Closed
Bug 637163
Opened 13 years ago
Closed 10 years ago
Startup crash [@ JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor() ]
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
INVALID
| Tracking | Status | |
|---|---|---|
| blocking2.0 | --- | - |
People
(Reporter: scoobidiver, Unassigned)
Details
(Keywords: crash)
Crash Data
It happens only for one user. Signature JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor() UUID d9719168-4bf3-435a-b760-5746f2110227 Time 2011-02-27 04:22:47.275562 Uptime 1 Last Crash 1 seconds before submission Install Age 49954 seconds (13.9 hours) since version was first installed. Product Firefox Version 4.0b12 Build ID 20110222210221 Branch 2.0 OS Windows NT OS Version 5.1.2600 Service Pack 3 CPU x86 CPU Info GenuineIntel family 15 model 4 stepping 1 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0xfb Frame Module Signature [Expand] Source 0 @0xfb 1 @0x7 2 mozjs.dll JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor 3 mozjs.dll JSC::Yarr::compileRegex js/src/yarr/yarr/RegexCompiler.cpp:660 4 mozcrt19.dll mozcrt19.dll@0x8c9f 5 @0x458b5656
|
||
Comment 1•13 years ago
|
||
regression and currently #4 top crash in beta 12. we need to get this figured out before shipping.
blocking2.0: --- → ?
|
|
||
Comment 2•13 years ago
|
||
Correlation to startup or time of session 412 total crashes for JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor.. on 20110227-crashdata.csv 412 startup crashes inside 30 sec. 412 startup crashes inside 3 min. 358 repeated crashes inside 3 min. of last crash
|
Reporter | |
Comment 3•13 years ago
|
||
I don't think we must block for one user: 2 consecutive successive crashes with GenuineIntel family 15 model 4 stepping 1
|
|
Reporter | |
Comment 4•13 years ago
|
||
> 2 consecutive successive crashes
I meant two consecutive series of successive crashes.
|
||
Comment 5•13 years ago
|
||
This does appear to be one user who crashes a whole lot in a very short period of time. All the crashes have the same CPU and OS version.
blocking2.0: ? → -
|
||
Comment 6•13 years ago
|
||
Drive-by two-bits: the fact we don't automatically detect that sequences of crashes can be attributed to a single user and a single problem just seems broken.
Having a per-user identifier is a pretty significant privacy risk, given the amount and nature of data sent with a crash report, so adding something that would correlate crashes to users requires materially more than two bits of reasoning.
|
|
||
Comment 8•13 years ago
|
||
(In reply to comment #7) > Having a per-user identifier is a pretty significant privacy risk, given the > amount and nature of data sent with a crash report, so adding something that > would correlate crashes to users requires materially more than two bits of > reasoning. I don't mean a literal user identifier, but heuristics for collapsing duplicate reports that are in immediate succession shouldn't be privacy-violating.
|
||
Updated•13 years ago
|
Crash Signature: [@ JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor() ]
|
|
Reporter | |
Comment 9•11 years ago
|
||
There are only 5 crashes from the same user in 23.0b3 with the following stack trace: Frame Module Signature Source 0 mozjs.dll JSC::Yarr::CharacterClassConstructor::~CharacterClassConstructor() 1 mozjs.dll JSC::Yarr::YarrPattern::compile(JSLinearString const &) js/src/yarr/YarrPattern.cpp 2 mozjs.dll JSC::Yarr::YarrPattern::YarrPattern(JSLinearString const &,bool,bool,JSC::Yarr::ErrorCode *) js/src/yarr/YarrPattern.cpp 3 mozjs.dll js::RegExpShared::compile(JSContext *,JSLinearString &,bool) js/src/vm/RegExpObject.cpp 4 mozjs.dll js::RegExpShared::compile(JSContext *,bool) js/src/vm/RegExpObject.cpp 5 mozjs.dll js::RegExpShared::execute(JSContext *,wchar_t const *,unsigned int,unsigned int *,js::MatchPairs &) js/src/vm/RegExpObject.cpp 6 mozjs.dll DoMatch js/src/jsstr.cpp 7 mozjs.dll str_replace_regexp js/src/jsstr.cpp 8 mozjs.dll js::str_replace(JSContext *,unsigned int,JS::Value *) js/src/jsstr.cpp 9 mozjs.dll js::Invoke(JSContext *,JS::CallArgs,js::MaybeConstruct) js/src/jsinterp.cpp 10 mozjs.dll js::Interpret(JSContext *,js::StackFrame *,js::InterpMode,bool) js/src/jsinterp.cpp 11 mozjs.dll js::EmptyShape::getInitialShape(JSContext *,js::Class *,js::TaggedProto,JSObject *,unsigned int,unsigned int) js/src/vm/Shape.cpp 12 mozjs.dll JSObject::create(JSContext *,js::gc::AllocKind,js::gc::InitialHeap,JS::Handle<js::Shape *>,JS::Handle<js::types::TypeObject *>,js::HeapSlot *) js/src/jsobjinlines.h 13 mozjs.dll js::NewObjectWithGivenProto(JSContext *,js::Class *,js::TaggedProto,JSObject *,js::gc::AllocKind,js::NewObjectKind) js/src/jsobj.cpp 14 mozglue.dll arena_malloc memory/mozjemalloc/jemalloc.c 15 mozjs.dll js::ContextStack::pushInvokeFrame(JSContext *,js::MaybeReportError,JS::CallArgs const &,JSFunction *,js::InitialFrameFlags,js::FrameGuard *) js/src/vm/Stack.cpp 16 mozjs.dll js::Invoke(JSContext *,JS::CallArgs,js::MaybeConstruct) js/src/jsinterp.cpp
|
||
Comment 10•10 years ago
|
||
This Yarr crash is no longer relevant because we replaced Yarr with irregexp in Firefox 32 (bug 976446).
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•