Beginning on October 25th, 2016, Persona will no longer be an option for authentication on BMO. For more details see Persona Deprecated.
Last Comment Bug 734763 - "Assertion failure: rt->gcMode != JSGC_MODE_GLOBAL" with certain GC prefs and forceShrinkingGC
: "Assertion failure: rt->gcMode != JSGC_MODE_GLOBAL" with certain GC prefs and...
: assertion, regression, testcase
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: Trunk
: x86_64 Mac OS X
: -- critical (vote)
: mozilla13
Assigned To: Bill McCloskey (:billm)
: Jason Orendorff [:jorendorff]
Depends on:
Blocks: 730447
  Show dependency treegraph
Reported: 2012-03-11 14:07 PDT by Jesse Ruderman
Modified: 2012-03-13 04:55 PDT (History)
3 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

testcase (50 bytes, text/html)
2012-03-11 14:07 PDT, Jesse Ruderman
no flags Details
fix (904 bytes, patch)
2012-03-12 11:01 PDT, Bill McCloskey (:billm)
anygregor: review+
Details | Diff | Splinter Review

Description Jesse Ruderman 2012-03-11 14:07:14 PDT
Created attachment 604789 [details]

1. Install the new version of

2. Set

user_pref("javascript.options.mem.gc_incremental", false);
user_pref("javascript.options.mem.gc_per_compartment", false);

3. Load the testcase.

Assertion failure: rt->gcMode != JSGC_MODE_GLOBAL, at jsgc.cpp:3600

Based on the stack trace, I suspect this is a regression from the following chunk of bug 730447's patch:

@ MaybeGC
+    if (comp->gcMallocAndFreeBytes >= comp->gcTriggerMallocAndFreeBytes) {
+        GCSlice(cx, comp, GC_NORMAL, gcreason::MAYBEGC);
+        return;
+    }
Comment 1 Bill McCloskey (:billm) 2012-03-12 11:01:10 PDT
Created attachment 605011 [details] [diff] [review]

This fixes two problems:
1. We're triggering a compartment GC when we're not supposed to.
2. We're triggering a GC when malloc bytes and trigger malloc bytes are both 0.
Comment 3 Marco Bonardo [::mak] 2012-03-13 04:55:13 PDT

Note You need to log in before you can comment on or make changes to this bug.