1883179 - Assertion failure: script->filename(), at builtin/ModuleObject.cpp:1056

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect, P2)

Description

[Gary Kwong [:gkw] [:nth10sd] (NOT official MoCo now)]

var x = {
  module: true,
};
Object.defineProperty(x, "fileName", {
  get: function () {
    return null;
  },
});
instantiateModuleStencilXDR(compileToStencilXDR("", x));

(gdb) bt
#0  js::ModuleObject::initScriptSlots (this=0x343e0e23e138, script=...) at /home/yksubu/trees/mozilla-central/js/src/builtin/ModuleObject.cpp:1056
#1  0x0000555557c00eb6 in InstantiateTopLevel (cx=cx@entry=0x7ffff6640600, input=..., stencil=..., gcOutput=...) at /home/yksubu/trees/mozilla-central/js/src/frontend/Stencil.cpp:2363
#2  0x0000555557bfed21 in js::frontend::CompilationStencil::instantiateStencilAfterPreparation (cx=cx@entry=0x7ffff6640600, input=..., stencil=..., gcOutput=...) at /home/yksubu/trees/mozilla-central/js/src/frontend/Stencil.cpp:2689
#3  0x0000555557bfdfb0 in js::frontend::CompilationStencil::instantiateStencils (cx=0x7ffff6640600, input=..., stencil=..., gcOutput=...) at /home/yksubu/trees/mozilla-central/js/src/frontend/Stencil.cpp:2612
#4  0x0000555557143a78 in InstantiateModuleStencilXDR (cx=0x7ffff6640600, argc=<optimized out>, vp=<optimized out>) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:5363
#5  0x00005555572a4255 in CallJSNative (cx=cx@entry=0x7ffff6640600, native=native@entry=0x555557143260 <InstantiateModuleStencilXDR(JSContext*, unsigned int, JS::Value*)>, reason=reason@entry=js::CallReason::Call, args=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:479
#6  0x000055555727b3fb in js::InternalCallOrConstruct (cx=0x7ffff6640600, args=..., construct=construct@entry=js::NO_CONSTRUCT, reason=js::CallReason::Call) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:573
#7  0x000055555727c36d in InternalCall (cx=0x7ffff7a1ca60 <_IO_stdfile_2_lock>, args=..., reason=1489677440) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:640
#8  0x000055555728d015 in js::CallFromStack (cx=0x7ffff7a1ca60 <_IO_stdfile_2_lock>, args=..., reason=<optimized out>) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:645
#9  js::Interpret (cx=0x7ffff6640600, state=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:3060
#10 0x000055555727acb9 in MaybeEnterInterpreterTrampoline (cx=0x7ffff7a1ca60 <_IO_stdfile_2_lock>, cx@entry=0x7ffff6640600, state=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:393
#11 0x000055555727a96f in js::RunScript (cx=cx@entry=0x7ffff6640600, state=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:451
#12 0x000055555727df4c in js::ExecuteKernel (cx=cx@entry=0x7ffff6640600, script=script@entry=..., envChainArg=envChainArg@entry=..., evalInFrame=evalInFrame@entry=..., result=result@entry=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:838
#13 0x000055555727e460 in js::Execute (cx=cx@entry=0x7ffff6640600, script=..., envChain=..., rval=rval@entry=...) at /home/yksubu/trees/mozilla-central/js/src/vm/Interpreter.cpp:870
#14 0x0000555557428092 in ExecuteScript (cx=cx@entry=0x7ffff6640600, envChain=..., script=..., rval=rval@entry=...) at /home/yksubu/trees/mozilla-central/js/src/vm/CompilationAndEvaluation.cpp:494
#15 0x00005555574282d7 in JS_ExecuteScript (cx=cx@entry=0x7ffff6640600, scriptArg=scriptArg@entry=...) at /home/yksubu/trees/mozilla-central/js/src/vm/CompilationAndEvaluation.cpp:518
#16 0x000055555716cf97 in RunFile (cx=0x7ffff6640600, filename=<optimized out>, file=<optimized out>, compileMethod=CompileUtf8::DontInflate, compileOnly=false, fullParse=<optimized out>) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:1200
#17 0x000055555716c16a in Process (cx=cx@entry=0x7ffff6640600, filename=0x7ffff6625820 "testcase.js", forceTTY=false, kind=kind@entry=FileScript) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:1780
#18 0x0000555557122924 in ProcessArgs (cx=0x7ffff6640600, op=0x7fffffffdaa8) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:10991
#19 Shell (cx=0x7ffff6640600, op=op@entry=0x7fffffffdaa8) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:11250
#20 0x000055555711b149 in main (argc=<optimized out>, argv=0x7fffffffdd38) at /home/yksubu/trees/mozilla-central/js/src/shell/js.cpp:11758
(gdb)

Run with --fuzzing-safe --no-threads --no-baseline --no-ion, compile with AR=ar sh ../configure --enable-debug --enable-debug-symbols --with-ccache --enable-nspr-build --enable-ctypes --enable-gczeal --enable-rust-simd --disable-tests, tested on m-c rev 75e7de1200a4.

Setting s-s to be safe, though this is unlikely to be bad.

Comment 1

[Gary Kwong [:gkw] [:nth10sd] (NOT official MoCo now)]

The first bad revision is:
changeset:   https://hg.mozilla.org/mozilla-central/rev/213e2c05e438
user:        Jon Coppeard
date:        Mon Feb 19 15:20:58 2024 +0000
summary:     Bug 1880464 - Ensure that all modules have a filename r=arai

Jon, is bug 1880464 a likely regressor?

Comment 2

[BugBot [:suhaib / :marco/ :calixte]]

Set release status flags based on info from the regressing bug 1880464

Comment 3

[Andrew McCreight [:mccr8]]

This looks like a bug in a shell-only function (eg it should check that the file name is non-empty) but I'll leave it for now so somebody who is familiar with the module code can take a look.

Comment 4

[Tooru Fujisawa [:arai]]

Attachment: Bug 1883179 - Validate module options after parsing the options object in testing functions. r?jonco!

Comment 5

[Pulsebot]

Pushed by arai_a@mac.com:
https://hg.mozilla.org/integration/autoland/rev/7a7db7c16caf
Validate module options after parsing the options object in testing functions. r=jonco

Comment 6

[Narcis Beleuzu [:NarcisB]]

https://hg.mozilla.org/mozilla-central/rev/7a7db7c16caf