Closed
Bug 1342595
Opened 7 years ago
Closed 7 years ago
Assertion failure: size_before == *profiler->size_, at js/src/vm/GeckoProfiler.cpp:428
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1341317
Tracking | Status | |
---|---|---|
firefox54 | --- | affected |
People
(Reporter: gkw, Unassigned)
Details
(Keywords: assertion, bugmon, testcase, Whiteboard: [jsbugmon:update])
Attachments
(1 file)
25.27 KB,
text/plain
|
Details |
The following testcase crashes on mozilla-central revision 69d2cf007cdc (build with --enable-debug, run with --fuzzing-safe --ion-offthread-compile=off --ion-eager): // Adapted from randomly chosen test: js/src/jit-test/tests/profiler/bug1211962.js enableGeckoProfiling(); // Adapted from randomly chosen test: js/src/jit-test/tests/basic/cooperative-threading-interrupt.js setInterruptCallback(function () { cooperativeYield(); }); evalInCooperativeThread("cooperativeYield();"); for (var i = 0; i < 1; i++) { interruptIf(1); } Backtrace: #0 js::GeckoProfilerEntryMarker::~GeckoProfilerEntryMarker (this=0x7ff24f326990, __in_chrg=<optimized out>) at js/src/vm/GeckoProfiler.cpp:428 #1 0x00000000005329a9 in js::RunScript (cx=cx@entry=0x7ff24cf20000, state=...) at js/src/vm/Interpreter.cpp:380 #2 0x00000000005354e1 in js::ExecuteKernel (cx=cx@entry=0x7ff24cf20000, script=..., script@entry=..., envChainArg=..., newTargetValue=..., evalInFrame=..., evalInFrame@entry=..., result=result@entry=0x7ff24f326d80) at js/src/vm/Interpreter.cpp:690 #3 0x00000000005358a8 in js::Execute (cx=cx@entry=0x7ff24cf20000, script=script@entry=..., envChainArg=..., rval=rval@entry=0x7ff24f326d80) at js/src/vm/Interpreter.cpp:723 #4 0x00000000008c909a in ExecuteScript (cx=cx@entry=0x7ff24cf20000, scope=scope@entry=..., script=script@entry=..., rval=rval@entry=0x7ff24f326d80) at js/src/jsapi.cpp:4476 #5 0x00000000008da148 in JS_ExecuteScript (cx=0x7ff24cf20000, scriptArg=scriptArg@entry=..., rval=rval@entry=...) at js/src/jsapi.cpp:4502 /snip For detailed crash information, see attachment.
Reporter | ||
Comment 1•7 years ago
|
||
Reporter | ||
Comment 2•7 years ago
|
||
autoBisect shows this is probably related to the following changeset: The first bad revision is: changeset: https://hg.mozilla.org/mozilla-central/rev/fad2e60d7843 user: Brian Hackett date: Fri Feb 17 05:13:11 2017 -0700 summary: Bug 1337968 - Add API and shell harness for cooperative multithreading, r=jandem. Brian, is bug 1337968 a likely regressor?
Flags: needinfo?(bhackett1024)
Comment 3•7 years ago
|
||
This testcase is fixed by the patch in bug 1341317.
Status: NEW → RESOLVED
Closed: 7 years ago
Flags: needinfo?(bhackett1024)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•