Closed
Bug 1987845
Opened 2 months ago
Closed 2 months ago
Crash in [@ mozilla::dom::TextDirectiveUtil::ComputeCommonSubstringLength<T>]
Categories
(Core :: DOM: Navigation, defect)
Tracking
()
RESOLVED
FIXED
144 Branch
| Tracking | Status | |
|---|---|---|
| thunderbird_esr140 | --- | unaffected |
| firefox-esr115 | --- | unaffected |
| firefox-esr128 | --- | unaffected |
| firefox-esr140 | --- | unaffected |
| firefox142 | --- | unaffected |
| firefox143 | --- | unaffected |
| firefox144 | + | fixed |
People
(Reporter: pascalc, Assigned: jjaschke)
References
(Regression)
Details
(Keywords: crash, regression, topcrash)
Crash Data
Attachments
(1 file)
Crash report: https://crash-stats.mozilla.org/report/index/85998ad3-d168-407b-b2bb-453450250910
MOZ_CRASH Reason:
MOZ_DIAGNOSTIC_ASSERT(!nsContentUtils::IsHTMLWhitespace(aReferenceString.First()))
Top 10 frames:
0 xul.dll mozilla::dom::TextDirectiveUtil::ComputeCommonSubstringLength<-1>(nsTSubstrin... dom/base/TextDirectiveUtil.h:554
1 xul.dll mozilla::dom::RangeBasedTextDirectiveCreator::FindEndMatchCommonSubstringLeng... dom/base/TextDirectiveCreator.cpp:624
2 xul.dll mozilla::dom::RangeBasedTextDirectiveCreator::FindAllMatchingCandidates() dom/base/TextDirectiveCreator.cpp:575
3 xul.dll mozilla::dom::TextDirectiveCreator::CreateTextDirectiveFromRange(mozilla::dom... dom/base/TextDirectiveCreator.cpp:57
4 xul.dll mozilla::dom::FragmentDirective::CreateTextDirectiveForRanges(mozilla::dom::S... dom/base/FragmentDirective.cpp:465
5 xul.dll mozilla::dom::FragmentDirective_Binding::createTextDirectiveForRanges(JSConte... dom/bindings/FragmentDirectiveBinding.cpp:194
5 xul.dll mozilla::dom::FragmentDirective_Binding::createTextDirectiveForRanges_promise... dom/bindings/FragmentDirectiveBinding.cpp:205
6 xul.dll mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::Nor... dom/bindings/BindingUtils.cpp:3308
7 xul.dll CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), js::... js/src/vm/Interpreter.cpp:501
7 xul.dll js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstru... js/src/vm/Interpreter.cpp:597
Flags: needinfo?(jjaschke)
|
Assignee | |
Comment 1•2 months ago
|
||
Yeah, that's somewhat to be expected. Most of the crash reports are likely me trying to find a test case that translates into a unit test (which is surprisingly hard).
Fix is trivial, will likely be up today.
Flags: needinfo?(jjaschke)
|
||
Comment 2•2 months ago
|
||
The regressing patch has been backed out in: https://bugzilla.mozilla.org/show_bug.cgi?id=1979588#c10
|
||
Comment 3•2 months ago
|
||
The regressor Bug 1979588 was backed out see Comment 2
Status: NEW → RESOLVED
Closed: 2 months ago
status-firefox-esr115:
--- → unaffected
Resolution: --- → FIXED
Target Milestone: --- → 144 Branch
|
Reporter | |
Comment 4•2 months ago
|
||
Reopening as the crash came back in 20250910212829 after Bug 1979588 landed again.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
||
Updated•2 months ago
|
|
|
Assignee | |
Comment 5•2 months ago
|
||
Different issue than yesterday. I'm on it.
|
|
||
Comment 6•2 months ago
|
||
The bug is linked to a topcrash signature, which matches the following criterion:
- Top 10 desktop browser crashes on nightly
For more information, please visit BugBot documentation.
Keywords: topcrash
|
|
Assignee | |
Comment 7•2 months ago
|
||
|
||
Updated•2 months ago
|
Assignee: nobody → jjaschke
|
|
||
Updated•2 months ago
|
tracking-firefox144:
--- → +
Pushed by jjaschke@mozilla.com:
https://github.com/mozilla-firefox/firefox/commit/9d7b87687ba7
https://hg.mozilla.org/integration/autoland/rev/4bc21746334f
Text Fragments: Correctly deal with punctuation when identifying the first/last word of the target range. r=smaug
Pushed by imoraru@mozilla.com:
https://github.com/mozilla-firefox/firefox/commit/7f5e54f6c60c
https://hg.mozilla.org/integration/autoland/rev/89edb6b246b1
Revert "Bug 1987845 - Text Fragments: Correctly deal with punctuation when identifying the first/last word of the target range. r=smaug" for causing windows nightly as release build bustages on TextDirectiveCreator.cpp.
|
||
Comment 10•2 months ago
|
||
Revert for causing windows nightly as release build bustages on TextDirectiveCreator.cpp.
[task 2025-09-11T21:05:03.732+00:00] 21:05:03 INFO - gmake[4]: Entering directory '/builds/worker/workspace/obj-build/dom/base'
[task 2025-09-11T21:05:03.735+00:00] 21:05:03 INFO - /builds/worker/fetches/sccache/sccache /builds/worker/fetches/clang/bin/clang-cl -fms-compatibility-version=19.39 -std:c++17 -Xclang -ivfsoverlay -Xclang /builds/worker/fetches/vs/overlay.yaml -FoUnified_cpp_dom_base6.obj -c -I/builds/worker/workspace/obj-build/dist/stl_wrappers -guard:cf -DNDEBUG=1 -DTRIMMED=1 -DUNICODE -D_UNICODE -D_CRT_RAND_S -DCERT_CHAIN_PARA_HAS_EXTRA_FIELDS -D_SECURE_ATL -DCHROMIUM_BUILD -DU_STATIC_IMPLEMENTATION -DWIN32 -D_WIN32 -D_WINDOWS -DWIN32_LEAN_AND_MEAN -DWINAPI_NO_BUNDLED_LIBRARIES -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -DMOZ_SUPPORT_LEAKCHECKING -DSTATIC_EXPORTABLE_JS_API -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/workspace/obj-build/dom/base -I/builds/worker/checkouts/gecko/dom/battery -I/builds/worker/checkouts/gecko/dom/events -I/builds/worker/checkouts/gecko/dom/media -I/builds/worker/checkouts/gecko/dom/network -I/builds/worker/checkouts/gecko/caps -I/builds/worker/checkouts/gecko/docshell/base -I/builds/worker/checkouts/gecko/dom/base -I/builds/worker/checkouts/gecko/dom/file -I/builds/worker/checkouts/gecko/dom/geolocation -I/builds/worker/checkouts/gecko/dom/html -I/builds/worker/checkouts/gecko/dom/ipc -I/builds/worker/checkouts/gecko/dom/storage -I/builds/worker/checkouts/gecko/dom/svg -I/builds/worker/checkouts/gecko/dom/xml -I/builds/worker/checkouts/gecko/dom/xslt/xpath -I/builds/worker/checkouts/gecko/dom/xul -I/builds/worker/checkouts/gecko/extensions/spellcheck/src -I/builds/worker/checkouts/gecko/gfx/2d -I/builds/worker/checkouts/gecko/image -I/builds/worker/checkouts/gecko/js/xpconnect/loader -I/builds/worker/checkouts/gecko/js/xpconnect/src -I/builds/worker/checkouts/gecko/js/xpconnect/wrappers -I/builds/worker/checkouts/gecko/layout/base -I/builds/worker/checkouts/gecko/layout/forms -I/builds/worker/checkouts/gecko/layout/generic -I/builds/worker/checkouts/gecko/layout/style -I/builds/worker/checkouts/gecko/layout/xul -I/builds/worker/checkouts/gecko/netwerk/base -I/builds/worker/checkouts/gecko/netwerk/protocol/http -I/builds/worker/checkouts/gecko/netwerk/url-classifier -I/builds/worker/checkouts/gecko/parser/htmlparser -I/builds/worker/checkouts/gecko/security/manager/ssl -I/builds/worker/checkouts/gecko/third_party/xsimd/include -I/builds/worker/checkouts/gecko/widget -I/builds/worker/checkouts/gecko/xpcom/build -I/builds/worker/checkouts/gecko/xpcom/ds -I/builds/worker/checkouts/gecko/netwerk/sctp/datachannel -I/builds/worker/workspace/obj-build/ipc/ipdl/_ipdlheaders -I/builds/worker/checkouts/gecko/ipc/chromium/src -I/builds/worker/workspace/obj-build/dist/include -I/builds/worker/workspace/obj-build/dist/include/nspr -I/builds/worker/workspace/obj-build/dist/include/nss -MD -DMOZILLA_CLIENT -FI /builds/worker/workspace/obj-build/mozilla-config.h -Zc:sizedDealloc- -Gy -Zc:inline -Gw -D_SILENCE_TR1_NAMESPACE_DEPRECATION_WARNING -TP -GR- -D_HAS_EXCEPTIONS=0 -fcrash-diagnostics-dir=/builds/worker/artifacts -Z7 -Xclang -load -Xclang /builds/worker/workspace/obj-build/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O2 -Oy -Werror -W3 -Wbitfield-enum-conversion -Wempty-body -Wformat-type-confusion -Wignored-qualifiers -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtautological-constant-in-range-compare -Wtype-limits -Wno-error=tautological-type-limit-compare -Wunreachable-code -Wunreachable-code-return -Wunused-but-set-parameter -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wno-range-loop-analysis -Wenum-compare-conditional -Wenum-float-conversion -Wvolatile -Wno-deprecated-anon-enum-enum-conversion -Wno-deprecated-enum-enum-conversion -Wno-deprecated-this-capture -Wcomma -Wimplicit-fallthrough -Wstring-conversion -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-unknown-pragmas -Wno-ignored-pragmas -Wno-deprecated-declarations -Wno-microsoft-enum-value -Wno-microsoft-include -Wno-invalid-noreturn -Wno-inconsistent-missing-override -Wno-implicit-exception-spec-mismatch -Wno-microsoft-exception-spec -Wno-unused-local-typedef -Wno-ignored-attributes -Wno-used-but-marked-unused -Wno-psabi -Wthread-safety -Wno-error=builtin-macro-redefined -Wno-vla-cxx-extension -Wno-unknown-warning-option -fno-strict-aliasing -Xclang -ffp-contract=off -DNS_FREE_PERMANENT_DATA=1 /clang:-fprofile-generate -mllvm -pgo-temporal-instrumentation -mllvm -enable-name-compression=false -Xclang -MP -Xclang -dependency-file -Xclang .deps/Unified_cpp_dom_base6.obj.pp -Xclang -MT -Xclang Unified_cpp_dom_base6.obj Unified_cpp_dom_base6.cpp
[task 2025-09-11T21:05:03.735+00:00] 21:05:03 INFO - In file included from Unified_cpp_dom_base6.cpp:137:
[task 2025-09-11T21:05:03.735+00:00] 21:05:03 ERROR - /builds/worker/checkouts/gecko/dom/base/TextDirectiveCreator.cpp(411,10): error: unused variable '[secondLastWordEndPos, lastWordBeginPos]' [-Werror,-Wunused-variable]
[task 2025-09-11T21:05:03.736+00:00] 21:05:03 INFO - 411 | auto [secondLastWordEndPos, lastWordBeginPos] = intl::WordBreaker::FindWord(
[task 2025-09-11T21:05:03.736+00:00] 21:05:03 INFO - | ^
[task 2025-09-11T21:05:03.736+00:00] 21:05:03 INFO - 1 error generated.
[task 2025-09-11T21:05:03.736+00:00] 21:05:03 ERROR - gmake[4]: *** [/builds/worker/checkouts/gecko/config/rules.mk:668: Unified_cpp_dom_base6.obj] Error 1
[task 2025-09-11T21:05:03.736+00:00] 21:05:03 INFO - gmake[4]: Leaving directory '/builds/worker/workspace/obj-build/dom/base'
|
|
||
Updated•2 months ago
|
Flags: needinfo?(jjaschke)
|
||
Comment 11•2 months ago
|
||
Pushed by jjaschke@mozilla.com:
https://github.com/mozilla-firefox/firefox/commit/8d53e4e7bce7
https://hg.mozilla.org/integration/autoland/rev/b84ecb741dbe
Text Fragments: Correctly deal with punctuation when identifying the first/last word of the target range. r=smaug
|
|
Assignee | |
Updated•2 months ago
|
Flags: needinfo?(jjaschke)
|
||
Comment 12•2 months ago
|
||
| bugherder | ||
Status: REOPENED → RESOLVED
Closed: 2 months ago → 2 months ago
Resolution: --- → FIXED
|
||
Comment 13•2 months ago
|
||
There are still crash reports for the latest builds which have the fix but with a lower volume. Shall these be tracked here or in a new bug? If the code shall remain tree, a new bug is recommended - this allows easier tracking, e.g. for the uplift.
Flags: needinfo?(jjaschke)
|
|
Assignee | |
Comment 14•2 months ago
|
||
Let's move that into a new bug. Bug 1979588 changed two MOZ_ASSERTs into MOZ_DIAGNOSTIC_ASSERTs, hence there are some crashes popping up.
(uplifting won't be necessary, the whole feature is Nightly-only as of now)
Flags: needinfo?(jjaschke)
|
||
Updated•2 months ago
|
QA Whiteboard: [qa-triage-done-c145/b144]
You need to log in
before you can comment on or make changes to this bug.
Description
•