1872550 - Assertion failure: IsAsciiLowercaseAlpha(*keyword), at jsdate.cpp:1093 involving Date.parse

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect)

Description

[Gary Kwong [:gkw] [:nth10sd] (NOT official MoCo now)]

Attachment: stack

Date.parse([Date(), /zz/]);

Assertion failure: IsAsciiLowercaseAlpha(*keyword), at /home/skygentoo/trees/mozilla-central/js/src/jsdate.cpp:1093
#01: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x2291071]
#02: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x22923d0]
#03: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c56175]
#04: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c2deab]
#05: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c3f8e7]
#06: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c2d41f]
#07: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c309fc]
#08: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1c30f10]
#09: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1db7c42]
#10: JS_ExecuteScript(JSContext*, JS::Handle<JSScript*>)[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1db7e87]
#11: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1b15447]
#12: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1b1461a]
#13: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1acb595]
#14: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1ac5319]
#15: ???[/lib64/libc.so.6 +0x239ca]
#16: __libc_start_main[/lib64/libc.so.6 +0x23a85]
#17: ???[/home/skygentoo/shell-cache/js-dbg-64-linux-x86_64-be0bfc7f9065/js-dbg-64-linux-x86_64-be0bfc7f9065 +0x1ab8249]
#18: ??? (???:???)
Segmentation fault

The first bad revision is:
changeset:   https://hg.mozilla.org/mozilla-central/rev/309a7d377822
user:        Vinny Diehl
date:        Thu Dec 21 06:57:59 2023 +0000
summary:     Bug 1870570 - Only allow exact matches for time zone and AM/PM keywords r=arai

Run with --fuzzing-safe --no-threads --no-baseline --no-ion, compile with AR=ar sh ../configure --enable-debug --with-ccache --enable-nspr-build --enable-ctypes --enable-debug-symbols --enable-gczeal --enable-rust-simd --disable-tests, tested on m-c rev be0bfc7f9065.

Vinny, is bug 1870570 a likely regressor? Setting s-s just in case.

Comment 1

[BugBot [:suhaib / :marco/ :calixte]]

Set release status flags based on info from the regressing bug 1870570

Comment 2

[Vinny Diehl]

Thanks, the assert in debug builds was broken. I got a fix.

Comment 3

[Vinny Diehl]

Attachment: Bug 1872550 - Fix assert in MatchesKeyword r?arai

Comment 4

[Tooru Fujisawa [:arai]]

Thanks!
This is a bug in debug-only assertion, which doesn't affect the release build.
This bug can be opened up.

Comment 5

[Pulsebot]

Pushed by arai_a@mac.com:
https://hg.mozilla.org/integration/autoland/rev/2be0d4b51a37
Fix assert in MatchesKeyword r=arai

Comment 6

[Cosmin Sabou [:CosminS]]

https://hg.mozilla.org/mozilla-central/rev/2be0d4b51a37