Closed Bug 1095043 Opened 6 years ago Closed 6 years ago

crash in mozilla::dom::AutoEntryScript::~AutoEntryScript()

Categories

(Core :: XPConnect, defect)

36 Branch
All
Windows NT
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 1094953
Tracking Status
firefox36 --- affected

People

(Reporter: jbecerra, Unassigned)

Details

(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-134f0d51-d65b-4c6e-8da5-d7ece2141105.
=============================================================

One of the signatures in the long tail of nightly fx36 crash stats. Mostly happening on Win7 and Win8.1. There are no comments in the bugs. The signature has been around for a while on fx36.

More reports at: https://crash-stats.mozilla.com/report/list?product=Firefox&signature=mozilla%3A%3Adom%3A%3AAutoEntryScript%3A%3A%7EAutoEntryScript%28%29

0 	xul.dll 	mozilla::dom::AutoEntryScript::~AutoEntryScript() 	dom/base/ScriptSettings.cpp
1 	xul.dll 	nsXPCWrappedJSClass::DelegatedQueryInterface(nsXPCWrappedJS*, nsID const&, void**) 	js/xpconnect/src/XPCWrappedJSClass.cpp
2 	xul.dll 	nsXPCWrappedJS::QueryInterface(nsID const&, void**) 	js/xpconnect/src/XPCWrappedJS.cpp
3 	xul.dll 	nsQueryReferent::operator()(nsID const&, void**) 	xpcom/glue/nsWeakReference.cpp
4 	xul.dll 	nsObserverList::FillObserverArray(nsCOMArray<nsIObserver>&) 	xpcom/ds/nsObserverList.cpp
5 	xul.dll 	nsObserverList::NotifyObservers(nsISupports*, char const*, wchar_t const*) 	xpcom/ds/nsObserverList.cpp
6 	xul.dll 	nsObserverService::NotifyObservers(nsISupports*, char const*, wchar_t const*) 	xpcom/ds/nsObserverService.cpp
7 	xul.dll 	nsContentSink::NotifyDocElementCreated(nsIDocument*) 	dom/base/nsContentSink.cpp
8 	xul.dll 	nsDocElementCreatedNotificationRunner::Run() 	dom/base/nsDocElementCreatedNotificationRunner.h
9 	xul.dll 	nsHTMLDocument::EndUpdate(unsigned int) 	dom/html/nsHTMLDocument.cpp
10 	xul.dll 	nsHtml5DocumentBuilder::EndDocUpdate() 	parser/html/nsHtml5DocumentBuilder.h
11 	xul.dll 	nsHtml5DocumentBuilder::UpdateStyleSheet(nsIContent*) 	parser/html/nsHtml5DocumentBuilder.cpp
12 	xul.dll 	nsHtml5TreeOperation::Perform(nsHtml5TreeOpExecutor*, nsIContent**) 	parser/html/nsHtml5TreeOperation.cpp
13 	xul.dll 	nsHtml5TreeOpExecutor::RunFlushLoop() 	parser/html/nsHtml5TreeOpExecutor.cpp
14 	xul.dll 	nsHtml5ExecutorFlusher::Run() 	parser/html/nsHtml5StreamParser.cpp
15 	xul.dll 	nsThread::ProcessNextEvent(bool, bool*) 	xpcom/threads/nsThread.cpp
16 	xul.dll 	NS_ProcessNextEvent(nsIThread*, bool) 	xpcom/glue/nsThreadUtils.cpp
17 	xul.dll 	mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp
18 	xul.dll 	mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp
19 	xul.dll 	MessageLoop::RunHandler() 	ipc/chromium/src/base/message_loop.cc
20 	xul.dll 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc
21 	xul.dll 	nsBaseAppShell::Run() 	widget/nsBaseAppShell.cpp
22 	xul.dll 	nsAppShell::Run() 	widget/windows/nsAppShell.cpp
23 	xul.dll 	XRE_RunAppShell 	toolkit/xre/nsEmbedFunctions.cpp
24 	xul.dll 	mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp
25 	xul.dll 	MessageLoop::RunHandler() 	ipc/chromium/src/base/message_loop.cc
26 	xul.dll 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc
27 	xul.dll 	XRE_InitChildProcess 	toolkit/xre/nsEmbedFunctions.cpp
28 	plugin-container.exe 	content_process_main(int, char** const) 	ipc/contentproc/plugin-container.cpp
29 	plugin-container.exe 	wmain 	toolkit/xre/nsWindowsWMain.cpp
30 	plugin-container.exe 	__tmainCRTStartup 	f:/dd/vctools/crt/crtw32/startup/crt0.c:255
31 	kernel32.dll 	BaseThreadInitThunk 	
Ø 32 	ntdll.dll 	ntdll.dll@0x54408 	
Ø 33 	kernelbase.dll 	kernelbase.dll@0x9cd47
Component: DOM → XPConnect
x86 and x64 got different stacks due to inlining, but it's the same issue: |cx->zone()| is null in JS_MaybeGC.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1094953
You need to log in before you can comment on or make changes to this bug.