Hit MOZ_CRASH(Must not run anyer quitting) at /root/SM/sm-latest/js/src/shell/js.cpp:3731
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
People
(Reporter: 2020244068, Unassigned)
Details
Attachments
(1 file)
|
112 bytes,
text/plain
|
Details |
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:107.0) Gecko/20100101 Firefox/107.0
Steps to reproduce:
- git clone --depth 1 https://github.com/mozilla/gecko-dev.git (commit is 008eb054013d699239993782a2835eb2115e21fc)
- build it
- path/to/js/.js test.js
I attach the test.js below
// |jit-test| skip-i .then(()=>quit(0@);
Promise.resolve()
.then(()=>crash("Must not run anyer quitting"));
Actual results:
Hit MOZ_CRASH(Must not run anyer quitting) at /root/SM/sm-latest/js/src/shell/js.cpp:3731
#01: ???[./js +0x14f27f]
#02: ???[./js +0xe5ab0b]
#03: ???[./js +0xe39aad]
#04: ???[./js +0xe117e6]
#05: ???[./js +0xe38a27]
#06: ???[./js +0xe39e73]
#07: ???[./js +0xe3af1e]
#08: ???[./js +0x102437c]
#09: ???[./js +0x17a7e59]
#10: ???[./js +0xe5ab0b]
#11: ???[./js +0xe39aad]
#12: ???[./js +0xe3af1e]
#13: ???[./js +0x1132d67]
#14: ???[./js +0x1463109]
#15: ???[./js +0x1465c3c]
#16: ???[./js +0xa352b0]
#17: ???[./js +0x99f377]
#18: __libc_start_main[/lib/x86_64-linux-gnu/libc.so.6 +0x24083]
#19: ???[./js +0x9c0b7e]
#20: ??? (???:???)
Segmentation fault (core dumped)
Expected results:
successfully executed
|
||
Updated•2 years ago
|
|
|
||
Comment 1•2 years ago
|
||
I don't understand this one. You're running tests in our testing shell and call the testing function crash().... what did you think should happen?
|
||
Comment 2•2 years ago
|
||
This is expected for the crash(..) builtin. Similar to the other bug, you can avoid these crashes with --fuzzing-safe.
Description
•