657287 – TI: Assertion failure: (ptrBits & 0x7) == 0, at ../jsval.h:702

Last Comment Bug 657287 - TI: Assertion failure: (ptrBits & 0x7) == 0, at ../jsval.h:702


Summary:	TI: Assertion failure: (ptrBits & 0x7) == 0, at ../jsval.h:702

Status:	RESOLVED FIXED
Whiteboard:
Keywords:	assertion, testcase

Product:	Core
Classification:	Components
Component:	JavaScript Engine (show other bugs)
Version:	Trunk
Platform:	x86_64 Linux

Importance:	-- critical (vote)
Target Milestone:	---
Assigned To:	general
QA Contact:
Triage Owner:
Mentors:

URL:

Depends on:
Blocks:	infer-regress langfuzz
	Show dependency tree / graph

Reported:

2011-05-16 00:28 PDT by Christian Holler (:decoder)

Modified:

2011-08-05 00:54 PDT (History)

CC List:

4 users (show)

See Also:

Crash Signature:

(edit)

QA Whiteboard:

Iteration:

---

Points:

---

Has Regression Range:

---

Has STR:

---

Tracking Flags:

Attachments
shell testcase, unpack, chdir and run main.js with options "-j -n -m" (936 bytes, application/x-compressed-tar) 2011-05-16 00:28 PDT, Christian Holler (:decoder)	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description

Christian Holler (:decoder) 2011-05-16 00:28:16 PDT

Created attachment 532569 [details]
shell testcase, unpack, chdir and run main.js with options "-j -n -m"

The attached testcase asserts on TI revision 693a36f402ee (unpack, chdir and run main.js with options -j -m -n), tested on 64 bit.

Comment 1

Brian Hackett (:bhackett) 2011-05-16 06:35:54 PDT

YES, was waiting for this to show up as it has been causing intermittent tinderbox orange, but didn't have a test to confirm the cause.  When rejoining into the interpreter we don't guarantee sync for dead locals.  Normally this isn't a problem, but if the interpreter executes a 'GETLOCAL POP' sequence as is done in script headers for the decompiler, we can fault in the compartment checking assertions at the GETLOCAL.  The interpreter should just ignore 'GETLOCAL POP' sequences like the liveness analysis does.

Comment 2

Brian Hackett (:bhackett) 2011-05-16 10:30:26 PDT

Ignore same compartment assertions for GETLOCAL followed by POP.

http://hg.mozilla.org/projects/jaegermonkey/rev/1b270bc6f9c1

Note You need to log in before you can comment on or make changes to this bug.