Summary: | Fix a bug in SlotVisitor::reportZappedCellAndCrash() and also capture more information. | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Mark Lam <mark.lam> | ||||||
Component: | JavaScriptCore | Assignee: | Mark Lam <mark.lam> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | ews-watchlist, keith_miller, msaboff, saam, tzagallo, webkit-bug-importer, ysuzuki | ||||||
Priority: | P2 | Keywords: | InRadar | ||||||
Version: | WebKit Nightly Build | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Attachments: |
|
Description
Mark Lam
2019-08-30 10:42:05 PDT
Created attachment 377745 [details]
proposed patch.
Created attachment 377747 [details]
proposed patch.
Comment on attachment 377747 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=377747&action=review r=me > Source/JavaScriptCore/heap/SlotVisitor.cpp:-829 > - uint32_t* cellWords = reinterpret_cast_ptr<uint32_t*>(this); Fun! > Source/JavaScriptCore/heap/SlotVisitor.cpp:835 > + uint64_t headerWord = cellWords[0]; > + uint64_t zapReasonAndMore = cellWords[1]; Looks nice extension. At least, we can access 16bytes :) Thanks for the review. Landed in r249345: <http://trac.webkit.org/r249345>. |