Closed Bug 612640 Opened 14 years ago Closed 14 years ago

JM: Setting debug mode should purge call ICs

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
blocking2.0 --- final+

People

(Reporter: bhackett1024, Assigned: dvander)

Details

(Whiteboard: fixed-in-tracemonkey)

Attachments

(1 file)

fix
3.82 KB, patch
bhackett1024
: review+
Details | Diff | Splinter Review 
If any of the recompilations in js_SetDebugMode fail (due to e.g. low memory) then debug mode is not turned on for the compartment but some of the scripts may have been successfully recompiled and had their old code destroyed.  Call ICs in scripts which were not recompiled can still refer to the old JIT code of callees which were recompiled.  js_SetDebugMode should purge call ICs from all scripts (infallibly).
blocking2.0: --- → final+
Attached patch fixSplinter Review 
I can make this crash by fuding Retcon.cpp to fail in between ./js -m -f a.js -d b.js
Assignee: general → dvander
Status: NEW → ASSIGNED
Attachment #494218 - Flags: review?(bhackett1024)
Attachment #494218 - Flags: review?(bhackett1024) → review+
http://hg.mozilla.org/mozilla-central/rev/77af2eebbdbd
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: