Closed Bug 620291 Opened 14 years ago Closed 13 years ago

useless assert of free_block [@ CodeAlloc::free]

Categories

(Core Graveyard :: Nanojit, defect)

defect
Not set
critical

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: timeless, Assigned: timeless)

Details

(Keywords: coverity, crash, Whiteboard: fixed-in-nanojit, fixed-in-tracemonkey, fixed-in-tamarin)

Crash Data

Attachments

(1 file)

147     void CodeAlloc::free(NIns* start, NIns *end) {

182                     CodeList* free_block = availblocks;

there's no point in using free_block as a loop control:
183                     while ( free_block && free_block->next != coalescedBlock) {
184                         NanoAssert(free_block->size() >= minAllocSize);
185                         NanoAssert(free_block->isFree);
186                         NanoAssert(free_block->next);
187                         free_block = free_block->next;
188                     }
or asserting it:
189                     NanoAssert(free_block && free_block->next == coalescedBlock);

if you're just going to crash anyway:
190                     free_block->next = coalescedBlock->next;
Attached patch drop null checksSplinter Review
Assignee: general → timeless
Status: NEW → ASSIGNED
Attachment #498683 - Flags: review?(gal)
Attachment #498683 - Flags: review?(gal)
Attachment #498683 - Flags: review?(edwsmith)
Attachment #498683 - Flags: review+
Attachment #498683 - Flags: review?(edwsmith) → review+
Keywords: checkin-needed
Urg, and backed out in http://hg.mozilla.org/tracemonkey/rev/8e517eae885d when I suddenly realized *why* edwsmith was reviewing it. Maybe if it's in the nanojit component, I'll realize it's not something I want to push.
Component: JavaScript Engine → Nanojit
Keywords: checkin-needed
QA Contact: general → nanojit
Whiteboard: fixed-in-tracemonkey
cdleary-bot mozilla-central merge info:
http://hg.mozilla.org/mozilla-central/rev/a26c9e7823e4
Note: not marking as fixed because fixed-in-tracemonkey is not present on the whiteboard.
this was backed-out but still has a checkin-needed flag. Needs fixin'?
i think it's something that would want to be pushed or managed by someone from nanojit to a nanojit tree instead of to a tracemonkey/m-c tree.
http://hg.mozilla.org/tracemonkey/rev/f7f0892c9807
Whiteboard: fixed-in-nanojit → fixed-in-nanojit, fixed-in-tracemonkey
changeset: 6079:aaee24b632ed
user:      timeless@mozdev.org
summary:   Bug 620291 - useless assert of free_block [@ CodeAlloc::free].  r=gal,edwsmith.

http://hg.mozilla.org/tamarin-redux/rev/aaee24b632ed
Whiteboard: fixed-in-nanojit, fixed-in-tracemonkey → fixed-in-nanojit, fixed-in-tracemonkey, fixed-in-tamarin
Crash Signature: [@ CodeAlloc::free]
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: