[Webkit-unassigned] [Bug 160337] Crash in JavaScriptCore GC when using JSC on dispatch queues (thread_get_state returns NULL stack pointer)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 11 02:19:55 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=160337
--- Comment #4 from Ben Nham <nham at fb.com> ---
Actually looking at this a bit more, I still don't think thread_get_register_pointer_values will do the right thing. For instance, on x86_64, it returns SP - 128 (taking in to account the red zone underneath the stack pointer):
#elif defined(__x86_64__)
if (sp) *sp = state.__rsp - 128 /* redzone */;
This means that thread_get_register_pointer_values would actually return -128 when state.__rsp is 0x0, which is also an invalid stack pointer.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160811/8ab3f823/attachment.html>
More information about the webkit-unassigned
mailing list