Closed
Bug 691593
Opened 13 years ago
Closed 13 years ago
IonMonkey: Assertion failure: *pc == JSOP_CALL, at jsopcode.cpp:4143
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: decoder, Unassigned)
References
Details
(Keywords: assertion, testcase)
Attachments
(1 file)
935 bytes,
patch
|
dvander
:
review+
|
Details | Diff | Splinter Review |
The following testcase asserts on ionmonkey revision acf3c1fb7c94 (run with --ion-eager), tested on 64 bit:
genexp = "x * x for (x in [])";
genexpParened = "(" + genexp + ")";
needParens(2, "if (1, xx) { }");
function needParens(section, pat, exp) {
ft = pat.replace(/xx/, genexpParened);
try {
f = new Function(ft);
} catch(e) { }
overParenTest(section, f, exp);
}
function overParenTest(section, f, exp) {
var uf = "" + f;
if (uf.indexOf(genexpParened) != -1) { }
}
Comment 1•13 years ago
|
||
String(
(function() {
([] for (x in []))
})
)
asserts js debug shell on IM changeset 5602420006bb without any CLI flags at Assertion failure: *pc == JSOP_CALL, 32-bit js shell in 64-bit Windows 7.
Comment 2•13 years ago
|
||
I remember this issue being posted in a bug before, but can't seem to find it now.
JSOP_PUSH for |this| is followed by JSOP_NOTEARG so IonBuilder can be single-pass with MPassArg at point-of-definition. In adding JSOP_NOTEARG, I missed a spot that asserts the next op after JSOP_PUSH is JSOP_CALL.
Attachment #564618 -
Flags: review?(dvander)
Updated•13 years ago
|
Attachment #564618 -
Flags: review?(dvander) → review+
Comment 3•13 years ago
|
||
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Updated•13 years ago
|
Blocks: IonFuzz
Summary: IM: Assertion failure: *pc == JSOP_CALL, at jsopcode.cpp:4143 → IonMonkey: Assertion failure: *pc == JSOP_CALL, at jsopcode.cpp:4143
Reporter | ||
Comment 4•12 years ago
|
||
Automatically extracted testcase for this bug was committed:
https://hg.mozilla.org/mozilla-central/rev/2e891e0db397
Flags: in-testsuite+
You need to log in
before you can comment on or make changes to this bug.
Description
•