Crash with userscript through TamperMonkey
Categories
(Core :: JavaScript Engine: JIT, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr102 | --- | unaffected |
| firefox-esr115 | --- | unaffected |
| firefox116 | --- | unaffected |
| firefox117 | --- | unaffected |
| firefox118 | blocking | verified |
People
(Reporter: ehoogeveen, Assigned: alexical)
References
(Regression, )
Details
(Keywords: crash, regression, topcrash)
Crash Data
Attachments
(1 file)
|
1.08 KB,
application/x-javascript
|
Details |
Started getting this crash with the most recent Nightly. Mozregression gave the following range:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=0f07d1564dc00ef20661573299b575bc66628183&tochange=ce7b575a77cab8d928eb162ef3f4abd9f1211e64
I suspect bug 1824051 as it's a JIT crash.
I managed to reduce the code to the scroll event listener in the attached file, although it's probably not a minimal reproduction.
Steps to reproduce:
- From a fresh profile on the latest Nightly,
- Install TamperMonkey 1.4.9 (the latest version).
- Add and enable the attached script.
- Go to Google Doodles and try scrolling (it's not specific to Google, but I made the script match Google URLs).
- Crash.
There may be other STR as this signature is currently the rank 5 crash for this build: https://crash-stats.mozilla.org/signature/?product=Firefox&signature=EnterJit&date=%3E%3D2023-08-04T17%3A10%3A00.000Z&date=%3C2023-08-11T17%3A10%3A00.000Z&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&_columns=install_time&_columns=startup_crash&_sort=-date&page=1#aggregations
:dthayer could you have a look?
|
Assignee | |
Updated•2 years ago
|
|
||
Comment 1•2 years ago
|
||
Set release status flags based on info from the regressing bug 1824051
|
||
Updated•2 years ago
|
|
||
Comment 2•2 years ago
|
||
JFTR, the same crash also occurs when accessing http://colab.research.google.com/ without TamperMonkey (or any other addon).
|
||
Comment 3•2 years ago
|
||
While it may not be directly relevant, I note the crashes with this signature start going up around July 17th. For the colab crashes which are apparently new in the last day or two, bug 1824051 seems quite possible
|
||
Updated•2 years ago
|
|
||
Comment 5•2 years ago
|
||
The crash rate is massive on Firefox Nightly, I can reproduce the crash by visiting https://mangadex.org or https://colab.research.google.com
Can we back out the regressor ASAP to not loose our nightly population.
|
|
||
Comment 6•2 years ago
|
||
No more crashes in the last nightlies after the backout, marking fixed, thanks!
|
||
Updated•2 years ago
|
|
|
||
Comment 8•2 years ago
|
||
Copying crash signatures from duplicate bugs.
|
||
Updated•2 years ago
|
|
||
Comment 9•2 years ago
|
||
I've reproduced the tab crash (both, through TamperMonkey and without) with Fx 118.0a1 (2023-08-11) on Windows 10.
Verified fixed with Fx 118.0b4 and Fx 119.0a1 (2023-09-04) on Windows 10 and macOS 13.
Description
•