Closed
Bug 1064366
Opened 11 years ago
Closed 11 years ago
Nightly crash in js::types::TypeNewScript::maybeAnalyze
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1063180
People
(Reporter: kairo, Unassigned)
References
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is
report bp-439ef80d-7a30-4354-8262-f2c8a2140904.
=============================================================
Crashes with this signature started on Nightly with the 2014-09-04 build. It happens on all Windows and Mac OS X versions we support.
On Windows we a EXCEPTION_ACCESS_VIOLATION_READ mostly at 0x5a5a5a5a, on Mac we see EXC_BAD_ACCESS / 0x0000000d at 0x0.
Top few stack frames:
0 mozjs.dll js::types::TypeNewScript::maybeAnalyze(JSContext*, js::types::TypeObject*, bool*, bool) js/src/jsinfer.cpp
1 mozjs.dll js::CreateThisForFunctionWithProto(JSContext*, JS::Handle<JSObject*>, JSObject*, js::NewObjectKind) js/src/jsobj.cpp
2 mozjs.dll js::CreateThisForFunction(JSContext*, JS::Handle<JSObject*>, js::NewObjectKind) js/src/jsobj.cpp
From there, there's two typical stack traces, either from js::RunState::maybeCreateThisForConstructor like in the report linked at the beginning of this comment or js::jit::TryAttachCallStub like in bp-59eda1a8-ebb9-43b6-a1a5-131f82140904
|
Reporter | |
Comment 2•11 years ago
|
||
Oh, see https://crash-stats.mozilla.com/report/list?signature=js%3A%3Atypes%3A%3ATypeNewScript%3A%3AmaybeAnalyze%28JSContext%2A%2C%20js%3A%3Atypes%3A%3ATypeObject%2A%2C%20bool%2A%2C%20bool%29 for more reports with this signature and a summary of data.
|
||
Comment 4•11 years ago
|
||
bug 1064558 comment #0 reproduces this reliably for me (on OS X, too).
|
||
Comment 5•11 years ago
|
||
(In reply to :Gijs Kruitbosch from comment #4)
> bug 1064558 comment #0 reproduces this reliably for me (on OS X, too).
Can you reproduce this with today's nightly? I can't reproduce this on trunk, and this might have been fixed by bug 1063180, which should be in today's nightly.
|
|
||
Updated•11 years ago
|
Flags: needinfo?(bhackett1024) → needinfo?(gijskruitbosch+bugs)
|
|
||
Comment 6•11 years ago
|
||
Yes, this breaks on 09-08 and works on 09-09, AFAICT. I'd mark as a dupe or dep, but I can't, because it's sec-sensitive, it seems...
Flags: needinfo?(gijskruitbosch+bugs)
|
|
||
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 8•11 years ago
|
||
Thanks for testing!
You need to log in
before you can comment on or make changes to this bug.
Description
•