Open Bug 1731142 Opened 4 months ago Updated 2 months ago

Crash in [@ style::stylist::CascadeData::add_rule_list<T>]

Categories

(Core :: CSS Parsing and Computation, defect)

Unspecified
Windows
defect

Tracking

()

Tracking Status
firefox-esr78 --- unaffected
firefox-esr91 --- unaffected
firefox92 --- unaffected
firefox93 --- wontfix
firefox94 --- wontfix
firefox95 --- wontfix

People

(Reporter: aryx, Assigned: emilio)

References

(Regression)

Details

(Keywords: crash, regression)

Crash Data

Attachments

(1 file)

8 crashes from 7 different installations, all Windows

Maybe Fission related. (DOMFissionEnabled=1)

Crash report: https://crash-stats.mozilla.org/report/index/fb9f038d-8903-4e13-9e70-6cd180210916

MOZ_CRASH Reason: Locked::read_with called with a guard from an unrelated SharedRwLock

Top 10 frames of crashing thread:

0 xul.dll RustMozCrash mozglue/static/rust/wrappers.cpp:17
1 xul.dll mozglue_static::panic_hook mozglue/static/rust/lib.rs:91
2 xul.dll core::ops::function::Fn::call<fn ../a178d0322ce20e33eac124758e837cbd80a6f633/library/core/src/ops/function.rs:227
3 xul.dll std::panicking::rust_panic_with_hook ../a178d0322ce20e33eac124758e837cbd80a6f633//library/std/src/panicking.rs:626
4 xul.dll std::panicking::begin_panic::{{closure}}<str> ../a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:542
5 xul.dll std::sys_common::backtrace::__rust_end_short_backtrace<closure-0, !> ../a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:141
6 xul.dll std::panicking::begin_panic<str> ../a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:541
7 xul.dll style::stylist::CascadeData::add_rule_list<style::gecko::data::GeckoStyleSheet> servo/components/style/stylist.rs:2394
8 xul.dll style::stylist::CascadeData::add_stylesheet<style::gecko::data::GeckoStyleSheet> servo/components/style/stylist.rs:2453
9 xul.dll style::stylist::CascadeData::rebuild<style::gecko::data::GeckoStyleSheet> servo/components/style/stylist.rs:2042
Flags: needinfo?(emilio)

I think this probably just changed signatures with those changes, so shouldn't be a regression per se... But I'll add some more diagnostic information.

Flags: needinfo?(emilio)

Note that the crash reason is sanitized so we're not exposing anything
sensitive.

I think my patch just changed the signature of the stack, as it didn't
change anything related to guards or what not. But without knowing why
is failing or a repro it's hard to know what's going on.

Printing the address at list would give us some indication of what might
be going wrong (perhaps we're using a static lock when we don't expect
one or such?).

Assignee: nobody → emilio
Status: NEW → ASSIGNED
Pushed by ealvarez@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d0661e7dd0c9
Print lock address on assert. r=firefox-style-system-reviewers,layout-reviewers,boris
Status: ASSIGNED → RESOLVED
Closed: 4 months ago
Resolution: --- → FIXED
Target Milestone: --- → 94 Branch

(It is only a diagnostic patch)

Status: RESOLVED → REOPENED
Resolution: FIXED → ---

Low volume crasher on beta and we are nearing the end of the beta cycle, fix-optional 93.

Status: REOPENED → NEW
Target Milestone: 94 Branch → ---

Anything useful in the Fx94 reports w/ diagnostic patch?

Flags: needinfo?(emilio)

Looking at some of the crashes I see messages like:

  • Locked::read_with called with a guard from an unrelated SharedRwLock: 0x4010 vs. 0x168e0680
  • Locked::read_with called with a guard from an unrelated SharedRwLock: 0x20 vs. 0x13f1ca8

That looks really weird, the locks are static and shouldn't change address and should be alive forever... I see other crashes that don't have crash reason and just are a very-near-null crash...

So nothing particularly actionable, I suspect some sort of corruption... I'll try to chkimg some of the reports...

Flags: needinfo?(emilio)
You need to log in before you can comment on or make changes to this bug.