Closed Bug 1414762 Opened 3 years ago Closed 3 years ago

Crash in JSContext::verifyIsSafeToGC

Categories

(Core :: ImageLib, defect, P1)

58 Branch
Unspecified
Windows 10
defect

Tracking

()

RESOLVED FIXED
mozilla58
Tracking Status
firefox-esr52 --- unaffected
firefox56 --- unaffected
firefox57 --- unaffected
firefox58 --- fixed

People

(Reporter: calixte, Assigned: aosmond)

References

(Blocks 1 open bug)

Details

(Keywords: crash, regression, Whiteboard: [gfx-noted][clouseau])

Crash Data

Attachments

(1 file)

This bug was filed from the Socorro interface and is 
report bp-a538c70c-f7a2-484f-a729-c6b890171105.
=============================================================

There are 11 crashes in nightly 58 starting with buildid 20171101220120. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1404422.

[1] https://hg.mozilla.org/mozilla-central/rev?node=1b420c5a7b11eaf2fa1849f90769659f5146a8e9
Flags: needinfo?(aosmond)
I see the oversight on my part. Simple enough to fix.
Assignee: nobody → aosmond
Status: NEW → ASSIGNED
Flags: needinfo?(aosmond)
Priority: -- → P1
Whiteboard: [clouseau] → [gfx-noted][clouseau]
Group: core-security
Duplicate of this bug: 1414433
Attachment #8925489 - Flags: review?(tnikkel) → review+
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
Blocks: 1413981
Duplicate of this bug: 1413981
Duplicate of this bug: 1414913
Group: core-security → core-security-release
Duplicate of this bug: 1415476
Duplicate of this bug: 1414427
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.