Closed
Bug 1557283
Opened 5 years ago
Closed 5 years ago
Crash in [@ js::UncheckedUnwrapWithoutExpose]
Categories
(Core :: JavaScript: GC, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla69
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox67 | --- | unaffected |
firefox68 | --- | unaffected |
firefox69 | + | fixed |
People
(Reporter: calixte, Assigned: sfink)
References
(Regression)
Details
(Keywords: crash, regression, Whiteboard: [sg:dos])
Crash Data
This bug is for crash report bp-9dac9692-791a-4052-96cf-13df60190606.
Top 10 frames of crashing thread:
0 xul.dll js::UncheckedUnwrapWithoutExpose js/src/proxy/Wrapper.cpp:321
1 xul.dll void js::WeakMap<js::HeapPtr<JSObject*>, js::HeapPtr<JS::Value> >::markEntry js/src/gc/WeakMap-inl.h:128
2 xul.dll js::GCMarker::enterWeakMarkingMode js/src/gc/Marking.cpp:2600
3 xul.dll js::gc::GCRuntime::markWeakReferences<js::gc::SweepGroupZonesIter> js/src/gc/GC.cpp:4601
4 xul.dll js::gc::GCRuntime::endMarkingSweepGroup js/src/gc/GC.cpp:5503
5 xul.dll js::gc::IncrementalProgress sweepaction::SweepActionSequence<js::gc::GCRuntime*, js::FreeOp*, js::SliceBudget&>::run js/src/gc/GC.cpp:6501
6 xul.dll js::gc::IncrementalProgress sweepaction::SweepActionRepeatFor<js::gc::SweepGroupsIter, JSRuntime*, js::gc::GCRuntime*, js::FreeOp*, js::SliceBudget&>::run js/src/gc/GC.cpp:6561
7 xul.dll js::gc::GCRuntime::performSweepActions js/src/gc/GC.cpp:6733
8 xul.dll js::gc::GCRuntime::incrementalSlice js/src/gc/GC.cpp:7262
9 xul.dll js::gc::GCRuntime::gcCycle js/src/gc/GC.cpp:7628
This crash signature reappeared recently in nightly 69.
It could be related to bug 1167452 fix.
:sfink, could you investigate please?
Flags: needinfo?(sphink)
Updated•5 years ago
|
Priority: -- → P1
Comment 1•5 years ago
|
||
All the new nightly crashes are at 0x0 -- doesn't look exploitable.
Comment 2•5 years ago
|
||
Comment 3•5 years ago
|
||
Looks like this spike was resolved by backing out bug 1167452.
Assignee: nobody → sphink
Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox67:
--- → unaffected
status-firefox68:
--- → unaffected
status-firefox-esr60:
--- → unaffected
tracking-firefox69:
--- → +
Flags: needinfo?(sphink)
Regressed by: 1167452
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
Updated•2 years ago
|
Has Regression Range: --- → yes
You need to log in
before you can comment on or make changes to this bug.
Description
•