Closed
Bug 792001
Opened 13 years ago
Closed 13 years ago
IonMonkey: Fix FromCharCode race condition
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla18
People
(Reporter: jandem, Assigned: jandem)
Details
(Whiteboard: [ion:p1:fx18])
Attachments
(1 file)
|
4.14 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
visitFromCharCode stores the char in a static variable and passes its address to a stub. This assumes that JIT code won't run concurrently, but this is false with web workers etc. The patch just passes the code to a stub.
Attachment #662125 -
Flags: review?(nicolas.b.pierron)
|
||
Comment 1•13 years ago
|
||
Comment on attachment 662125 [details] [diff] [review]
Patch
Review of attachment 662125 [details] [diff] [review]:
-----------------------------------------------------------------
Good catch.
Attachment #662125 -
Flags: review?(nicolas.b.pierron) → review+
|
||
Comment 2•13 years ago
|
||
Comment on attachment 662125 [details] [diff] [review]
Patch
Review of attachment 662125 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/src/ion/VMFunctions.cpp
@@ +334,5 @@
> +{
> + code = uint16_t(code);
> +
> + if (StaticStrings::hasUnit(code))
> + return cx->runtime->staticStrings.getUnit(code);
This seems kind of useless considering the inline path in JIT code.
|
Assignee | |
Comment 3•13 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/5a347c0388fd
(In reply to Tom Schuster [:evilpie] from comment #2)
>
> This seems kind of useless considering the inline path in JIT code.
True, I added it in case we later decide to call the stub in other cases or from somewhere else (and the stub is a slow path anyway so it shouldn't matter for performance).
|
|
||
Comment 4•13 years ago
|
||
(In reply to Tom Schuster [:evilpie] from comment #2)
> Comment on attachment 662125 [details] [diff] [review]
> Patch
>
> Review of attachment 662125 [details] [diff] [review]:
> -----------------------------------------------------------------
>
> ::: js/src/ion/VMFunctions.cpp
> @@ +334,5 @@
> > +{
> > + code = uint16_t(code);
> > +
> > + if (StaticStrings::hasUnit(code))
> > + return cx->runtime->staticStrings.getUnit(code);
>
> This seems kind of useless considering the inline path in JIT code.
I agree, but the function name suppose that it handle all cases, so to avoid disturbing people using it later it's best to keep it like that. And hasUnit is just a simple branch which is not a perf issue compared to the cost of the out-of-line VM call.
|
|
Assignee | |
Comment 5•13 years ago
|
||
I just realized that hasUnit/getUnit take a jschar, so a follow-up patch to pass jschar to them:
https://hg.mozilla.org/integration/mozilla-inbound/rev/a8c051013c48
|
||
Updated•13 years ago
|
Whiteboard: [ion:p1:fx18]
|
||
Comment 6•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/5a347c0388fd
https://hg.mozilla.org/mozilla-central/rev/a8c051013c48
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla18
You need to log in
before you can comment on or make changes to this bug.
Description
•