Closed
Bug 1401692
Opened 6 years ago
Closed 6 years ago
stylo: thread '<unnamed>' panicked at 'assertion failed: n == 0', /builds/worker/workspace/build/src/servo/components/malloc_size_of/lib.rs:397
Categories
(Core :: CSS Parsing and Computation, defect, P2)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox55 | --- | unaffected |
| firefox56 | --- | unaffected |
| firefox57 | --- | fixed |
People
(Reporter: jkratzer, Assigned: n.nethercote)
References
(Blocks 2 open bugs)
Details
(Keywords: assertion, testcase, Whiteboard: [fuzzblocker])
Attachments
(3 files)
Testcase found while fuzzing mozilla-central rev 20170920-a20de99fa3c1.
Flags: in-testsuite?
|
Reporter | |
Comment 1•6 years ago
|
||
Stacktrace minidump.
|
||
Updated•6 years ago
|
Assignee: nobody → n.nethercote
Flags: needinfo?(n.nethercote)
Priority: -- → P2
|
|
Reporter | |
Updated•6 years ago
|
Whiteboard: [fuzzblocker]
|
Assignee | |
Comment 2•6 years ago
|
||
https://github.com/servo/servo/pull/18583 has the fix.
Flags: needinfo?(n.nethercote)
|
|
||
Comment 3•6 years ago
|
||
https://hg.mozilla.org/integration/autoland/rev/1bf51e25a57b
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 5•6 years ago
|
||
I can't get this to crash just by loading the test case. I also have to open about:memory and click "measure". So it seems like this line:
> try { fuzzPriv.getMemoryReports(true) } catch(e) { }
isn't doing anything. I tried moving that line after the `insertRule` line but it didn't help.
jkratzer, any suggestions?Flags: needinfo?(n.nethercote) → needinfo?(jkratzer)
|
|
Reporter | |
Comment 6•6 years ago
|
||
(In reply to Nicholas Nethercote [:njn] from comment #5) > I can't get this to crash just by loading the test case. I also have to open > about:memory and click "measure". So it seems like this line: > > > try { fuzzPriv.getMemoryReports(true) } catch(e) { } > > isn't doing anything. I tried moving that line after the `insertRule` line > but it didn't help. > > jkratzer, any suggestions? You'll need the fuzzPriv extension which you can find here: https://github.com/MozillaSecurity/domfuzz/tree/master/dom/extension You may also need the following prefs enabled: user_pref("extensions.legacy.enabled", true); user_pref("extensions.allow-non-mpc-extensions", true);
Flags: needinfo?(jkratzer)
|
|
||
Comment 7•6 years ago
|
||
The fuzzprivs extension isn't going to help for a crashtest. You'll want to add something to SpecialPowers, which is available in crashtests.
Flags: needinfo?(n.nethercote)
|
||
Updated•6 years ago
|
status-firefox57:
--- → fixed
|
|
||
Updated•6 years ago
|
status-firefox55:
--- → unaffected
status-firefox56:
--- → unaffected
status-firefox-esr52:
--- → unaffected
|
|
Assignee | |
Comment 8•6 years ago
|
||
I don't really want to add stuff to SpecialPowers for this very small crashtest. So I tried adding the code to toolkit/components/aboutmemory/tests/test_memoryReporters.xul, but I couldn't get it to work, presumably due to differences between HTML and XUL. So now I'm stuck and I don't think it's worth more effort to get this test working in some other way.
Flags: needinfo?(n.nethercote)
|
|
||
Comment 9•6 years ago
|
||
(In reply to Nicholas Nethercote [:njn] from comment #8) > I don't really want to add stuff to SpecialPowers for this very small > crashtest. Why not? It'd just be a few lines of code, similar to what we do for forceGC: http://searchfox.org/mozilla-central/rev/15ce5cb2db0c85abbabe39a962b0e697c9ef098f/testing/specialpowers/content/specialpowersAPI.js#1491 > So I tried adding the code to > toolkit/components/aboutmemory/tests/test_memoryReporters.xul, but I > couldn't get it to work, presumably due to differences between HTML and XUL. > So now I'm stuck and I don't think it's worth more effort to get this test > working in some other way. I agree that we could probably live without the crashtest, but I would like to make sure we're on the same page in terms of adding something like this to SpecialPowers being a low bar.
Flags: needinfo?(n.nethercote)
|
|
Assignee | |
Comment 10•6 years ago
|
||
This required adding getMemoryReports() to SpecialPowers.
Attachment #8912096 -
Flags: review?(bobbyholley)
|
|
Assignee | |
Updated•6 years ago
|
Flags: needinfo?(n.nethercote)
|
|
||
Comment 11•6 years ago
|
||
Comment on attachment 8912096 [details] [diff] [review] Add crashtest Review of attachment 8912096 [details] [diff] [review]: ----------------------------------------------------------------- Thanks.
Attachment #8912096 -
Flags: review?(bobbyholley) → review+
|
|
Assignee | |
Comment 12•6 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/060e7ed8536c184a4b8da50c1fe10f81feac29ff Bug 1401692 - Add crashtest. r=bholley.
|
||
Comment 13•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/060e7ed8536c
You need to log in
before you can comment on or make changes to this bug.
Description
•