Closed
Bug 746006
Opened 12 years ago
Closed 12 years ago
"Assertion failure: thing->compartment()->rt == trc->runtime," with Worker
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: gkw, Unassigned)
Details
(Keywords: assertion, testcase, Whiteboard: [fuzzblocker:shell-worker])
Worker() gc() asserts js debug shell on m-c changeset c61e7c3a232a without any CLI arguments at Assertion failure: thing->compartment()->rt == trc->runtime, I used https://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds/mozilla-central-macosx-debug/1334608993/jsshell-mac.zip (I couldn't seem to reproduce with a shell compiled locally) s-s because gc is involved. I'm not sure if the Worker() function is shell-only. If it is, this bug can be opened.
|
Reporter | |
Comment 1•12 years ago
|
||
Steve mentions that the Worker() function is enabled with --enable-threadsafe. I don't compile my shells with --enable-threadsafe by default. Should the tinderboxen js shells be compiled with --enabled-threadsafe by default?
|
|
Reporter | |
Updated•12 years ago
|
Summary: "Assertion failure: thing->compartment()->rt == trc->runtime," → "Assertion failure: thing->compartment()->rt == trc->runtime," with Worker
|
|
Reporter | |
Comment 2•12 years ago
|
||
See bug 731448 comment 4. jorendorff mentions that probably "jsworkers.cpp is just completely broken and nobody noticed".
|
||
Comment 3•12 years ago
|
||
Worker() exists in Gecko ("Error: Constructor requires at least one argument") but I don't know if it's the same underlying worker or not. Should try this using the fuzzing add-on that enables gc() in Firefox.
|
||
Comment 4•12 years ago
|
||
This does not crash the browser:
new Worker("data:text/javascript,3");
fuzzPriv.GC();
|
||
Comment 5•12 years ago
|
||
It's not the same Worker implementation at all. This is a bug in code that is not linked into Gecko at all.
|
|
Reporter | |
Comment 7•12 years ago
|
||
jsfunfuzz is now running on releng hardware, this assert is clouding results as creating an exception for this assert also ignores other non-Worker triggered testcases for this assert.
Whiteboard: [fuzzblocker]
|
|
||
Comment 8•12 years ago
|
||
I turned off fuzzing of shell Worker, so now we're back where we were before.
Whiteboard: [fuzzblocker] → [fuzzblocker:shell-worker]
|
|
Reporter | |
Comment 9•12 years ago
|
||
(actually, FIXED by the removal of Worker, a known patch in bug 771281 - hurray!)
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•