RESOLVED FIXED201345
Fix a bug in SlotVisitor::reportZappedCellAndCrash() and also capture more information. 
https://bugs.webkit.org/show_bug.cgi?id=201345
Summary Fix a bug in SlotVisitor::reportZappedCellAndCrash() and also capture more in...
Mark Lam
Reported 2019-08-30 10:42:05 PDT
...
Attachments
proposed patch. (4.30 KB, patch)
2019-08-30 13:53 PDT, Mark Lam 		no flags
DetailsFormatted DiffDiff
proposed patch. (4.43 KB, patch)
2019-08-30 13:56 PDT, Mark Lam 		ysuzuki: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Mark Lam
Comment 1 2019-08-30 13:53:35 PDT
Created attachment 377745 [details] proposed patch.
Mark Lam
Comment 2 2019-08-30 13:56:15 PDT
Created attachment 377747 [details] proposed patch.
Radar WebKit Bug Importer
Comment 3 2019-08-30 13:56:33 PDT
<rdar://problem/54895384>
Yusuke Suzuki
Comment 4 2019-08-30 14:02:14 PDT
Comment on attachment 377747 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=377747&action=review r=me > Source/JavaScriptCore/heap/SlotVisitor.cpp:-829 > - uint32_t* cellWords = reinterpret_cast_ptr<uint32_t*>(this); Fun! > Source/JavaScriptCore/heap/SlotVisitor.cpp:835 > + uint64_t headerWord = cellWords[0]; > + uint64_t zapReasonAndMore = cellWords[1]; Looks nice extension. At least, we can access 16bytes :)
Mark Lam
Comment 5 2019-08-30 14:18:54 PDT
Thanks for the review. Landed in r249345: <http://trac.webkit.org/r249345>.
Note You need to log in before you can comment on or make changes to this bug.