Zoltan,
I filed a bug here: https://bugs.webkit.org/show_bug.cgi?id=26164
Stack is originally aligned then jit code destroys it; and, some data structure
or point to double is not aligned and I'm still trying to find where they are.
I'm not sure how the fake stack would be, would you mind explains a bit more?
Did you face same problem?
Thanks also for your articles that gives new ideas.
rgds
joe
--- On Wed, 6/3/09, Zoltan Herczeg <zherc...@inf.u-szeged.hu> wrote:
> From: Zoltan Herczeg <zherc...@inf.u-szeged.hu>
> Subject: Re: [webkit-dev] stack alignment bug
> To: "x yz" <last...@yahoo.com>
> Cc: webkit-dev@lists.webkit.org
> Date: Wednesday, June 3, 2009, 7:35 PM
> Hi,
>
> true, some architectures have strict policies for stack
> handling. Perhaps
> the worst one is PowerPC with its organized stack frame
> (back chains,
> pre-defined register save areas, etc). I think a fake stack
> pointer for
> JIT can solve the x86 compatibility problem.
>
> 1) allocate enough aligned stack space for the worst case
> when you enter
> to JIT
> 2) the fake stack pointer should use this pre-allocated
> stack frame.
>
> Zoltan
>
> > I don't know how to file bug so I posted here.
> > In privateCompileCTIMachineTrampolines() there are
> multiple align() to
> > align code on 16byte margin, yet, the stack can be put
> on 32bit margin
> > that causes crush.
> > Suppose original stack is aligned to 8/16bytes, the
> above function
> > frequently pop/push regT3 that makes stack
> mis-aligned. Then int to double
> > conversion uses stack that will fail.
> > rgds
> > joe
>
>
>
_______________________________________________
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
