Closed
Bug 1287869
Opened 4 years ago
Closed 4 years ago
Add a zeal mode to check nursery integrity
Categories
(Core :: JavaScript: GC, defect)
Core
JavaScript: GC
Tracking
()
RESOLVED
FIXED
mozilla50
| Tracking | Status | |
|---|---|---|
| firefox50 | --- | fixed |
People
(Reporter: jonco, Assigned: jonco)
References
Details
Attachments
(1 file)
|
8.23 KB,
patch
|
terrence
:
review+
|
Details | Diff | Splinter Review |
We can put canaries between nursery allocations and check them on collection to ensure nothing writes past the end of an object. This would have caught at least one bug I know of.
|
Assignee | |
Comment 1•4 years ago
|
||
As discussed. We don't use take the fast path to allocate in compiled code when any zeal mode is active, so there were no Ion changes necessary.
Attachment #8772943 -
Flags: review?(terrence)
|
||
Comment 2•4 years ago
|
||
Comment on attachment 8772943 [details] [diff] [review] bug1287869-nursery-canaries Review of attachment 8772943 [details] [diff] [review]: ----------------------------------------------------------------- Nice!
Attachment #8772943 -
Flags: review?(terrence) → review+
Pushed by jcoppeard@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/bdbb5822afe1 Add zeal mode to check nursery integrity r=terrence
|
||
Comment 4•4 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/bdbb5822afe1
Status: NEW → RESOLVED
Closed: 4 years ago
status-firefox50:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in
before you can comment on or make changes to this bug.
Description
•