Closed Bug 585750 Opened 14 years ago Closed 14 years ago

JM: Fix PIC Resetting

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86_64
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: sstangl, Unassigned)

Details

Attachments

(1 file)

Patch v1
4.58 KB, patch
dvander
: review+
Details | Diff | Splinter Review
Attached patch Patch v1Splinter Review 
PIC resetting is not well-tested, leading to problems when gczeal(2) is inserted by the fuzzer. One such testcase (bug 585540) revealed a problem with resetting that only segfaulted on x86_64 but was wrong on x86.

There were two problems:
- GetPropCompiler::reset() was attempting to patch the inline path's type guard jump, even if it didn't exist;
- GetElemCompiler had no reset method, instead hijacking GetPropCompiler's, which used invalid values.

The attached patch respects pic->hasTypeGuard() and implements GetElemCompiler::reset().
Attachment #464185 - Flags: review?(dvander)
Attachment #464185 - Flags: review?(dvander) → review+
http://hg.mozilla.org/users/danderson_mozilla.com/moo/rev/9faa11693873
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Good work. I was just working on the same thing, discovered via running trace-tests with gczeal on. This was most likely causing unpredictable Mochitest failures as well.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: