Closed
Bug 639954
Opened 14 years ago
Closed 14 years ago
TM: calling SwitchToCompartment(NULL) does nothing
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: bhackett1024, Assigned: billm)
Details
(Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
|
1.84 KB,
patch
|
luke
:
review+
|
Details | Diff | Splinter Review |
For this code in GCUntilDone:
/*
* We should not be depending on cx->compartment in the GC, so set it to
* NULL to look for violations.
*/
SwitchToCompartment(cx, (JSCompartment *)NULL);
SwitchToCompartment is a class, and when class constructors are called as functions the destructor is called immediately afterwards (thanks, C++!), so the original context's usually-bogus compartment is restored for the GC.
|
Assignee | |
Comment 1•14 years ago
|
||
Oops. We have checks to ensure that this doesn't happen, but I guess they aren't called by SwitchCompartment. We should fix that.
|
Reporter | |
Comment 2•14 years ago
|
||
Hmm, this was the only hit for SwitchCompartment being called as a function. Unfortunately, doing the obvious fix for this case broke some jit-tests in non-obvious ways, going to disown.
Assignee: bhackett1024 → general
|
|
Assignee | |
Updated•14 years ago
|
Assignee: general → wmccloskey
|
||
Comment 3•14 years ago
|
||
Wow, nice. Ok, we need an owner and fixing. Gregor? Bill? Anyone?
|
|
Assignee | |
Comment 4•14 years ago
|
||
I've only looked at one failure so far, but here's what I think is happening. In MarkRuntime, we iterate over all contexts cx and mark cx->compartment. NULLing-out cx->compartment during GC causes us to miss a compartment.
Once bug 639270 lands, this shouldn't be a problem. Let's wait for that and then fix this.
|
|
||
Comment 5•14 years ago
|
||
If you add the idiomatic JS_GUARD_OBJECT_NOTIFIER* magic (grep for examples), then you will get a debug assert running the statement in comment 0. (In theory, we should be sprinkling this magic on all guard objects to prevent this category of errors.)
|
|
||
Comment 6•14 years ago
|
||
The verb-style name fooled me into thinking this was an overloaded function, not a class. Use noun phrases for classes and structs, please!
/be
|
|
||
Comment 7•14 years ago
|
||
I didn't really like it at first, but the pattern seems to be an Auto* prefix.
|
|
Assignee | |
Comment 8•14 years ago
|
||
This fixes the GC case and adds the necessary guards to SwitchToCompartment. Now that bug 639270 has landed, there are no more test failures.
I didn't do any renaming. Should I?
Attachment #518562 -
Flags: review?(luke)
|
|
||
Updated•14 years ago
|
Attachment #518562 -
Flags: review?(luke) → review+
|
|
Assignee | |
Comment 9•14 years ago
|
||
Whiteboard: fixed-in-tracemonkey
|
|
Assignee | |
Comment 10•14 years ago
|
||
Filed bug 641558 on the renaming.
|
|
||
Comment 11•14 years ago
|
||
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•