Bug 1333000 part 5 - Annotate crash reports with the value we found instead of the TI magic word. r=ehoogeveen
authorJan de Mooij <jdemooij@mozilla.com>
Sun, 05 Feb 2017 21:24:23 +0100
changeset 340887 3153a3e522f78e899d2e8368421d4d325d271536
parent 340886 9436c71aecf1598172748722c48d87a1ac0894d6
child 340888 96b2668cb9ca691a4514e5a7a16bab5ec0c210cc
push id31318
push usercbook@mozilla.com
push dateMon, 06 Feb 2017 11:56:59 +0000
treeherdermozilla-central@1cc159c7a044 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersehoogeveen
bugs1333000
milestone54.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1333000 part 5 - Annotate crash reports with the value we found instead of the TI magic word. r=ehoogeveen
js/src/vm/TypeInference.cpp
js/src/vm/TypeInference.h
--- a/js/src/vm/TypeInference.cpp
+++ b/js/src/vm/TypeInference.cpp
@@ -2,16 +2,17 @@
  * vim: set ts=8 sts=4 et sw=4 tw=99:
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "vm/TypeInference-inl.h"
 
 #include "mozilla/DebugOnly.h"
+#include "mozilla/IntegerPrintfMacros.h"
 #include "mozilla/MemoryReporting.h"
 #include "mozilla/PodOperations.h"
 #include "mozilla/SizePrintfMacros.h"
 #include "mozilla/Sprintf.h"
 
 #include "jsapi.h"
 #include "jscntxt.h"
 #include "jsgc.h"
@@ -2601,16 +2602,30 @@ TypeZone::addPendingRecompile(JSContext*
 
     // When one script is inlined into another the caller listens to state
     // changes on the callee's script, so trigger these to force recompilation
     // of any such callers.
     if (script->functionNonDelazifying() && !script->functionNonDelazifying()->hasLazyGroup())
         ObjectStateChange(cx, script->functionNonDelazifying()->group(), false);
 }
 
+#ifdef JS_CRASH_DIAGNOSTICS
+static char sCrashReason[256];
+
+MOZ_NORETURN MOZ_COLD MOZ_NEVER_INLINE void
+js::ReportMagicWordFailure(uintptr_t actual, uintptr_t expected)
+{
+    SprintfLiteral(sCrashReason,
+                   "MOZ_CRASH(Got 0x%" PRIxPTR " expected magic word 0x%" PRIxPTR ")",
+                   actual, expected);
+    MOZ_CRASH_ANNOTATE(sCrashReason);
+    MOZ_REALLY_CRASH();
+}
+#endif
+
 void
 js::PrintTypes(JSContext* cx, JSCompartment* comp, bool force)
 {
 #ifdef DEBUG
     gc::AutoSuppressGC suppressGC(cx);
     JSAutoRequest request(cx);
 
     Zone* zone = comp->zone();
--- a/js/src/vm/TypeInference.h
+++ b/js/src/vm/TypeInference.h
@@ -538,16 +538,21 @@ class TypeSet
 #if JS_BITS_PER_WORD == 32
 static const uintptr_t BaseTypeInferenceMagic = 0xa1a2b3b4;
 #else
 static const uintptr_t BaseTypeInferenceMagic = 0xa1a2b3b4c5c6d7d8;
 #endif
 static const uintptr_t TypeConstraintMagic = BaseTypeInferenceMagic + 1;
 static const uintptr_t ConstraintTypeSetMagic = BaseTypeInferenceMagic + 2;
 
+#ifdef JS_CRASH_DIAGNOSTICS
+extern MOZ_NORETURN MOZ_COLD MOZ_NEVER_INLINE void
+ReportMagicWordFailure(uintptr_t actual, uintptr_t expected);
+#endif
+
 /*
  * A constraint which listens to additions to a type set and propagates those
  * changes to other type sets.
  */
 class TypeConstraint
 {
 #ifdef JS_CRASH_DIAGNOSTICS
     uintptr_t magic_;
@@ -562,17 +567,18 @@ class TypeConstraint
     {
 #ifdef JS_CRASH_DIAGNOSTICS
         magic_ = TypeConstraintMagic;
 #endif
     }
 
     void checkMagic() const {
 #ifdef JS_CRASH_DIAGNOSTICS
-        MOZ_RELEASE_ASSERT(magic_ == TypeConstraintMagic);
+        if (MOZ_UNLIKELY(magic_ != TypeConstraintMagic))
+            ReportMagicWordFailure(magic_, TypeConstraintMagic);
 #endif
     }
 
     TypeConstraint* next() const {
         checkMagic();
         if (next_)
             next_->checkMagic();
         return next_;
@@ -664,17 +670,18 @@ class ConstraintTypeSet : public TypeSet
     void initMagic() {
         MOZ_ASSERT(!magic_);
         magic_ = ConstraintTypeSetMagic;
     }
 #endif
 
     void checkMagic() const {
 #ifdef JS_CRASH_DIAGNOSTICS
-        MOZ_RELEASE_ASSERT(magic_ == ConstraintTypeSetMagic);
+        if (MOZ_UNLIKELY(magic_ != ConstraintTypeSetMagic))
+            ReportMagicWordFailure(magic_, ConstraintTypeSetMagic);
 #endif
     }
 
     TypeConstraint* constraintList() const {
         checkMagic();
         if (constraintList_)
             constraintList_->checkMagic();
         return constraintList_;