Closed Bug 1033146 Opened 6 years ago Closed 6 years ago

Win64 testGCHeapPostBarriers | CHECK failed: heapData->get() == nullptr

Categories

(Core :: JavaScript: GC, defect)

33 Branch
x86_64
Windows 7
defect
Not set

Tracking

()

RESOLVED FIXED
mozilla33

People

(Reporter: dmajor, Assigned: dmajor)

References

Details

Attachments

(1 file)

https://tbpl.mozilla.org/php/getParsedLog.php?id=42829541&tree=Date&full=1

http://dxr.mozilla.org/mozilla-central/source/js/src/jsapi-tests/testGCHeapPostBarriers.cpp#30

This is some kind of compile issue on Win64. In the disassembly I see the test for CHECK(heapData) but there is no test for CHECK(heapData->get() == nullptr). The code just assumes that the test fails, so we do the error sequence and return. The rest of the function, like the MinorGC, isn't even present.

If I do something like this, then the test passes:
__declspec(noinline) bool Dummy(bool x) { return x; }
CHECK(Dummy(heapData->get() == nullptr));

Should we just paper over this?
Flags: needinfo?(terrence)
That is horrifying and rather implies that we are probably being similarly miscompiled elsewhere on win64. I'd much prefer we try to find out what undefined behavior is triggering this particular "optimization" on MSVC's part. Does ubisan find anything in this file?
Flags: needinfo?(terrence)
No complaints from ubsan on linux64.
Also, what compiler is this and is it PGO only?

I guess we'll need to paper over it, so go ahead and prep a patch.
Flags: needinfo?(dmajor)
It's Visual Studio 2010, non-PGO. I don't know whether PGO builds are affected; AFAICT we don't PGO Win64 builds.

It appears to be fixed in Visual Studio 2012. Haven't tested 2013.
Flags: needinfo?(dmajor)
Attached patch Paper overSplinter Review
Attachment #8450728 - Flags: review?(terrence)
Comment on attachment 8450728 [details] [diff] [review]
Paper over

Review of attachment 8450728 [details] [diff] [review]:
-----------------------------------------------------------------

r=me
Attachment #8450728 - Flags: review?(terrence) → review+
https://hg.mozilla.org/mozilla-central/rev/9dc87050ee0a
Assignee: nobody → dmajor
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
Depends on: 1289987
You need to log in before you can comment on or make changes to this bug.