JM: "Assertion failure: lref.isUndefined()," with sharps

RESOLVED WORKSFORME

Status

()

Core
JavaScript Engine
--
critical
RESOLVED WORKSFORME
8 years ago
8 years ago

People

(Reporter: gkw, Assigned: dvander)

Tracking

(Blocks: 1 bug, {assertion, regression, testcase})

Trunk
x86_64
Linux
assertion, regression, testcase
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

37 bytes, text/plain
Details
(Reporter)

Description

8 years ago
#1=/x/
with({}) {
    var x = ""
}

asserts 64-bit js debug shell on moo tip f567bb6aca45 without -m (so guessing this is related to fatval) at Assertion failure: lref.isUndefined(), at ../jsinterp.cpp:6158

Tested only on 64-bit js shell on Ubuntu 10.04.

(Pass this in as a CLI argument and note the extra space prior to the sharp)

Program received signal SIGABRT, Aborted.
0x00007ffff7bce7bb in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42
42	../nptl/sysdeps/unix/sysv/linux/pt-raise.c: No such file or directory.
	in ../nptl/sysdeps/unix/sysv/linux/pt-raise.c
(gdb) bt
#0  0x00007ffff7bce7bb in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42
#1  0x000000000053e098 in JS_Assert (s=0x5aba73 "lref.isUndefined()", file=0x5aa829 "../jsinterp.cpp", ln=6158) at ../jsutil.cpp:80
#2  0x0000000000578881 in js::Interpret (cx=0x82a1a0) at ../jsinterp.cpp:6158
#3  0x0000000000495db4 in js::RunScript (cx=0x82a1a0, script=0x835030, fun=0x0, scopeChain=0x7ffff6901000) at ../jsinterp.cpp:462
#4  0x0000000000496b66 in js::Execute (cx=0x82a1a0, chain=0x7ffff6901000, script=0x835030, down=0x0, flags=0, result=0x0) at ../jsinterp.cpp:923
#5  0x0000000000428656 in JS_ExecuteScript (cx=0x82a1a0, obj=0x7ffff6901000, script=0x835030, rval=0x0) at ../jsapi.cpp:4637
#6  0x000000000040493a in Process (cx=0x82a1a0, obj=0x7ffff6901000, filename=0x7fffffffe5cd "w165-cj-in.js", forceTTY=0) at ../../shell/js.cpp:440
#7  0x000000000040572a in ProcessArgs (cx=0x82a1a0, obj=0x7ffff6901000, argv=0x7fffffffe2c0, argc=1) at ../../shell/js.cpp:860
#8  0x000000000040dadd in shell (cx=0x82a1a0, argc=1, argv=0x7fffffffe2c0, envp=0x7fffffffe2d0) at ../../shell/js.cpp:5038
#9  0x000000000040dbed in main (argc=1, argv=0x7fffffffe2c0, envp=0x7fffffffe2d0) at ../../shell/js.cpp:5129
(Reporter)

Comment 1

8 years ago
Created attachment 456987 [details]
Testcase

(Also, this is not a 64-bit specific bug)

The extra space needed for the bug to occur got ignored by Bugzilla.

$ ./js-dbg-32-jm-linux 578248.js 
Assertion failure: lref.isUndefined(), at ../jsinterp.cpp:6158
Aborted

Comment 2

8 years ago
I could not get this to reproduce on using fatval tip on 32-bit debug linux or 64-bit debug os x.
I cannot reproduce with 64-bit debug linux using moo tip. Note that the spacing that should come before the '#' does not appear to be present in the attachment either.
(Reporter)

Comment 4

8 years ago
Created attachment 457011 [details]
Testcase 2

Let's try this again..

moo changeset f567bb6aca45

$ cat 578248.js 
 #1=/x/
with({}) {
    var x = ""
}

$ ./js-dbg-64-jm-linux 578248.js 
Assertion failure: lref.isUndefined(), at ../jsinterp.cpp:6158
Aborted
Attachment #456987 - Attachment is obsolete: true
(Reporter)

Comment 5

8 years ago
Let's hope this is JM, Luke confirms it's not fatval. But methodJIT doesn't exist in 64-bit ( '-m' or not doesn't matter). Hmmmm.....
Blocks: 549412
Summary: FV: "Assertion failure: lref.isUndefined()," with sharps → JM: "Assertion failure: lref.isUndefined()," with sharps
Can reproduce assert with moo-64-debug-linux using attachment in comment #4.
Cannot reproduce with fatval or TM branches.
I bet my hat this has to do with me removing GVAR ops.
Assignee: general → dvander
Status: NEW → ASSIGNED
WFM
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.