Bug 121118 - MapData has some issues
Summary: MapData has some issues
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Hahnenberg
URL:
Keywords:
Depends on:
Blocks: 121074
  Show dependency treegraph
 
Reported: 2013-09-10 13:46 PDT by Mark Hahnenberg
Modified: 2013-09-12 10:57 PDT (History)
1 user (show)

See Also:

Attachments
Patch (9.20 KB, patch)
2013-09-10 15:08 PDT, Mark Hahnenberg 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Hahnenberg 2013-09-10 13:46:47 PDT 
In copyBackingStore, when we reassign the newly copied backing store, we set the capacity to the size in bytes of the backing store. This makes us think we're way bigger than we actually are.

Additionally, in visitChildren, we pass the size of the MapData to copyLater(), when we should be passing capacity * sizeof(Entry).

I'll add some ASSERTs that should catch this sort of thing in the future.
Comment 1 Mark Hahnenberg 2013-09-10 15:08:17 PDT 
Created attachment 211250 [details]
Patch
Comment 2 Geoffrey Garen 2013-09-10 15:13:14 PDT 
Comment on attachment 211250 [details]
Patch

r=me

Will the ASSERTs fire in our existing tests, or do we need a new test?
Comment 3 Mark Hahnenberg 2013-09-10 15:13:37 PDT 
(In reply to comment #2)
> (From update of attachment 211250 [details])
> r=me
> 
> Will the ASSERTs fire in our existing tests, or do we need a new test?

They fire in our existing tests.
Comment 4 WebKit Commit Bot 2013-09-10 15:56:22 PDT 
Comment on attachment 211250 [details]
Patch

Clearing flags on attachment: 211250

Committed r155487: <http://trac.webkit.org/changeset/155487>
Comment 5 WebKit Commit Bot 2013-09-10 15:56:23 PDT 
All reviewed patches have been landed.  Closing bug.