Bug 115305

Summary: REGRESSION(r149114): cache flush for SH4 arch may flush an extra page
Product: WebKit Reporter: Julien Brianceau <jbriance>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, fpizlo, mark.lam, oliver
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Linux   
Attachments:
Description Flags
Correct last page computation in SH4 cacheFlush function none

Description Julien Brianceau 2013-04-27 05:52:43 PDT
Since r149114, the following JavaScriptCore test crashes (sh4 arch):

# ./jsc -s jsctest/js1_2/shell.js -s jsctest/js1_2/regexp/string_replace.js
Executing script: string_replace.js
As described in Netscape doc "Whats new in JavaScript 1.2" String: replace
Unable to handle kernel paging request at virtual address 2c41f000
pc = 8080efb2
*pde = 87f54000
*pte = 00000000
Oops: 0000 [#1]
last sysfs file: /sys/devices/virtual/bpamem/bpamem31/dev
Modules linked in: bpamem silencegen platform stmalloc sth264pp player2 stm_monitor stmdvb pti stv090x pseudocard stm_v4l2 p2div64 ksound mmelog avs mme_host embxshm embxmailbox embxshell stmfb stmcore_display_sti7105 autofs4 e2_proc
Pid : 1508, Comm:               jsc
CPU : 0                 Not tainted  (2.6.32.28_stm24_0207 #54)
PC is at sh4__flush_wback_region+0x32/0xa0
PR is at sys_cacheflush+0xec/0x140
PC  : 8080efb2 SP  : 876e1f80 SR  : 40008000 TEA : c10f8a6c
R0  : 00000080 R1  : 2c41f000 R2  : 00000010 R3  : 2c41f000
R4  : 2c41f000 R5  : 000000c0 R6  : 000000e0 R7  : 00000100
R8  : 000000a0 R9  : 00000080 R10 : 00000002 R11 : 2c420000
R12 : 000000bc R13 : 006e63cc R14 : 000000c0
MACH: 00000200 MACL: 00000120 GBR : 2adec278 PR  : 8080678c

Call trace:
[<80809920>] syscall_call+0xa/0xe
[<808066a0>] sys_cacheflush+0x0/0x140
 
Process: jsc (pid: 1508, stack limit = 876e0001)
Stack: (0x876e1f80 to 0x876e2000)
1f80: 00001000 2c41f000 0000000e 80809920 00000594 00000000 00000071 00000100
1fa0: 808066a0 7b9ceddc 00685b56 0000000b 0000007b 2c41f000 00001000 0000000e
1fc0: 7b9cedf0 2c41f000 006e63c0 2c41f000 2c41ef40 00705994 006e63cc 000000c0
1fe0: 7b9ceda0 2ad2f6d2 004509e8 00000000 2adec278 00000200 00000120 0000005c
---[ end trace 3d575c0af2b1d83a ]---


I'll submit a fix soon.
Comment 1 Julien Brianceau 2013-04-27 06:05:43 PDT
Created attachment 199901 [details]
Correct last page computation in SH4 cacheFlush function
Comment 2 WebKit Commit Bot 2013-04-27 11:24:20 PDT
Comment on attachment 199901 [details]
Correct last page computation in SH4 cacheFlush function

Clearing flags on attachment: 199901

Committed r149240: <http://trac.webkit.org/changeset/149240>
Comment 3 WebKit Commit Bot 2013-04-27 11:24:22 PDT
All reviewed patches have been landed.  Closing bug.