Closed
Bug 1401692
Opened 8 years ago
Closed 8 years ago
stylo: thread '<unnamed>' panicked at 'assertion failed: n == 0', /builds/worker/workspace/build/src/servo/components/malloc_size_of/lib.rs:397
Categories
(Core :: CSS Parsing and Computation, defect, P2)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox55 | --- | unaffected |
| firefox56 | --- | unaffected |
| firefox57 | --- | fixed |
People
(Reporter: jkratzer, Assigned: n.nethercote)
References
(Blocks 2 open bugs)
Details
(Keywords: assertion, testcase, Whiteboard: [fuzzblocker])
Attachments
(3 files)
Testcase found while fuzzing mozilla-central rev 20170920-a20de99fa3c1.
Flags: in-testsuite?
|
Reporter | |
Comment 1•8 years ago
|
||
Stacktrace minidump.
|
||
Updated•8 years ago
|
Assignee: nobody → n.nethercote
Flags: needinfo?(n.nethercote)
Priority: -- → P2
|
|
Reporter | |
Updated•8 years ago
|
Whiteboard: [fuzzblocker]
|
Assignee | |
Comment 2•8 years ago
|
||
https://github.com/servo/servo/pull/18583 has the fix.
Flags: needinfo?(n.nethercote)
|
|
||
Comment 3•8 years ago
|
||
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 5•8 years ago
|
||
I can't get this to crash just by loading the test case. I also have to open about:memory and click "measure". So it seems like this line:
> try { fuzzPriv.getMemoryReports(true) } catch(e) { }
isn't doing anything. I tried moving that line after the `insertRule` line but it didn't help.
jkratzer, any suggestions?
Flags: needinfo?(n.nethercote) → needinfo?(jkratzer)
|
|
Reporter | |
Comment 6•8 years ago
|
||
(In reply to Nicholas Nethercote [:njn] from comment #5)
> I can't get this to crash just by loading the test case. I also have to open
> about:memory and click "measure". So it seems like this line:
>
> > try { fuzzPriv.getMemoryReports(true) } catch(e) { }
>
> isn't doing anything. I tried moving that line after the `insertRule` line
> but it didn't help.
>
> jkratzer, any suggestions?
You'll need the fuzzPriv extension which you can find here:
https://github.com/MozillaSecurity/domfuzz/tree/master/dom/extension
You may also need the following prefs enabled:
user_pref("extensions.legacy.enabled", true);
user_pref("extensions.allow-non-mpc-extensions", true);
Flags: needinfo?(jkratzer)
|
|
||
Comment 7•8 years ago
|
||
The fuzzprivs extension isn't going to help for a crashtest. You'll want to add something to SpecialPowers, which is available in crashtests.
Flags: needinfo?(n.nethercote)
|
||
Updated•8 years ago
|
status-firefox57:
--- → fixed
|
|
||
Updated•8 years ago
|
status-firefox55:
--- → unaffected
status-firefox56:
--- → unaffected
status-firefox-esr52:
--- → unaffected
|
|
Assignee | |
Comment 8•8 years ago
|
||
I don't really want to add stuff to SpecialPowers for this very small crashtest. So I tried adding the code to toolkit/components/aboutmemory/tests/test_memoryReporters.xul, but I couldn't get it to work, presumably due to differences between HTML and XUL. So now I'm stuck and I don't think it's worth more effort to get this test working in some other way.
Flags: needinfo?(n.nethercote)
|
|
||
Comment 9•8 years ago
|
||
(In reply to Nicholas Nethercote [:njn] from comment #8)
> I don't really want to add stuff to SpecialPowers for this very small
> crashtest.
Why not? It'd just be a few lines of code, similar to what we do for forceGC:
http://searchfox.org/mozilla-central/rev/15ce5cb2db0c85abbabe39a962b0e697c9ef098f/testing/specialpowers/content/specialpowersAPI.js#1491
> So I tried adding the code to
> toolkit/components/aboutmemory/tests/test_memoryReporters.xul, but I
> couldn't get it to work, presumably due to differences between HTML and XUL.
> So now I'm stuck and I don't think it's worth more effort to get this test
> working in some other way.
I agree that we could probably live without the crashtest, but I would like to make sure we're on the same page in terms of adding something like this to SpecialPowers being a low bar.
Flags: needinfo?(n.nethercote)
|
|
Assignee | |
Comment 10•8 years ago
|
||
This required adding getMemoryReports() to SpecialPowers.
Attachment #8912096 -
Flags: review?(bobbyholley)
|
|
Assignee | |
Updated•8 years ago
|
Flags: needinfo?(n.nethercote)
|
|
||
Comment 11•8 years ago
|
||
Comment on attachment 8912096 [details] [diff] [review]
Add crashtest
Review of attachment 8912096 [details] [diff] [review]:
-----------------------------------------------------------------
Thanks.
Attachment #8912096 -
Flags: review?(bobbyholley) → review+
|
|
Assignee | |
Comment 12•8 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/060e7ed8536c184a4b8da50c1fe10f81feac29ff
Bug 1401692 - Add crashtest. r=bholley.
|
||
Comment 13•8 years ago
|
||
| bugherder | ||
You need to log in
before you can comment on or make changes to this bug.
Description
•