[Webkit-unassigned] [Bug 85076] ARM JIT causes segmentation fault on javascript-heavy pages

Mon Apr 30 15:29:44 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=85076

--- Comment #10 from Zoltan Herczeg <zherczeg at webkit.org>  2012-04-30 15:29:45 PST ---
> Yes, I agree it looks strange that it is jumping right into the middle of a function.

Unlikely. I think this is simply the closest symbol gdb can find. 1536 is just too big.

Could you check the other constants? These are fallback functions, following each other one-by-one:

   0x49f0ead4:    blx    r8
   0x49f0ead8:    b    0x49f0d0d0
--- fallback
   0x49f0eadc:    mov    r0, sp
   0x49f0eae0:    str    r4, [sp, #3118288]    ; 0x60
   0x49f0eae4:    ldr    r3, [pc, #33757136]    ; 0x49f0ed3c
   0x49f0eae8:    str    r4, [r3]
   0x49f0eaec:    ldr    r8, [pc, #33757136]    ; 0x49f0ed40
   0x49f0eaf0:    blx    r8
   0x49f0eaf4:    b    0x49f0b164
--- fallback
   0x49f0eaf8:    mov    r2, lr
   0x49f0eafc:    str    r2, [r4, #-3118288]
   0x49f0eb00:    ldr    r8, [pc, #33757136]    ; 0x49f0ed48

They all have such sequence:
   0x49f0eaec:    ldr    r8, [pc, #33757136]    ; 0x49f0ed40
   0x49f0eaf0:    blx    r8

Could you check whether their constant points to a valid function? So this is the only exception or something totally messed up in the constant pool.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.