Closed Bug 1064366 Opened 5 years ago Closed 5 years ago
Nightly crash in js::types::Type
New Script::maybe Analyze
This bug was filed from the Socorro interface and is report bp-439ef80d-7a30-4354-8262-f2c8a2140904. ============================================================= Crashes with this signature started on Nightly with the 2014-09-04 build. It happens on all Windows and Mac OS X versions we support. On Windows we a EXCEPTION_ACCESS_VIOLATION_READ mostly at 0x5a5a5a5a, on Mac we see EXC_BAD_ACCESS / 0x0000000d at 0x0. Top few stack frames: 0 mozjs.dll js::types::TypeNewScript::maybeAnalyze(JSContext*, js::types::TypeObject*, bool*, bool) js/src/jsinfer.cpp 1 mozjs.dll js::CreateThisForFunctionWithProto(JSContext*, JS::Handle<JSObject*>, JSObject*, js::NewObjectKind) js/src/jsobj.cpp 2 mozjs.dll js::CreateThisForFunction(JSContext*, JS::Handle<JSObject*>, js::NewObjectKind) js/src/jsobj.cpp From there, there's two typical stack traces, either from js::RunState::maybeCreateThisForConstructor like in the report linked at the beginning of this comment or js::jit::TryAttachCallStub like in bp-59eda1a8-ebb9-43b6-a1a5-131f82140904
I wonder if this is bug 1041688...
Oh, see https://crash-stats.mozilla.com/report/list?signature=js%3A%3Atypes%3A%3ATypeNewScript%3A%3AmaybeAnalyze%28JSContext%2A%2C%20js%3A%3Atypes%3A%3ATypeObject%2A%2C%20bool%2A%2C%20bool%29 for more reports with this signature and a summary of data.
bug 1064558 comment #0 reproduces this reliably for me (on OS X, too).
(In reply to :Gijs Kruitbosch from comment #4) > bug 1064558 comment #0 reproduces this reliably for me (on OS X, too). Can you reproduce this with today's nightly? I can't reproduce this on trunk, and this might have been fixed by bug 1063180, which should be in today's nightly.
Flags: needinfo?(bhackett1024) → needinfo?(gijskruitbosch+bugs)
Yes, this breaks on 09-08 and works on 09-09, AFAICT. I'd mark as a dupe or dep, but I can't, because it's sec-sensitive, it seems...
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1063180
Thanks for testing!
You need to log in before you can comment on or make changes to this bug.