AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
094435b6b6
v8/test/mjsunit/compiler/regress-9017.js
Seth Brenith df8548cd5b Touch guard pages when allocating stack frames 
On Windows, expanding the stack by more than 4 KB at a time can cause
access violations. This change fixes a few known cases (and includes
unit tests for those), and attempts to make stack expansion more
consistent overall by using the AllocateStackSpace helper method
everywhere we can, even when the offset is a small constant.

On arm64, there was already a consistent method for stack pointer
manipulation using the Claim and Drop methods, so Claim is updated to
touch every page.

Bug: v8:9017
Change-Id: I2dbbceeebbdefaf45803e9b621fe83f52234a395
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570666
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61186}
2019-05-02 17:46:18 +00:00

40 lines
1.4 KiB
JavaScript
Raw Blame History

// Copyright 2019 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --noturbo-inlining --noturbo-verify-allocation
// Ensure that very large stack frames can be used successfully.
// The flag --noturbo-verify-allocation is to make this run a little faster; it
// shouldn't affect the behavior.
const frame_size = 4096 * 4; // 4 pages
const num_locals = frame_size / 8; // Assume 8-byte floating point values
function f() { return 0.1; }
// Function g, on positive inputs, will call itself recursively. On negative
// inputs, it does a computation that requires a large number of locals.
// The flag --noturbo-inlining is important to keep the compiler from realizing
// that all of this work is for nothing.
let g_text = "if (input === 0) return; if (input > 0) return g(input - 1);";
g_text += " var inc = f(); var a0 = 0;";
for (let i = 1; i < num_locals; ++i) {
g_text += " var a" + i + " = a" + (i - 1) + " + inc;";
}
g_text += " return f(a0";
for (let i = 1; i < num_locals; ++i) {
g_text += ", a" + i;
}
g_text += ");";
const g = new Function("input", g_text);
%PrepareFunctionForOptimization(g);
g(1);
g(-1);
%OptimizeFunctionOnNextCall(g);
// Use recursion to get past whatever stack space is already committed.
// 20 * 16kB = 320kB, comfortably below the default 1MB stack reservation limit.
g(20);
Reference in New Issue View Git Blame Copy Permalink