Closed Bug 908696 Opened 11 years ago Closed 11 years ago

GenerationalGC: Disable post barrier verification when disabling GGC

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla26

People

(Reporter: jonco, Assigned: jonco)

References

Details

Attachments

(1 file, 1 obsolete file)

disable-barrier-verification-with-ggc-2
1.86 KB, patch
terrence
: review+
Details | Diff | Splinter Review
Attached patch disable-verification-with-ggc (obsolete) — Splinter Review 
When running jittests with barrier verification turned on, test gc/bug-890048.js fails like this:

Assertion failure: isEnabled(), at /home/jon/work/inbound/js/src/gc/StoreBuffer.cpp:293

Catchpoint 1 (signal SIGSEGV), js::gc::StoreBuffer::mark (this=0x7ffff7fbad50, 
    trc=0x1a64390) at /home/jon/work/inbound/js/src/gc/StoreBuffer.cpp:293
293	    JS_ASSERT(isEnabled());

Catchpoint 1 (signal SIGSEGV), js::gc::StoreBuffer::mark (this=0x7ffff7fbad50, 
    trc=0x1a64390) at /home/jon/work/inbound/js/src/gc/StoreBuffer.cpp:293
293	    JS_ASSERT(isEnabled());
(gdb) bt
#0  js::gc::StoreBuffer::mark (this=0x7ffff7fbad50, trc=0x1a64390)
    at /home/jon/work/inbound/js/src/gc/StoreBuffer.cpp:293
#1  0x00000000006a443a in js::gc::EndVerifyPostBarriers (rt=0x7ffff7f7a010)
    at /home/jon/work/inbound/js/src/gc/Verifier.cpp:748
#2  0x00000000007b70c8 in js::gc::AutoStopVerifyingBarriers::AutoStopVerifyingBarriers (
    this=0x7fffffffad98, rt=0x7ffff7f7a010, isShutdown=false, _notifier=...)
    at ../gc/GCInternals.h:130
#3  0x00000000007b45f4 in js::gc::AutoStopVerifyingBarriers::AutoStopVerifyingBarriers (
    this=0x7fffffffad98, rt=0x7ffff7f7a010, isShutdown=false, _notifier=...)
    at ../gc/GCInternals.h:132
#4  0x000000000079f1f0 in Collect (rt=0x7ffff7f7a010, incremental=false, budget=0, 
    gckind=js::GC_NORMAL, reason=JS::gcreason::DEBUG_GC)
    at /home/jon/work/inbound/js/src/jsgc.cpp:4565
#5  0x00000000007a051d in js::gc::RunDebugGC (cx=0x1a1b970)
    at /home/jon/work/inbound/js/src/jsgc.cpp:4877
#6  0x00000000005e5dce in js::gc::NewGCThing<JSObject, (js::AllowGC)1> (cx=0x1a1b970, 
    kind=js::gc::FINALIZE_OBJECT0_BACKGROUND, thingSize=32, heap=js::gc::DefaultHeap)
    at ../jsgcinlines.h:409


This is because it causes generational GC to be disabled, but doesn't disable post barrier verification, which triggers the isEnabled() assertion the next time it tries to run.
Attachment #794713 - Flags: review?(terrence)
Comment on attachment 794713 [details] [diff] [review]
disable-verification-with-ggc

Review of attachment 794713 [details] [diff] [review]:
-----------------------------------------------------------------

Good find! r=me
Attachment #794713 - Flags: review?(terrence) → review+
So I saw there was a simpler fix for this, given that doing a minor collection already calls EndVerifyPreBarriers() via AutoStopVerifyingBarriers.
Attachment #794713 - Attachment is obsolete: true
Attachment #796007 - Flags: review?(terrence)
Comment on attachment 796007 [details] [diff] [review]
disable-barrier-verification-with-ggc-2

Review of attachment 796007 [details] [diff] [review]:
-----------------------------------------------------------------

Clever! Much cleaner too. r=me
Attachment #796007 - Flags: review?(terrence) → review+
https://hg.mozilla.org/mozilla-central/rev/df8b1e56e1a6
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla26
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: