Crash [@ js::Nursery::enterZealMode]
Categories
(Core :: JavaScript: GC, defect, P1)
Tracking
()
People
(Reporter: gkw, Assigned: jonco)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: regression, reporter-external, testcase)
Crash Data
Attachments
(3 files)
|
4.23 KB,
text/plain
|
Details | |
|
24.29 KB,
text/plain
|
Details | |
|
48 bytes,
text/x-phabricator-request
|
pascalc
:
approval-mozilla-beta+
|
Details | Review |
See attached testcase.
The first bad revision is:
changeset: https://hg.mozilla.org/mozilla-central/rev/43978ebfc7ac
user: Jon Coppeard
date: Wed Jan 20 10:04:29 2021 +0000
summary: Bug 1686219 - Store chunk information at the start rather than the end of the chunk r=sfink
Run with --fuzzing-safe --differential-testing --no-threads --no-baseline --no-ion, compile with MAKE=mozmake 'LIBCLANG_PATH=c:\Users\<user>\.mozbuild\clang\bin' sh ./configure --host=x86_64-pc-mingw32 --target=x86_64-pc-mingw32 --enable-debug --enable-gczeal --enable-debug-symbols --disable-tests, tested on m-c rev 63534c66d7b8.
Not sure if this is s-s since it seems to require --differential-testing, I'd leave it to Jon/Steve. Also seems Windows-only.
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Comment 1•4 years ago
|
||
|
|
Reporter | |
Comment 2•4 years ago
|
||
$ ~/.mozbuild/clang/bin/clang.exe --version
clang version 11.0.0
Target: x86_64-pc-windows-msvc
Thread model: posix
InstalledDir: c:\Users\<user>\.mozbuild\clang\bin
|
Assignee | |
Comment 3•4 years ago
|
||
Thanks, I can see what the problem is. This is specific to GC zeal, which means it's not present in release builds and not security sensitive.
|
|
Assignee | |
Comment 4•4 years ago
|
||
I missed changing this size calculation when moving the chunk metadata to the start of the chunk. This marks the whole chunk in use again if any of it could have been marked not it use.
|
||
Updated•4 years ago
|
|
|
||
Updated•4 years ago
|
|
||
Comment 6•4 years ago
|
||
| bugherder | ||
|
||
Updated•4 years ago
|
|
||
Comment 7•4 years ago
|
||
The patch landed in nightly and beta is affected.
:jonco, is this bug important enough to require an uplift?
If not please set status_beta to wontfix.
For more information, please visit auto_nag documentation.
|
|
Assignee | |
Comment 8•4 years ago
|
||
(In reply to Release mgmt bot [:sylvestre / :calixte / :marco for bugbug] from comment #7)
Yes, let's uplift this.
|
||
Comment 9•4 years ago
|
||
(In reply to Jon Coppeard (:jonco) from comment #8)
(In reply to Release mgmt bot [:sylvestre / :calixte / :marco for bugbug] from comment #7)
Yes, let's uplift this.
Hi Jon, could you make an uplift request via our Bugzilla form please? Thanks
|
|
Assignee | |
Comment 10•4 years ago
|
||
Comment on attachment 9198953 [details]
Bug 1688517 - Fix marking nursery pages in use when entering generational zeal mode r?sfink
Beta/Release Uplift Approval Request
- User impact if declined: None, but there may be testing impact.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This is a very simple change and affects code that is not present in release builds.
- String changes made/needed:
|
|
||
Comment 11•4 years ago
|
||
Comment on attachment 9198953 [details]
Bug 1688517 - Fix marking nursery pages in use when entering generational zeal mode r?sfink
Approved for 86 beta 4, thanks.
|
||
Comment 12•4 years ago
|
||
| bugherder uplift | ||
|
||
Updated•4 years ago
|
|
||
Updated•4 years ago
|
|
|
Reporter | |
Updated•9 months ago
|
|
||
Updated•8 months ago
|
Description
•