Last Comment Bug 765907 - eif-generator.js assertion error with gc zeal at 4
: eif-generator.js assertion error with gc zeal at 4
Status: RESOLVED FIXED
[js:t]
:
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: unspecified
: x86_64 Linux
: -- normal (vote)
: mozilla16
Assigned To: Luke Wagner [:luke]
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-18 14:27 PDT by :Benjamin Peterson
Modified: 2012-06-26 01:57 PDT (History)
4 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
fix (2.04 KB, patch)
2012-06-18 19:20 PDT, Luke Wagner [:luke]
wmccloskey: review+
Details | Diff | Review

Description :Benjamin Peterson 2012-06-18 14:27:42 PDT
$ JS_GC_ZEAL=4 jit-test/jit_test.py _DBJ.OBJ/js eif-generator -o
Assertion failure: addr % Cell::CellSize == 0, at ../gc/Heap.h:825
Comment 1 Luke Wagner [:luke] 2012-06-18 19:20:58 PDT
Created attachment 634271 [details] [diff] [review]
fix

Ah, so the problem is that it is totally bogus to copy a generator frame's slot values into the call object when the generator is about to finalized (duh).  Rather than trying to dance around to make this work, I'd rather just remove the copy since it only helps preserve debugger values in a presumably rare corner case.
Comment 2 Bill McCloskey (:billm) 2012-06-25 14:23:09 PDT
Comment on attachment 634271 [details] [diff] [review]
fix

This looks fine to me. Jim, I just want to make sure you're okay losing this debugger feature.
Comment 3 Luke Wagner [:luke] 2012-06-25 14:26:21 PDT
The code removal here is definitely a necessary fix, since the values are potentially garbage, so "not losing the debugger feature" is really "adding a debugger feature" which would imply a new bug.
Comment 4 Luke Wagner [:luke] 2012-06-25 14:43:25 PDT
https://hg.mozilla.org/integration/mozilla-inbound/rev/0d94dbf7ae1e
and filed bug 768220 as followup.
Comment 5 Ed Morley [:emorley] 2012-06-26 01:57:52 PDT
https://hg.mozilla.org/mozilla-central/rev/0d94dbf7ae1e

Note You need to log in before you can comment on or make changes to this bug.