Closed
Bug 1411322
Opened 7 years ago
Closed 7 years ago
Assertion failure: pages_.empty(), at /builds/worker/workspace/build/src/js/src/jit/ProcessExecutableMemory.cpp:483
Categories
(Core :: Audio/Video: Recording, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla58
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox56 | --- | unaffected |
| firefox57 | --- | unaffected |
| firefox58 | --- | fixed |
People
(Reporter: jkratzer, Assigned: pehrsons)
References
(Blocks 1 open bug)
Details
(Keywords: assertion, testcase)
Attachments
(6 files)
Testcase found while fuzzing mozilla-central rev a80d568a417e. Testcase requires the fuzzPriv extension found here: https://github.com/MozillaSecurity/domfuzz/tree/master/dom/extension
Flags: in-testsuite?
|
Reporter | |
Comment 1•7 years ago
|
||
|
|
Reporter | |
Comment 2•7 years ago
|
||
|
|
Reporter | |
Updated•7 years ago
|
Version: unspecified → 58 Branch
|
||
Comment 3•7 years ago
|
||
This shows up as a shutdown assert for me, FWIW. In older builds, the assertion shows up as the one below rather than the pages._empty() one. Assertion failure: set_.empty(), at /builds/worker/workspace/build/src/js/src/vm/RegExpShared.h:270 Regression range: INFO: Last good revision: 5e311cd7074e6b649187f5a79371f0681c2d7504 INFO: First bad revision: 8448eee20c9afa97a9679cae293ad1f21e7f6668 INFO: Pushlog: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=5e311cd7074e6b649187f5a79371f0681c2d7504&tochange=8448eee20c9afa97a9679cae293ad1f21e7f6668 --> Bug 1296531 In some builds, it also hits "Assertion failure: m_pools.empty(), at /builds/worker/workspace/build/src/js/src/jit/ExecutableAllocator.cpp:131". I haven't bisected the changes in the specific assertion hit under the assumption that there's a general lifetime issue where the specific assertion probably isn't as important. Feel free to NI if you do want to know.
Blocks: 1296531
Has Regression Range: --- → yes
status-firefox56:
--- → unaffected
status-firefox57:
--- → unaffected
status-firefox58:
--- → affected
status-firefox-esr52:
--- → unaffected
Component: JavaScript Engine: JIT → Audio/Video: Recording
Flags: needinfo?(apehrson)
|
||
Comment 4•7 years ago
|
||
Marking P2 for now, because of the crash. Feel free to change once we know better what's going on here.
Rank: 25
Priority: -- → P2
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → apehrson
| Comment hidden (Intermittent Failures Robot) |
|
|
Assignee | |
Updated•7 years ago
|
Status: NEW → ASSIGNED
Flags: needinfo?(apehrson)
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
|
|
Assignee | |
Comment 9•7 years ago
|
||
Try test-only: https://treeherder.mozilla.org/#/jobs?repo=try&revision=51bf7ba3cba81f4bec84d4547a2a07876a13f987 Try with fix: https://treeherder.mozilla.org/#/jobs?repo=try&revision=20202111b7607a69cdf6339d115629d82ea8a703
|
||
Comment 10•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8927275 [details] Bug 1411322 - Add crashtest getting memory reports from MediaRecorder. https://reviewboard.mozilla.org/r/198588/#review203768 ::: dom/media/test/crashtests/crashtests.list:110 (Diff revision 1) > HTTP load media-element-source-seek-1.html > load offline-buffer-source-ended-1.html > load oscillator-ended-1.html > load oscillator-ended-2.html > skip-if(Android&&AndroidVersion=='22') load video-replay-after-audio-end.html # bug 1315125, bug 1358876 > # This needs to run at the end to avoid leaking busted state into other tests. Do we need to run ahead of state leaky tests? Guessing not, but better safe than sorry.
Attachment #8927275 -
Flags: review?(bvandyk) → review+
|
|
||
Comment 11•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8927276 [details] Bug 1411322 - Simplify MediaRecorderReporter. https://reviewboard.mozilla.org/r/198590/#review203770
Attachment #8927276 -
Flags: review?(bvandyk) → review+
|
|
||
Comment 12•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8927277 [details] Bug 1411322 - Call nsIMemoryReporterManager::EndReport after reporting. https://reviewboard.mozilla.org/r/198592/#review203772
Attachment #8927277 -
Flags: review?(bvandyk) → review+
|
|
Assignee | |
Comment 13•7 years ago
|
||
| mozreview-review-reply | ||
Comment on attachment 8927275 [details] Bug 1411322 - Add crashtest getting memory reports from MediaRecorder. https://reviewboard.mozilla.org/r/198588/#review203768 > Do we need to run ahead of state leaky tests? Guessing not, but better safe than sorry. Good point. I'll move it up.
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
|
||
Comment 17•7 years ago
|
||
Pushed by pehrsons@gmail.com: https://hg.mozilla.org/integration/autoland/rev/69f01c927e9a Add crashtest getting memory reports from MediaRecorder. r=SingingTree https://hg.mozilla.org/integration/autoland/rev/29797271f660 Simplify MediaRecorderReporter. r=SingingTree https://hg.mozilla.org/integration/autoland/rev/299bec984c40 Call nsIMemoryReporterManager::EndReport after reporting. r=SingingTree
|
||
Comment 18•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/69f01c927e9a https://hg.mozilla.org/mozilla-central/rev/29797271f660 https://hg.mozilla.org/mozilla-central/rev/299bec984c40
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
You need to log in
before you can comment on or make changes to this bug.
Description
•