Closed
Bug 1285237
Opened 8 years ago
Closed 8 years ago
Intermittent test_conformance__extensions__ext-shader-texture-lod.html | application crashed [@ js::LifoAlloc::getOrCreateChunk]
Categories
(Core :: JavaScript Engine, defect, P3)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla52
People
(Reporter: intermittent-bug-filer, Assigned: nbp)
References
Details
(Keywords: intermittent-failure)
Attachments
(1 file)
|
817 bytes,
patch
|
jorendorff
:
review+
ritu
:
approval-mozilla-aurora+
ritu
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
Filed by: tomcat https://treeherder.mozilla.org/logviewer.html#?job_id=10345767&repo=fx-team https://queue.taskcluster.net/v1/task/LScEx9t2TsKFhjZeDM7xuQ/runs/0/artifacts/public%2Flogs%2Flive_backing.log
|
Assignee | |
Comment 1•8 years ago
|
||
Is this a debug-only thing? This is likely an assertion that I added (Bug 1264948 part 2) to ensure that we do not blindly assume that LifoAlloc are infallible, but I did not expected to see that in the Parser, but only in IonMonkey's code. Usually the stack trace is enough to investigate such issues, but this might be a little tricky as I did not expected that Parser to have a LifoAlloc with a flag set for using this assertion. 11:28:39 INFO - 0 libxul.so!js::LifoAlloc::getOrCreateChunk [LifoAlloc.h:4a8d8898e507 : 71 + 0x0] 11:28:39 INFO - 1 libxul.so!js::frontend::ParseNodeAllocator::allocNode [LifoAlloc.h:4a8d8898e507 : 225 + 0x7] 11:28:39 INFO - 2 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::newName [FullParseHandler.h:4a8d8898e507 : 33 + 0x3] 11:28:39 INFO - 3 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::identifierName [Parser.cpp:4a8d8898e507 : 8940 + 0x7] 11:28:39 INFO - 4 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::primaryExpr [Parser.cpp:4a8d8898e507 : 9571 + 0x7] 11:28:39 INFO - 5 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::memberExpr [Parser.cpp:4a8d8898e507 : 8753 + 0x11] 11:28:39 INFO - 6 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::unaryExpr [Parser.cpp:4a8d8898e507 : 8282 + 0x19] 11:28:39 INFO - 7 libxul.so!js::frontend::Parser<js::frontend::FullParseHandler>::orExpr1 [Parser.cpp:4a8d8898e507 : 7758 + 0xd] My blind guess would be that this is somewhat related to AsmJS.
Blocks: 1264948
|
|
Assignee | |
Comment 2•8 years ago
|
||
This patch add a debug-only AutoFallibleScope, what this does, is that it set a flag on the LifoAlloc to mention that we are checking the return value of it. Thus, it disables the assertion in getOrCreateChunk added in Bug 1264948 part 2, and replaces it by the oomTest-able kind of allocation. This mechanism got added as a way to ensure that IonMonkey does not rely too much on the underlying ability to request more pages, without checking for OOM, while also prevent oomTest-able failures on allocations which are assumed to be infallible. This issue likely comes from the Parser instances created by AsmJS modules[1], which probably re-use the LifoAlloc create with the TempAllocator[2], which has the fallibleScope_ flag[3] turned off by default. [1] http://searchfox.org/mozilla-central/source/js/src/asmjs/AsmJS.h#33 [2] http://searchfox.org/mozilla-central/source/js/src/asmjs/WasmGenerator.h#120 [3] http://searchfox.org/mozilla-central/source/js/src/ds/LifoAlloc.h#166
Attachment #8769688 -
Flags: review?(jorendorff)
|
||
Comment 3•8 years ago
|
||
Bulk assigning P3 to all open intermittent bugs without a priority set in Firefox components per bug 1298978.
Priority: -- → P3
|
||
Updated•8 years ago
|
Attachment #8769688 -
Flags: review?(jorendorff) → review+
Pushed by npierron@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/60843e550836 Consider ParseNodeAllocator::allocNode as fallible. r=jorendorff
|
||
Comment 5•8 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/60843e550836
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox52:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
|
||
Comment 6•8 years ago
|
||
Seems like a pretty trivial patch. Should we consider it for uplift?
Assignee: nobody → nicolas.b.pierron
status-firefox50:
--- → affected
status-firefox51:
--- → affected
Flags: needinfo?(nicolas.b.pierron)
|
|
Assignee | |
Comment 7•8 years ago
|
||
Comment on attachment 8769688 [details] [diff] [review] Consider ParseNodeAllocator::allocNode as fallible. Approval Request Comment [Feature/regressing bug #]: Bug 1264948 [User impact if declined]: Some intermittent remaining on treeherder [Describe test coverage new/current, TreeHerder]: treeherder [Risks and why]: None, because it is simple. [String/UUID change made/needed]: N/A
Flags: needinfo?(nicolas.b.pierron)
Attachment #8769688 -
Flags: approval-mozilla-beta?
Attachment #8769688 -
Flags: approval-mozilla-aurora?
Comment on attachment 8769688 [details] [diff] [review] Consider ParseNodeAllocator::allocNode as fallible. Fixes an intermittent, Aurora51+, Beta50+
Attachment #8769688 -
Flags: approval-mozilla-beta?
Attachment #8769688 -
Flags: approval-mozilla-beta+
Attachment #8769688 -
Flags: approval-mozilla-aurora?
Attachment #8769688 -
Flags: approval-mozilla-aurora+
|
|
||
Comment 9•8 years ago
|
||
| bugherder uplift | ||
https://hg.mozilla.org/releases/mozilla-aurora/rev/4631a67ac611
|
|
||
Comment 10•8 years ago
|
||
| bugherder uplift | ||
https://hg.mozilla.org/releases/mozilla-beta/rev/122bf25cc33c
You need to log in
before you can comment on or make changes to this bug.
Description
•