Closed Bug 1398461 Opened 7 years ago Closed 5 years ago

Crash in RtlEnterCriticalSection | je_free | js::NewString<T>

Categories

(Core :: JavaScript Engine, defect, P3)

Product:
Core
Component:
JavaScript Engine
Version:
56 Branch
Platform:
x86
Windows 10
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME
Tracking Flags:
Tracking Status
firefox56 --- affected
firefox57 --- wontfix

People

(Reporter: baffclan, Unassigned)

Details

(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-482b00dd-b87b-4f18-b92a-e5a640170909.
=============================================================


Crashing Thread (0)
Frame 	Module 	Signature 	Source
0 	ntdll.dll 	RtlEnterCriticalSection 	
1 	mozglue.dll 	je_free 	memory/mozjemalloc/mozjemalloc.cpp:4694
2 	xul.dll 	js::NewString<1, unsigned char>(JSContext*, unsigned char*, unsigned __int64) 	js/src/vm/String.cpp:1298
3 	xul.dll 	JSStructuredCloneReader::startRead(JS::MutableHandle<JS::Value>) 	js/src/vm/StructuredClone.cpp:2082
4 	xul.dll 	JSStructuredCloneReader::read(JS::MutableHandle<JS::Value>) 	js/src/vm/StructuredClone.cpp:2546
5 	xul.dll 	ReadStructuredClone(JSContext*, JSStructuredCloneData&, JS::StructuredCloneScope, JS::MutableHandle<JS::Value>, JSStructuredCloneCallbacks const*, void*) 	js/src/vm/StructuredClone.cpp:630
6 	xul.dll 	JS_ReadStructuredClone(JSContext*, JSStructuredCloneData&, unsigned int, JS::StructuredCloneScope, JS::MutableHandle<JS::Value>, JSStructuredCloneCallbacks const*, void*) 	js/src/vm/StructuredClone.cpp:2587
7 	xul.dll 	JSAutoStructuredCloneBuffer::read(JSContext*, JS::MutableHandle<JS::Value>, JSStructuredCloneCallbacks const*, void*) 	js/src/vm/StructuredClone.cpp:2751
8 	xul.dll 	mozilla::dom::StructuredCloneHolderBase::Read(JSContext*, JS::MutableHandle<JS::Value>) 	dom/base/StructuredCloneHolder.cpp:206
9 	xul.dll 	mozilla::dom::StructuredCloneHolder::Read(nsISupports*, JSContext*, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) 	dom/base/StructuredCloneHolder.cpp:301
10 	xul.dll 	mozilla::dom::StructuredCloneBlob::Deserialize(JSContext*, JS::Handle<JSObject*>, JS::MutableHandle<JS::Value>, mozilla::ErrorResult&) 	dom/base/StructuredCloneBlob.cpp:93
11 	xul.dll 	mozilla::dom::StructuredCloneHolderBinding::deserialize 	obj-firefox/dom/bindings/StructuredCloneHolderBinding.cpp:34
12 	xul.dll 	mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) 	dom/bindings/BindingUtils.cpp:3053
13 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:469
14 	xul.dll 	js::Wrapper::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/Wrapper.cpp:169
15 	xul.dll 	js::CrossCompartmentWrapper::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/CrossCompartmentWrapper.cpp:359
16 	xul.dll 	js::Proxy::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/Proxy.cpp:481
17 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:451
18 	xul.dll 	Interpret 	js/src/vm/Interpreter.cpp:3064
19 	xul.dll 	js::RunScript(JSContext*, js::RunState&) 	js/src/vm/Interpreter.cpp:409
20 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:487
21 	xul.dll 	Interpret 	js/src/vm/Interpreter.cpp:3064
22 	xul.dll 	js::RunScript(JSContext*, js::RunState&) 	js/src/vm/Interpreter.cpp:409
23 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:487
24 	xul.dll 	js::Wrapper::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/Wrapper.cpp:169
25 	xul.dll 	js::CrossCompartmentWrapper::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/CrossCompartmentWrapper.cpp:359
26 	xul.dll 	js::Proxy::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) 	js/src/proxy/Proxy.cpp:481
27 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:451
28 	xul.dll 	Interpret 	js/src/vm/Interpreter.cpp:3064
29 	xul.dll 	js::RunScript(JSContext*, js::RunState&) 	js/src/vm/Interpreter.cpp:409
30 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:487
31 	xul.dll 	js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>) 	js/src/vm/Interpreter.cpp:533
32 	xul.dll 	js::PromiseObject::create(JSContext*, JS::Handle<JSObject*>, JS::Handle<JSObject*>, bool) 	js/src/builtin/Promise.cpp:1423
33 	xul.dll 	PromiseConstructor 	js/src/builtin/Promise.cpp:1353
34 	xul.dll 	InternalConstruct 	js/src/vm/Interpreter.cpp:560
35 	xul.dll 	js::ConstructFromStack(JSContext*, JS::CallArgs const&) 	js/src/vm/Interpreter.cpp:598
36 	xul.dll 	Interpret 	js/src/vm/Interpreter.cpp:3056
37 	xul.dll 	js::RunScript(JSContext*, js::RunState&) 	js/src/vm/Interpreter.cpp:409
38 	xul.dll 	js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) 	js/src/vm/Interpreter.cpp:487
39 	xul.dll 	js::jit::DoCallFallback 	js/src/jit/BaselineIC.cpp:2589
40 		@0x5a108cd7d
Component: Networking → JavaScript Engine
Jon is this actionable for FF57?
Assignee: nobody → jcoppeard
status-firefox56: --- → affected
Flags: needinfo?(jcoppeard)
Priority: -- → P1
I can't see anything we can do here.
Flags: needinfo?(jcoppeard)
status-firefox57: --- → wontfix
Priority: P1 → P3
Assignee: jcoppeard → nobody

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.