Closed Bug 1584814 Opened 6 years ago Closed 6 years ago

Crash in [@ JSRope::flattenInternal<T>]

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
Unspecified
Windows 10
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1584820
Tracking Flags:
Tracking Status
firefox-esr60 --- wontfix
firefox69 --- wontfix
firefox70 --- wontfix
firefox71 blocking fixed

People

(Reporter: pascalc, Unassigned)

Details

(Keywords: crash, Whiteboard: [rca - logical error])

Crash Data

This bug is for crash report bp-1eb601c4-e63f-4cbe-9b53-1e3d60190928.

Top 10 frames of crashing thread:

0 xul.dll class JSFlatString* JSRope::flattenInternal<JSRope::NoBarrier, unsigned char> js/src/vm/StringType.cpp:670
1 xul.dll JSRope::flatten js/src/vm/StringType.cpp:859
2 xul.dll static bool Quote js/src/builtin/JSON.cpp:156
3 xul.dll static bool Str js/src/builtin/JSON.cpp:657
4 xul.dll static bool Str js/src/builtin/JSON.cpp:708
5 xul.dll static bool Str js/src/builtin/JSON.cpp:708
6 xul.dll js::Stringify js/src/builtin/JSON.cpp:879
7 xul.dll static bool json_stringify js/src/builtin/JSON.cpp:1079
8 xul.dll js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:551
9 xul.dll static bool Interpret js/src/vm/Interpreter.cpp:3113

This signature exploded over the week end on Nightly (from a couple of crashes per week to hundreds in yesterday's build), marking as a blocker.

Iain, might this be related to the XDR atoms work in Bug 1575370? Some sort of missing GC marks perhaps.

Flags: needinfo?(iireland)

I think this might be the same issue as bug 1584820.

Flags: needinfo?(iireland)

Crashes stopped after the revert in bug 1584820 so I am duping it to this bug.

Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox71: affectedfixed
Resolution: --- → DUPLICATE

This bug has been identified as part of a pilot on determining root causes of blocking and dot release drivers.

It needs a root-cause set for it. Please see the list at https://docs.google.com/document/d/1FFEGsmoU8T0N8R9kk-MXWptOPtXXXRRIe4vQo3_HgMw/.

Add the root cause as a whiteboard tag in the form [rca - <cause> ] and remove the rca-needed keyword.

If you have questions, please contact :tmaity.

Keywords: rca-needed

Iain, probably makes sense for you to do the RCA here. We can talk it over next week if there are questions.

Flags: needinfo?(iireland)
Flags: needinfo?(iireland)
Keywords: rca-needed
Whiteboard: [rca - logical error]
You need to log in before you can comment on or make changes to this bug.