Closed Bug 1732400 Opened 3 years ago Closed 3 years ago

Intermittent [Tier 2] perf_reftest_singletons | application crashed [@ js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason)]

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
94 Branch
Tracking Flags:
Tracking Status
firefox-esr78 --- unaffected
firefox-esr91 --- unaffected
firefox92 --- unaffected
firefox93 --- unaffected
firefox94 --- fixed

People

(Reporter: intermittent-bug-filer, Assigned: arai)

References

(Regression)

Details

(5 keywords, Whiteboard: [post-critsmash-triage])

Crash Data

Filed by: smolnar [at] mozilla.com
Parsed log: https://treeherder.mozilla.org/logviewer?job_id=352602321&repo=autoland
Full log: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/W5TJpQv7SsOFqQbk2jbgug/runs/0/artifacts/public/logs/live_backing.log
Reftest URL: https://hg.mozilla.org/mozilla-central/raw-file/tip/layout/tools/reftest/reftest-analyzer.xhtml#logurl=https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/W5TJpQv7SsOFqQbk2jbgug/runs/0/artifacts/public/logs/live_backing.log&only_show_unexpected=1

INFO -  PROCESS-CRASH | perf_reftest_singletons | application crashed [@ js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason)]
[task 2021-09-23T22:11:40.429Z] 22:11:40     INFO -  Crash dump filename: /var/folders/ly/5xk6c_9d2s3g4h3lzn6gs0jw000014/T/tmpc8s0epie/profile/minidumps/26D1D4B7-E7C7-4EA6-81EE-E2CA3E806DD7.dmp
[task 2021-09-23T22:11:40.429Z] 22:11:40     INFO -  Operating system: Mac OS X
[task 2021-09-23T22:11:40.429Z] 22:11:40     INFO -                    10.15.7 19H524
[task 2021-09-23T22:11:40.429Z] 22:11:40     INFO -  CPU: amd64
[task 2021-09-23T22:11:40.430Z] 22:11:40     INFO -       family 6 model 158 stepping 10
[task 2021-09-23T22:11:40.430Z] 22:11:40     INFO -       12 CPUs
[task 2021-09-23T22:11:40.430Z] 22:11:40     INFO -  GPU: UNKNOWN
[task 2021-09-23T22:11:40.430Z] 22:11:40     INFO -  Crash reason:  EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
[task 2021-09-23T22:11:40.430Z] 22:11:40     INFO -  Crash address: 0x2129b762e
[task 2021-09-23T22:11:40.431Z] 22:11:40     INFO -  Process uptime: 505 seconds
[task 2021-09-23T22:11:40.431Z] 22:11:40     INFO -  Thread 0 tid 775 (crashed) - GeckoMain 0  XUL!Interpret(JSContext*, js::RunState&) [Interpreter.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 2040 + 0x18]
[task 2021-09-23T22:11:40.431Z] 22:11:40     INFO -      rax = 0x00000000e5e5e5e5   rdx = 0x00000a7401909560
[task 2021-09-23T22:11:40.431Z] 22:11:40     INFO -      rcx = 0x00007ffee5a7f0e8   rbx = 0x000000010cc22020
[task 2021-09-23T22:11:40.432Z] 22:11:40     INFO -      rsi = 0x000000012cb59049   rdi = 0x00000a7401909560
[task 2021-09-23T22:11:40.432Z] 22:11:40     INFO -      rbp = 0x00007ffee5a7f3c0   rsp = 0x00007ffee5a7ef70
[task 2021-09-23T22:11:40.432Z] 22:11:40     INFO -       r8 = 0x00007ffee5a7f1c8    r9 = 0x0000000000000000
[task 2021-09-23T22:11:40.432Z] 22:11:40     INFO -      r10 = 0x0000000000001012   r11 = 0x0000000000000202
[task 2021-09-23T22:11:40.433Z] 22:11:40     INFO -      r12 = 0x000000010cc22000   r13 = 0x00007ffee5a7f450
[task 2021-09-23T22:11:40.433Z] 22:11:40     INFO -      r14 = 0x0000000322400020   r15 = 0x0000000000000000
[task 2021-09-23T22:11:40.433Z] 22:11:40     INFO -      rip = 0x000000010e76ce3b
[task 2021-09-23T22:11:40.433Z] 22:11:40     INFO -      Found by: given as instruction pointer in context
[task 2021-09-23T22:11:40.434Z] 22:11:40     INFO -   1  XUL!js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) [Interpreter.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 504 + 0x18]
[task 2021-09-23T22:11:40.434Z] 22:11:40     INFO -      rbx = 0x0000000000000000   rbp = 0x00007ffee5a7f4b0
[task 2021-09-23T22:11:40.434Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7f3d0   r12 = 0x00000a7401909560
[task 2021-09-23T22:11:40.434Z] 22:11:40     INFO -      r13 = 0x0000000000000000   r14 = 0x000000010cc0b400
[task 2021-09-23T22:11:40.435Z] 22:11:40     INFO -      r15 = 0x0000008835d78de6   rip = 0x000000010e78313e
[task 2021-09-23T22:11:40.435Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.435Z] 22:11:40     INFO -   2  XUL!js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) [Interpreter.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 549 + 0x92]
[task 2021-09-23T22:11:40.436Z] 22:11:40     INFO -      rbx = 0x00007ffee5a7f528   rbp = 0x00007ffee5a7f4f0
[task 2021-09-23T22:11:40.436Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7f4c0   r12 = 0x000000010cc22000
[task 2021-09-23T22:11:40.436Z] 22:11:40     INFO -      r13 = 0xfffe000000000000   r14 = 0x00007ffee5a7f660
[task 2021-09-23T22:11:40.436Z] 22:11:40     INFO -      r15 = 0x0000000000000000   rip = 0x000000010e784efa
[task 2021-09-23T22:11:40.436Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.437Z] 22:11:40     INFO -   3  XUL!JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) [CallAndConstruct.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 117 + 0x20]
[task 2021-09-23T22:11:40.437Z] 22:11:40     INFO -      rbx = 0x0000000000000001   rbp = 0x00007ffee5a7f5e0
[task 2021-09-23T22:11:40.437Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7f500   r12 = 0xfffa800000000000
[task 2021-09-23T22:11:40.438Z] 22:11:40     INFO -      r13 = 0x0000000000000001   r14 = 0x0000000000000003
[task 2021-09-23T22:11:40.438Z] 22:11:40     INFO -      r15 = 0x000000010cc22000   rip = 0x000000010e80191a
[task 2021-09-23T22:11:40.438Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.438Z] 22:11:40     INFO -   4  XUL!mozilla::dom::EventListener::HandleEvent(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::Event&, mozilla::ErrorResult&) [EventListenerBinding.cpp: : 62 + 0x5]
[task 2021-09-23T22:11:40.439Z] 22:11:40     INFO -      rbx = 0x000000012bb69f00   rbp = 0x00007ffee5a7f710
INFO -      rsp = 0x00007ffee5a7f5f0   r12 = 0xfffe2cdb65362708
[task 2021-09-23T22:11:40.439Z] 22:11:40     INFO -      r13 = 0x00007ffee5a7fa38   r14 = 0x000000010ce963a8
[task 2021-09-23T22:11:40.439Z] 22:11:40     INFO -      r15 = 0x00002cdb65362708   rip = 0x000000010dfb516b
[task 2021-09-23T22:11:40.439Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.440Z] 22:11:40     INFO -   5  XUL!mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) [EventListenerManager.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 1312 + 0xf1]
[task 2021-09-23T22:11:40.440Z] 22:11:40     INFO -      rbx = 0x000000011e482ee0   rbp = 0x00007ffee5a7fa90
[task 2021-09-23T22:11:40.440Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7f720   r12 = 0x000000010cc22000
[task 2021-09-23T22:11:40.440Z] 22:11:40     INFO -      r13 = 0x000036a4e05485d8   r14 = 0x000000012bb69f00
[task 2021-09-23T22:11:40.441Z] 22:11:40     INFO -      r15 = 0x000000000000003e   rip = 0x000000010e03dc52
[task 2021-09-23T22:11:40.441Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.441Z] 22:11:40     INFO -   6  XUL!mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) [EventDispatcher.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 550 + 0xe6]
[task 2021-09-23T22:11:40.442Z] 22:11:40     INFO -      rbx = 0x000000010ced3008   rbp = 0x00007ffee5a7fbd0
[task 2021-09-23T22:11:40.442Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7faa0   r12 = 0x0000000000000000
[task 2021-09-23T22:11:40.442Z] 22:11:40     INFO -      r13 = 0x0000000124e0aa00   r14 = 0x000000010ced3008
[task 2021-09-23T22:11:40.442Z] 22:11:40     INFO -      r15 = 0x0000000000000000   rip = 0x000000010e02f9a0
[task 2021-09-23T22:11:40.442Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.443Z] 22:11:40     INFO -   7  XUL!mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) [EventDispatcher.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 1081 + 0x5]
[task 2021-09-23T22:11:40.443Z] 22:11:40     INFO -      rbx = 0x0000000000000000   rbp = 0x00007ffee5a80020
[task 2021-09-23T22:11:40.443Z] 22:11:40     INFO -      rsp = 0x00007ffee5a7fbe0   r12 = 0x0000000000000000
[task 2021-09-23T22:11:40.444Z] 22:11:40     INFO -      r13 = 0x0000000000000000   r14 = 0x00007ffee5a7fd80
[task 2021-09-23T22:11:40.444Z] 22:11:40     INFO -      r15 = 0x0000000000000000   rip = 0x000000010e0328b9
[task 2021-09-23T22:11:40.444Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.444Z] 22:11:40     INFO -   8  XUL!mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsPresContext*, nsEventStatus*) [EventDispatcher.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 1198 + 0x1f]
[task 2021-09-23T22:11:40.445Z] 22:11:40     INFO -      rbx = 0x000000011e482ee0   rbp = 0x00007ffee5a80060
[task 2021-09-23T22:11:40.445Z] 22:11:40     INFO -      rsp = 0x00007ffee5a80030   r12 = 0x000000010c128020
[task 2021-09-23T22:11:40.445Z] 22:11:40     INFO -      r13 = 0x000000010c1fee20   r14 = 0x00007ffee5a80074
[task 2021-09-23T22:11:40.445Z] 22:11:40     INFO -      r15 = 0x0000000000000000   rip = 0x000000010e0364ad
[task 2021-09-23T22:11:40.446Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.446Z] 22:11:40     INFO -   9  XUL!mozilla::DOMEventTargetHelper::DispatchEvent(mozilla::dom::Event&, mozilla::dom::CallerType, mozilla::ErrorResult&) [DOMEventTargetHelper.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 181 + 0xc]
[task 2021-09-23T22:11:40.446Z] 22:11:40     INFO -      rbx = 0x000000010c1fee20   rbp = 0x00007ffee5a800a0
[task 2021-09-23T22:11:40.446Z] 22:11:40     INFO -      rsp = 0x00007ffee5a80070   r12 = 0x000000010c15f040
[task 2021-09-23T22:11:40.447Z] 22:11:40     INFO -      r13 = 0x000000010c1fee70   r14 = 0x00007ffee5a800b0
[task 2021-09-23T22:11:40.447Z] 22:11:40     INFO -      r15 = 0x0000000000000001   rip = 0x000000010e026d2d
[task 2021-09-23T22:11:40.447Z] 22:11:40     INFO -      Found by: call frame info
[task 2021-09-23T22:11:40.447Z] 22:11:40     INFO -  10  XUL!mozilla::dom::EventTarget::DispatchEvent(mozilla::dom::Event&) [EventTarget.cpp:003ef3c8730cb495ee14d26697343e6e13055976 : 177 + 0x18]
<...>
Group: core-security → javascript-core-security
Component: Talos → JavaScript Engine
Product: Testing → Core

Looks like this was the issue that bug 1732168 got backed out for, so this should be fixed now.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Assignee: nobody → arai.unmht
Group: javascript-core-security → core-security-release
status-firefox92: --- → unaffected
status-firefox93: --- → unaffected
status-firefox94: --- → fixed
status-firefox-esr78: --- → unaffected
status-firefox-esr91: --- → unaffected
Target Milestone: --- → 94 Branch
Regressed by: 1732168
Has Regression Range: --- → yes
Keywords: regression
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.