--no-cgc crashes when using -e

RESOLVED FIXED in Firefox 38

Status

()

Core
JavaScript Engine
--
critical
RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: Jesse Ruderman, Assigned: jonco)

Tracking

({crash})

Trunk
mozilla38
x86_64
Mac OS X
crash
Points:
---

Firefox Tracking Flags

(firefox38 fixed)

Details

Attachments

(2 attachments)

(Reporter)

Description

3 years ago
Created attachment 8558836 [details]
stack

js --no-cgc -e 42

Crash [@ js::CurrentThreadCanAccessRuntime]

Likely regression window: https://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=a98d16e6a3b4&tochange=8e450ff88d61
(I'm guessing the bug has existed since --no-cgc landed in bug 1126769)

This blocks fuzzing with --no-cgc.
status-firefox38: --- → affected
Flags: needinfo?(jcoppeard)
(Assignee)

Comment 1

3 years ago
Created attachment 8559082 [details] [diff] [review]
bug1129233-auto-disable-lifetime

When I added this I copied the mechanism to disable GGC and missed the fact that we have to explicitly reset() the auto guard before we destroy the runtime, otherwise it will try to re-enable in its destructor when it is called at the end of main() after the runtime has been destroyed.

Here's a patch to move both of these guards to the Shell() function which is a more appropriate location since the runtime will still be alive when the go out of scope.

Actually this code could do with some refactoring, but this bug is probably not the place for it.
Assignee: nobody → jcoppeard
Flags: needinfo?(jcoppeard)
Attachment #8559082 - Flags: review?(terrence)
Attachment #8559082 - Flags: review?(terrence) → review+
https://hg.mozilla.org/mozilla-central/rev/b63d7e80709a
Status: NEW → RESOLVED
Last Resolved: 3 years ago
status-firefox38: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
You need to log in before you can comment on or make changes to this bug.