1759249 - Crash in [@ mozilla::dom::WarningOnlyErrorReporter] from js::wasm::Log off the main thread

Status: RESOLVED DUPLICATE of bug 1757733

(Core :: JavaScript: WebAssembly, defect)

Description

[Andrew McCreight [:mccr8]]

Maybe Fission related. (DOMFissionEnabled=1)

Crash report: https://crash-stats.mozilla.org/report/index/0cd58f45-3d3b-4169-8e04-f2fe30220310

Reason: EXCEPTION_ACCESS_VIOLATION_READ

Top 10 frames of crashing thread:

0 xul.dll mozilla::dom::WarningOnlyErrorReporter dom/script/ScriptSettings.cpp:498
1 xul.dll js::ReportErrorNumberVA js/src/vm/ErrorReporting.cpp:481
2 xul.dll js::WarnNumberASCII js/src/vm/Warnings.cpp:74
3 xul.dll js::wasm::Log js/src/wasm/WasmLog.cpp:43
4 xul.dll static js::wasm::CompileArgs::build js/src/wasm/WasmCompile.cpp:159
5 xul.dll ModuleValidator<mozilla::Utf8Unit>::finish js/src/wasm/AsmJS.cpp:2156
6 xul.dll js::CompileAsmJS js/src/wasm/AsmJS.cpp:7169
7 xul.dll js::frontend::Parser<js::frontend::FullParseHandler, mozilla::Utf8Unit>::asmJS js/src/frontend/Parser.cpp:3890
8 xul.dll js::frontend::GeneralParser<js::frontend::FullParseHandler, mozilla::Utf8Unit>::statementList js/src/frontend/Parser.cpp:4097
9 xul.dll js::frontend::GeneralParser<js::frontend::FullParseHandler, mozilla::Utf8Unit>::functionBody js/src/frontend/Parser.cpp:2408

WASM log call on a helper thread. I think it is it hitting a null JS context?

The earliest crash I see like this is 20220303190240 (this one: bp-0477541e-2693-43b1-bed8-c4d1e0220310). I thought this looked sort of like bug 1759107, but bug 1643586 isn't in 99. Jon, can you think of anything else that might have changed the behavior of JS contexts off the main thread? Thanks.

Comment 1

[Andrew McCreight [:mccr8]]

Well, for what it is worth, there's already a bug on file for this on Linux.