"Assertion failure: *f.regs.pc == JSOP_CALL || *f.regs.pc == JSOP_NEW || *f.regs.pc == JSOP_EVAL || *f.regs.pc == JSOP_FUNCALL || *f.regs.pc == JSOP_FUNAPPLY," with trap

RESOLVED FIXED in mozilla9

Status

()

Core
JavaScript Engine
--
critical
RESOLVED FIXED
6 years ago
4 years ago

People

(Reporter: gkw, Assigned: luke)

Tracking

(Blocks: 1 bug, {assertion, testcase})

Trunk
mozilla9
x86
Windows 7
assertion, testcase
Points:
---
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [js-triage-done])

Attachments

(2 attachments)

(Reporter)

Description

6 years ago
Created attachment 557115 [details]
dis() information

f = (function() {
  function b() {
    "use strict";
    Object.defineProperty(this, "x", ({}));
  }
  for each(let d in [0, 0]) {
    try {
      b(d);
    } catch (e) {}
  }
})
dis(f)
trap(f, 54, undefined);
f()

asserts js debug shell on MC changeset fcca99426576 with -m, -a and -d at Assertion failure: *f.regs.pc == JSOP_CALL || *f.regs.pc == JSOP_NEW || *f.regs.pc == JSOP_EVAL || *f.regs.pc == JSOP_FUNCALL || *f.regs.pc == JSOP_FUNAPPLY,
(Reporter)

Comment 1

6 years ago
Not sure if this is related to TI, the assert seems to be at methodjit/InvokeHelpers.cpp:188
(Assignee)

Comment 2

6 years ago
Created attachment 557344 [details] [diff] [review]
fix assert

Oops, assert should use js_GetOpcode.
Assignee: general → luke
Status: NEW → ASSIGNED
Attachment #557344 - Flags: review?(dvander)
Attachment #557344 - Flags: review?(dvander) → review+
(Assignee)

Comment 3

6 years ago
http://hg.mozilla.org/integration/mozilla-inbound/rev/ebfdb0858947
Whiteboard: js-triage-needed → [js-triage-done][inbound]

Comment 4

6 years ago
http://hg.mozilla.org/mozilla-central/rev/ebfdb0858947
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Whiteboard: [js-triage-done][inbound] → [js-triage-done]
Target Milestone: --- → mozilla9
A testcase for this bug was automatically identified at js/src/jit-test/tests/basic/testBug683470.js.
Flags: in-testsuite+
You need to log in before you can comment on or make changes to this bug.