[Webkit-unassigned] [Bug 129429] [Win32][LLINT] Crash when running JSC stress tests.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 27 10:55:08 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=129429
--- Comment #11 from Geoffrey Garen <ggaren at apple.com> 2014-02-27 10:52:13 PST ---
(From update of attachment 225383)
View in context: https://bugs.webkit.org/attachment.cgi?id=225383&action=review
> Source/JavaScriptCore/jit/AssemblyHelpers.cpp:93
> + // Dummy operation to make sure the system commits memory, and moves the guard page.
I think this is the key misunderstanding in this patch.
What the Microsoft doc says is, "... the reserved size minus one page (which is used as a guard page to prevent stack overflow)". So, the guard page starts out at the end of the reserved space, and is not moved by incremental virtual memory commits.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list