1513433 - gc/Verifier.cpp uses incorrect DebugOnly and breaks fuzzing

Status: RESOLVED FIXED

(Core :: JavaScript: GC, defect, P1)

Description

[Ted Campbell [:tcampbell]]

:decoder reports fuzzing errors:

> In file included from /srv/jenkins/jobs/mozilla-central-build-jsshell/workspace/arch/64/compiler/clang/instrumentation/none/type/opt/js/src/gc/Unified_cpp_js_src_gc2.cpp:2:
> /srv/jenkins/jobs/mozilla-central-clone/workspace/js/src/gc/Verifier.cpp:799:16: error: member reference type 'DebugOnly<JS::Zone *>' is not a pointer; did you mean to use '.'?
>       !(keyZone->isGCMarking() || keyZone->isGCSweeping())) {
>         ~~~~~~~^~
>                .
> /srv/jenkins/jobs/mozilla-central-clone/workspace/js/src/gc/Verifier.cpp:799:18: error: no member named 'isGCMarking' in 'mozilla::DebugOnly<JS::Zone *>'
>       !(keyZone->isGCMarking() || keyZone->isGCSweeping())) {
>         ~~~~~~~  ^
> /srv/jenkins/jobs/mozilla-central-clone/workspace/js/src/gc/Verifier.cpp:799:42: error: member reference type 'DebugOnly<JS::Zone *>' is not a pointer; did you mean to use '.'?
>       !(keyZone->isGCMarking() || keyZone->isGCSweeping())) {
>                                   ~~~~~~~^~
>                                          .
> /srv/jenkins/jobs/mozilla-central-clone/workspace/js/src/gc/Verifier.cpp:799:44: error: no member named 'isGCSweeping' in 'mozilla::DebugOnly<JS::Zone *>'
>       !(keyZone->isGCMarking() || keyZone->isGCSweeping())) {
>                                   ~~~~~~~  ^

This is due to keyZone marked DebugOnly when it is also used in non-debug code.
I believe this occurs in non-debug but JS_GC_ZEAL builds.

Comment 1

[Ted Campbell [:tcampbell]]

Attachment: Fix gc/Verifier.cpp in opt gczeal configuration

Comment 2

[Pulsebot]

Pushed by tcampbell@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/6b08a22a9ced
Fix gc/Verifier.cpp in opt gczeal configuration. r=sfink

Comment 3

[Cristina Coroiu [:ccoroiu]]

https://hg.mozilla.org/mozilla-central/rev/6b08a22a9ced