RESOLVED FIXED 126188
CStack: Fix JSStack::grow(), shrink(), growSlowCase(), and setStackLimit(). 
https://bugs.webkit.org/show_bug.cgi?id=126188
Summary CStack: Fix JSStack::grow(), shrink(), growSlowCase(), and setStackLimit().
Mark Lam
Reported 2013-12-23 16:15:07 PST
These functions were inappropriately mixing "end" and "top" pointer idioms. Specifically: 1. growSlowCase() was comparing a newEnd pointer against m_commitTop, and using this to compute the size that the stack needs to grow. 2. shrink() was wrongly computing excess capacity by subtracting baseOfStack() (which is at high memory) from m_commitTop (which points to lower memory). Also, baseOfStack() is an "end" pointer while m_commitTop is a "top" pointer. This is a mismatch. To fix this and simplify the code a bit, I changed all of these functions to take a newTopOfStack pointer instead of a newEnd pointer, and adjusted their callers where needed to pass the appropropriate pointer values.
Attachments
the patch. (5.72 KB, patch)
2013-12-23 16:17 PST, Mark Lam 		ggaren: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mark Lam
Comment 1 2013-12-23 16:17:48 PST
Created attachment 219939 [details] the patch.
Mark Lam
Comment 2 2013-12-23 16:22:21 PST
Landed in r161036 on the jsCStack branch: <http://trac.webkit.org/r161036>.
Geoffrey Garen
Comment 3 2014-01-13 17:43:20 PST
Comment on attachment 219939 [details] the patch. r=me
Mark Lam
Comment 4 2014-01-13 17:58:32 PST
Thanks. Review status updated in r161934 on the jsCStack branch: <http://trac.webkit.org/r161934>.
Note You need to log in before you can comment on or make changes to this bug.