Expose generational GC knobs to the shell for fuzzing

RESOLVED FIXED in mozilla24

Status

()

Core
JavaScript Engine
RESOLVED FIXED
5 years ago
5 years ago

People

(Reporter: terrence, Assigned: terrence)

Tracking

({sec-want})

Trunk
mozilla24
sec-want
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Assignee)

Description

5 years ago
Right now there isn't any way to interact directly with the GGC from the shell or to put it into edge states quickly.
(Assignee)

Updated

5 years ago
Assignee: general → terrence
(Assignee)

Comment 1

5 years ago
Created attachment 756067 [details] [diff] [review]
v0

This exposes |minorgc([overflow])| to the shell. It calls MinorGC and optionally calls setOverflowed on cx->runtime->gcStoreBuffer if [overflow] is set to true.
Attachment #756067 - Flags: review?(wmccloskey)
(Assignee)

Comment 2

5 years ago
Created attachment 756071 [details] [diff] [review]
v1

CallArgs::get returns UndefinedValue if the arg is not set, so there is no need to test before getting the arg.
Attachment #756067 - Attachment is obsolete: true
Attachment #756067 - Flags: review?(wmccloskey)
Attachment #756071 - Flags: review?(wmccloskey)

Updated

5 years ago
Keywords: sec-want
Attachment #756071 - Flags: review?(wmccloskey) → review+

Comment 4

5 years ago
https://hg.mozilla.org/mozilla-central/rev/8f8192a417b5
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla24

Comment 5

5 years ago
jsfunfuzz now calls minorgc occasionally. (fuzzing rev a32442460b40)
(Assignee)

Comment 6

5 years ago
\o/
You need to log in before you can comment on or make changes to this bug.