Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c462503e3b3d43264bb009f270d1e9d1f79e3439
https://github.com/WebKit/WebKit/commit/c462503e3b3d43264bb009f270d1e9d1f79e3439
Author: Marcus Plutowski <[email protected]>
Date: 2026-03-05 (Thu, 05 Mar 2026)
Changed paths:
M Source/bmalloc/libpas/src/libpas/jit_heap_config_root_data.h
M Source/bmalloc/libpas/src/libpas/pas_basic_heap_config_root_data.h
M Source/bmalloc/libpas/src/libpas/pas_report_crash_pgm_report.h
M Source/bmalloc/libpas/src/libpas/pas_root.h
Log Message:
-----------
[libpas] Increment pas_crash_report_version
https://bugs.webkit.org/show_bug.cgi?id=309301
rdar://171041439
Reviewed by Dan Hecht.
This is necessary to account for the medium-page-header-table split
that took place in 307140@main. This can cause problems when ReportCrash
attempts to attach to an older Safari build, as it will sometimes
attempt to query PGM information when doing so, which in turn enumerates
libpas. ReportCrash itself would have been built with the system JSC,
and therefore could have a newer or older version of
pas_basic_heap_config_root_data than the target process. In the case
that it has a newer version (e.g. manually building an older Safari on a
newer OS) then this would cause ReportCrash to crash, as it would index
out-of-bounds of the struct and subsequently attempt to copy from that
garbage pointer.
Canonical link: https://commits.webkit.org/308767@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
