Bug 43910

Summary: The scratch register should be saved in YARR with ARM JIT
Product: WebKit Reporter: Gabor Loki <loki>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Critical CC: barraclough, benjamin, commit-queue, eric, hausmann, jturcotte
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: All   
Attachments:
Description Flags
The scratch register should be saved in YARR with ARM JIT hausmann: review+, loki: commit-queue-

Gabor Loki
Reported 2010-08-12 05:46:54 PDT
It looks like the scratch register (S0 == r8) is not saved before entering YARR JIT on ARM.
Attachments
The scratch register should be saved in YARR with ARM JIT (1.91 KB, patch)
2010-08-12 05:50 PDT, Gabor Loki 		hausmann: review+
loki: commit-queue-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Gabor Loki
Comment 1 2010-08-12 05:50:40 PDT
Created attachment 64215 [details] The scratch register should be saved in YARR with ARM JIT
Jocelyn Turcotte
Comment 2 2010-08-12 06:12:09 PDT
A bit of context for future reference: This was causing a crash of QtWebKit on the N900 in release at the following stack trace: Program received signal SIGSEGV, Segmentation fault. JSC::RegExp::match (this=0x448ce300, s=..., startOffset=0, ovector=0x44935e58) at ../../webkit/JavaScriptCore/wtf/RefPtr.h:60 60 T* get() const { return m_ptr; } (gdb) bt #0 JSC::RegExp::match (this=0x448ce300, s=..., startOffset=0, ovector=0x44935e58) at ../../webkit/JavaScriptCore/wtf/RefPtr.h:60 #1 0x412eaa70 in JSC::RegExpObject::match (this=0x44e02900, exec=0x460080c4) at ../../webkit/JavaScriptCore/runtime/RegExpConstructor.h:114 #2 0x412eae94 in JSC::RegExpObject::exec (this=0x28, exec=0x34) at ../../webkit/JavaScriptCore/runtime/RegExpObject.cpp:124 #3 0x412eb818 in regExpProtoFuncExec (exec=0x460080c4) at ../../webkit/JavaScriptCore/runtime/RegExpPrototype.cpp:75 #4 0x43fec34c in ?? () #5 0x43fec34c in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?)
Simon Hausmann
Comment 3 2010-08-12 06:26:14 PDT
Comment on attachment 64215 [details] The scratch register should be saved in YARR with ARM JIT r=me
Gabor Loki
Comment 4 2010-08-12 06:34:04 PDT
Comment on attachment 64215 [details] The scratch register should be saved in YARR with ARM JIT I am going to land it manually.
Gabor Loki
Comment 5 2010-08-12 06:39:23 PDT
Committed revision 65242.
Eric Seidel (no email)
Comment 6 2010-08-12 06:43:02 PDT
You can use webkit-patch mark-bug-fixed to get all the fancy bug updating when you chose to land without webkit-patch land or the cq.
Simon Hausmann
Comment 7 2010-08-12 07:09:01 PDT
Revision r65242 cherry-picked into qtwebkit-2.1 with commit 29b5a48d43c1cca1b875c407f31fd6e1928fc0a6
Benjamin Poulain
Comment 8 2010-08-12 13:08:23 PDT
Thanks Jocelyn and Loki! I will be able to work with trunk on ARM again :)
Note You need to log in before you can comment on or make changes to this bug.