Put more information to the stack when crbug/454297 happens.

Review URL: https://codereview.chromium.org/941693002

Cr-Commit-Position: refs/heads/master@{#26757}

diff --git a/src/heap/mark-compact.cc b/src/heap/mark-compact.cc
index f2b2ce171a9b6aca5d6152ba44422f8374b7317c..b525bf6ac2467721cc42a8755a479abed1c14ba4 100644 (file)
--- a/src/heap/mark-compact.cc
+++ b/src/heap/mark-compact.cc
@@ -2827,10 +2827,14 @@ class PointersUpdatingVisitor : public ObjectVisitor {
 // TODO(ishell): remove, once crbug/454297 is caught.
 void PointersUpdatingVisitor::CheckLayoutDescriptorAndDie(Heap* heap,
                                                           Object** slot) {
-  const int kDataBufferSize = 1280;
+  const int kDataBufferSize = 128;
   uintptr_t data[kDataBufferSize] = {0};
   int index = 0;
   data[index++] = 0x10aaaaaaaaUL;  // begin marker
+
+  data[index++] = reinterpret_cast<uintptr_t>(slot);
+  data[index++] = 0x15aaaaaaaaUL;
+
   Address slot_address = reinterpret_cast<Address>(slot);
 
   uintptr_t space_owner_id = 0xb001;
@@ -2862,7 +2866,7 @@ void PointersUpdatingVisitor::CheckLayoutDescriptorAndDie(Heap* heap,
   Object** map_slot = slot;
   bool found = false;
   const int kMaxDistanceToMap = 64;
-  for (int i = 0; i < kMaxDistanceToMap; i++, map_slot -= kPointerSize) {
+  for (int i = 0; i < kMaxDistanceToMap; i++, map_slot--) {
     Address map_address = reinterpret_cast<Address>(*map_slot);
     if (heap->map_space()->ContainsSafe(map_address)) {
       found = true;
@@ -2871,6 +2875,9 @@ void PointersUpdatingVisitor::CheckLayoutDescriptorAndDie(Heap* heap,
   }
   data[index++] = found;
   data[index++] = 0x30aaaaaaaaUL;
+  data[index++] = reinterpret_cast<uintptr_t>(map_slot);
+  data[index++] = 0x35aaaaaaaaUL;
+
   if (found) {
     Address obj_address = reinterpret_cast<Address>(map_slot);
     Address end_of_page =