Closed Bug 1394202 Opened 7 years ago Closed 5 years ago

Crash in moz_abort | arena_run_split | arena_malloc_large | malloc_impl | js::LifoAlloc::getOrCreateChunk | js::jit::FixedList<T>::init

Categories

(Core :: JavaScript Engine: JIT, defect, P3)

Unspecified
Windows 10
defect

Tracking

()

RESOLVED WONTFIX

People

(Reporter: jseward, Unassigned)

Details

(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-d854db8f-5d92-46ee-bb86-092e10170826.
=============================================================

This is topcrash #17 in the Windows nightly of 20170824100243.
Flags: needinfo?(nicolas.b.pierron)
This looks like an address space OOM crash to me, at least partially.  Taking a look at the stack trace for one of these, we end up inside `pages_commit`, which crashes on a failed `VirtualAlloc` here: http://searchfox.org/mozilla-central/source/memory/mozjemalloc/mozjemalloc.cpp#1303

The odd thing is it's on a 64-bit machine, and the crash report I looked at says there's a bunch of vmem address space still available.

However, the crash is explicitly not a segfault, and is crashing via an explicit moz_abort on the stack trace I looked at.  The only place I can see explicit crashes happening under `pages_commit` is the failure condition for `VirtualAlloc`, so I'm inclined to stand by the hypothesis.
Priority: -- → P3
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
Flags: needinfo?(nicolas.b.pierron)
You need to log in before you can comment on or make changes to this bug.