On 03/27/2015 11:18 AM, obastemur wrote:
I do have a strange case where jsval_layout.asBits == 18445195965632677715 (JS
STRING TAG) this number MOD 8 == 3 hence something is wrong. BTW; no matter
what the number is the same. Seems this problem happens in the same order.
As far as I've tracked from the debug sessions, this string object is created
inside the JS land which I don't have much control.
Any advice on tracking the root of this devil ?
Should this be a string in the first place? What is accessing it when it
crashes? Seems like memory corruption; perhaps this is a slot in an
object that gets garbage collected and some of its memory reused for
something else. 0x10753 is certainly an odd value, though.
If it occurs at the same memory location, you can set a hardware
watchpoint on it and see when it changes to the invalid value. (If you
can run under rr, you can even run it backwards from the crash and see
what the last change to it was immediately. Otherwise, if that memory
location changes frequently, you may need to continue lots of times. gdb
is good for scripting such things.)
_______________________________________________
dev-tech-js-engine-internals mailing list
dev-tech-js-engine-internals@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-js-engine-internals
