Closed
Bug 952295
Opened 11 years ago
Closed 11 years ago
Fix an exact rooting hazard in CompileLazyFunction
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla29
People
(Reporter: terrence, Assigned: terrence)
References
Details
(Whiteboard: [qa-])
Attachments
(1 file)
(deleted),
patch
|
sfink
:
review+
|
Details | Diff | Splinter Review |
This is a real hazard as |lazy| is live across this gc. I've added the ability to have a Rooted<LazyScript*> and made it a handle.
Function '_ZN2js8frontend19CompileLazyFunctionEP9JSContextPNS_10LazyScriptEPKDsm|uint8 js::frontend::CompileLazyFunction(JSContext*, js::LazyScript*, uint16*, uint64)' has unrooted 'lazy' of type 'js::LazyScript*' live across GC call '_ZN2js8frontend13NameFunctionsEPNS_16ExclusiveContextEPNS0_9ParseNodeE|uint8 js::frontend::NameFunctions(js::ExclusiveContext*, js::frontend::ParseNode*)' at js/src/frontend/BytecodeCompiler.cpp:437
js/src/frontend/BytecodeCompiler.cpp:433: Call(40,41, pn := parser.standaloneLazyFunction(__temp_23*,staticLevel*,__temp_24*,__temp_25*))
js/src/frontend/BytecodeCompiler.cpp:434: Assume(41,46, null(pn*), false)
js/src/frontend/BytecodeCompiler.cpp:437: Call(46,47, __temp_26 := NameFunctions(cx*.field:0,pn*))
js/src/frontend/BytecodeCompiler.cpp:437: Assume(47,52, !__temp_26*, false)
js/src/frontend/BytecodeCompiler.cpp:440: Call(52,53, __temp_27 := lazy*.enclosingScope())
Attachment #8350335 -
Flags: review?(sphink)
Comment 1•11 years ago
|
||
Comment on attachment 8350335 [details] [diff] [review]
hazard_CompileLazyFunction-v0.diff
Review of attachment 8350335 [details] [diff] [review]:
-----------------------------------------------------------------
Oops, sorry for the delay. I had already looked at this, but it looks like I forgot to publish the r+.
Attachment #8350335 -
Flags: review?(sphink) → review+
Assignee | ||
Comment 2•11 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
Updated•11 years ago
|
Whiteboard: [qa-]
You need to log in
before you can comment on or make changes to this bug.
Description
•