If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

TM: ARM: don't free register reservation too early in asm_call [nanojit]

RESOLVED FIXED

Status

()

Core
JavaScript Engine
RESOLVED FIXED
8 years ago
4 years ago

People

(Reporter: gal, Assigned: gal)

Tracking

Trunk
ARM
All
Points:
---
Bug Flags:
blocking1.9.2 +

Firefox Tracking Flags

(status1.9.2 beta4-fixed)

Details

(Whiteboard: fixed-in-tracemonkey)

Attachments

(1 attachment)

(Assignee)

Description

8 years ago
This bug is fixed in Adobe's code. Fixing with this patch locally in TM. This has to go into 1.9.2 too.
(Assignee)

Comment 1

8 years ago
This should block any ARM release that uses VFP.
tracking-fennec: --- → ?
Flags: blocking1.9.2?
OS: Mac OS X → All
Hardware: x86 → ARM
Flags: blocking1.9.2? → blocking1.9.2+
(Assignee)

Comment 2

8 years ago
Created attachment 407120 [details] [diff] [review]
patch
Assignee: general → gal
(Assignee)

Comment 3

8 years ago
Comment on attachment 407120 [details] [diff] [review]
patch

Adobe used to crash here and they didn't take our change because of that. I am not sure why they crashed though. Our version of freeRsrcOf doesn't clear the reservation, it just sets used = 0. Either way, the code was definitively wrong before.
Attachment #407120 - Flags: review?(graydon)
Comment on attachment 407120 [details] [diff] [review]
patch

This code is voodoo to me, but conversation and inspection of adobe's code makes me believe this is making matters at least ... plausibly more correct. Check trace-tests etc.
Attachment #407120 - Flags: review?(graydon) → review+
(Assignee)

Comment 5

8 years ago
http://hg.mozilla.org/tracemonkey/rev/c357f3e673d0
Whiteboard: fixed-in-tracemonkey
(In reply to comment #4)
> (From update of attachment 407120 [details] [diff] [review])
> This code is voodoo to me, but conversation and inspection of adobe's code
> makes me believe this is making matters at least ... plausibly more correct.

I'll be clarifying this voodoo as part of bug 513615, freeRsrcOf() in particular is horribly confusing.

Comment 7

8 years ago
http://hg.mozilla.org/mozilla-central/rev/c357f3e673d0
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED

Comment 8

8 years ago
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/8dc62724579e
status1.9.2: --- → final-fixed
tracking-fennec: ? → ---
You need to log in before you can comment on or make changes to this bug.