Closed
Bug 1233944
Opened 9 years ago
Closed 8 years ago
crash in unsigned long js::gc::Arena::finalize<T>
Categories
(Core :: JavaScript: GC, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1232229
People
(Reporter: drno, Unassigned)
References
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is report bp-e79e6813-5373-4913-a5ac-202112151219. =============================================================
Got it on dev edition, shortly after opening this link in a new tab: https://www.washingtonpost.com/opinions/ted-cruz-gets-burned-by-the-birther-fires-he-stoked/2016/01/08/c6cf7e02-b60a-11e5-a76a-0b5145e8679a_story.html
|
||
Comment 2•8 years ago
|
||
This has happened to me twice on nightly today. Both times was reading near the end of http://www.nytimes.com/2016/01/19/us/rural-oregons-lost-prosperity-gives-standoff-a-distressed-backdrop.html?_r=0 (crash when reading, then crash on restore).
|
|
||
Comment 3•8 years ago
|
||
that link seems OK now, though, so could have been coincidence? transient sidebar content or ads?
WashingtonPost again today (https://crash-stats.mozilla.com/report/index/ca85f4bc-e946-4ba3-91b4-23ad02160126). I think it's the "do you want to subscribe or just read the three free articles..." type of ad that floated around.
|
||
Comment 5•8 years ago
|
||
Received the same crash [1] when I was scrolling through a New York Times article [2]. [1] https://crash-stats.mozilla.com/report/index/51879192-43cd-4da8-8c03-3e7a62160128 [2] http://www.nytimes.com/2016/01/24/technology/larry-page-google-founder-is-still-innovator-in-chief.html
|
||
Comment 6•8 years ago
|
||
I also got this crash when I opened a New York Times article. http://www.nytimes.com/2016/02/04/us/politics/jeb-bush-an-also-ran-in-iowa-may-be-pivotal-in-new-hampshire.html
|
||
Comment 7•8 years ago
|
||
I just got this bug on wordpress admin screens.
Ezra, could you attach a link to the crash report? You should be able to find it in about:crashes.
|
|
||
Comment 9•8 years ago
|
||
Hi Milan, Here is the crash report: https://crash-stats.mozilla.com/report/index/0765df31-694e-43ac-b594-67c592160209 I must add, that I think it was because of the wp-admin screen, but I had a lots of tabs open, so it could have been any of the others, but I was working in the wp-admin tab. But none of the tabs was either NYT or WashingtonPost.
|
||
Comment 10•8 years ago
|
||
I this twice in a row just now trying to get directions on Bing maps...
|
||
Comment 11•8 years ago
|
||
Seems related to bug 1232229. The OS X crash stack suggests the JSObject finalizer is crashing because we have an object with a nullptr group. Now, this could be random memory corruption elsewhere, but it's also possible we called setGroup with a nullptr group. There's an assert in debug builds, we could try upgrading that to a release assert...
See Also: → 1232229
|
|
||
Comment 13•8 years ago
|
||
(In reply to Jan de Mooij [:jandem] from comment #11) > There's an assert in debug builds, we could try upgrading > that to a release assert... Pushed the trivial one-liner: https://hg.mozilla.org/integration/mozilla-inbound/rev/28c3f02201e5
|
|
||
Updated•8 years ago
|
Keywords: leave-open
|
||
Comment 14•8 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/28c3f02201e5
|
|
||
Comment 15•8 years ago
|
||
This signature has gone away on beta with the landing of bug 1232229. Jan, does this end up being a dupe of that one?
Flags: needinfo?(jdemooij)
|
|
||
Comment 16•8 years ago
|
||
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #15) > This signature has gone away on beta with the landing of bug 1232229. > > Jan, does this end up being a dupe of that one? Yep!
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(jdemooij)
Resolution: --- → DUPLICATE
|
||
Comment 17•6 years ago
|
||
Removing leave-open keyword from resolved bugs, per :sylvestre.
Keywords: leave-open
You need to log in
before you can comment on or make changes to this bug.
Description
•