@@ -1,3 +1,15 @@
+2020-03-18  Yusuke Suzuki  <[email protected]>
+
+        sanitizeStackForVMImpl writes below stack pointer, triggers huge warning spam from valgrind
+        https://bugs.webkit.org/show_bug.cgi?id=199295
+
+        Reviewed by Mark Lam.
+
+        During sanitizeStackForVMImpl, we should not access to the region beyond the stack-pointer.
+        This patch changes stack-pointer while sanitizeStackForVMImpl is zero-filling the old stack region.
+
+        * llint/LowLevelInterpreter.asm:
+
 2020-03-09  Caio Lima  <[email protected]>
 
         Tail calls are broken on ARM_THUMB2 and MIPS

Modified: releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/llint/LowLevelInterpreter.asm (259952 => 259953)


--- releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/llint/LowLevelInterpreter.asm	2020-04-12 13:03:23 UTC (rev 259952)
+++ releases/WebKitGTK/webkit-2.28/Source/_javascript_Core/llint/LowLevelInterpreter.asm	2020-04-12 13:03:27 UTC (rev 259953)
@@ -1418,22 +1418,26 @@
         if X86 or X86_WIN
             loadp 4[sp], a0
         end
-        const vm = a0
+        const vmOrStartSP = a0
         const address = a1
         const zeroValue = a2
     
-        loadp VM::m_lastStackTop[vm], address
+        loadp vmOrStartSP::m_lastStackTop[vmOrStartSP], address
+        move sp, zeroValue
+        storep zeroValue, vmOrStartSP::m_lastStackTop[vmOrStartSP]
+        move sp, vmOrStartSP
+
         bpbeq sp, address, .zeroFillDone
-    
+        move address, sp
+
         move 0, zeroValue
     .zeroFillLoop:
         storep zeroValue, [address]
         addp PtrSize, address
-        bpa sp, address, .zeroFillLoop
+        bpa vmOrStartSP, address, .zeroFillLoop
 
     .zeroFillDone:
-        move sp, address
-        storep address, VM::m_lastStackTop[vm]
+        move vmOrStartSP, sp
         ret
     
     # VMEntryRecord* vmEntryRecord(const EntryFrame* entryFrame)

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes