RESOLVED FIXED 147561
jsc-tailcall: Kraken/stanford-crypto-ccm crashes 
https://bugs.webkit.org/show_bug.cgi?id=147561
Summary jsc-tailcall: Kraken/stanford-crypto-ccm crashes
Basile Clement
Reported 2015-08-03 09:43:00 PDT
That was an interesting one. When performing a tail call, we are stack-aligning the *top* of the caller frame instead of stack-aligning the *bottom* of that frame. This means that when we do a tail call with a different parity from the parity of the tail caller, we are overwriting part of the tail caller's caller locals. Patch forthcoming.
Attachments
Patch (8.61 KB, patch)
2015-08-03 11:09 PDT, Basile Clement 		no flags
DetailsFormatted DiffDiff
Patch (7.17 KB, patch)
2015-08-03 13:54 PDT, Basile Clement 		msaboff: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Basile Clement
Comment 1 2015-08-03 11:09:32 PDT
Created attachment 258082 [details] Patch
Basile Clement
Comment 2 2015-08-03 11:30:33 PDT
Let's actually implement a full fix.
Basile Clement
Comment 3 2015-08-03 13:54:51 PDT
Created attachment 258108 [details] Patch
Michael Saboff
Comment 4 2015-08-03 14:36:30 PDT
Comment on attachment 258108 [details] Patch r=me Do add the call varargs test as we discussed.
Basile Clement
Comment 5 2015-08-03 14:40:06 PDT
Commited in r187767 <http://trac.webkit.org/changeset/187767>.
Note You need to log in before you can comment on or make changes to this bug.