Closed Bug 1033146 Opened 10 years ago Closed 10 years ago

Win64 testGCHeapPostBarriers | CHECK failed: heapData->get() == nullptr

Categories

(Core :: JavaScript: GC, defect)

Product:
Core
Component:
JavaScript: GC
Version:
33 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla33

People

(Reporter: away, Assigned: away)

References

Details

Attachments

(1 file)

Paper over
1.49 KB, patch
terrence
: review+
Details | Diff | Splinter Review 
https://tbpl.mozilla.org/php/getParsedLog.php?id=42829541&tree=Date&full=1

http://dxr.mozilla.org/mozilla-central/source/js/src/jsapi-tests/testGCHeapPostBarriers.cpp#30

This is some kind of compile issue on Win64. In the disassembly I see the test for CHECK(heapData) but there is no test for CHECK(heapData->get() == nullptr). The code just assumes that the test fails, so we do the error sequence and return. The rest of the function, like the MinorGC, isn't even present.

If I do something like this, then the test passes:
__declspec(noinline) bool Dummy(bool x) { return x; }
CHECK(Dummy(heapData->get() == nullptr));

Should we just paper over this?
Flags: needinfo?(terrence)
That is horrifying and rather implies that we are probably being similarly miscompiled elsewhere on win64. I'd much prefer we try to find out what undefined behavior is triggering this particular "optimization" on MSVC's part. Does ubisan find anything in this file?
Flags: needinfo?(terrence)
No complaints from ubsan on linux64.
Also, what compiler is this and is it PGO only?

I guess we'll need to paper over it, so go ahead and prep a patch.
Flags: needinfo?(dmajor)
It's Visual Studio 2010, non-PGO. I don't know whether PGO builds are affected; AFAICT we don't PGO Win64 builds.

It appears to be fixed in Visual Studio 2012. Haven't tested 2013.
Flags: needinfo?(dmajor)
Attached patch Paper overSplinter Review 

        Attachment #8450728 -
        Flags: review?(terrence)

    
    

    
  
Comment on attachment 8450728 [details] [diff] [review]
Paper over

Review of attachment 8450728 [details] [diff] [review]:
-----------------------------------------------------------------

r=me

        Attachment #8450728 -
        Flags: review?(terrence) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/9dc87050ee0a
Assignee: nobody → dmajor
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
Depends on: 1289987

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: