Closed
Bug 1652246
Opened 5 years ago
Closed 1 year ago
Crash in [@ js::NestedIterator<T>::next]
Categories
(Core :: JavaScript: GC, defect, P5)
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| firefox-esr68 | --- | unaffected |
| firefox-esr78 | --- | unaffected |
| firefox78 | --- | unaffected |
| firefox79 | --- | wontfix |
| firefox80 | --- | fix-optional |
People
(Reporter: philipp, Unassigned)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: crash, csectype-wildptr, regression)
Crash Data
This bug is for crash report bp-f747e820-fbb6-4c76-bae5-ef92d0200710.
Top 10 frames of crashing thread:
0 xul.dll js::NestedIterator<js::gc::GCZonesIter, ArenasToUpdate>::next js/src/gc/IteratorUtils.h:41
1 xul.dll js::gc::ParallelWorker<ArenaListSegment, js::NestedIterator<js::gc::GCZonesIter, ArenasToUpdate> >::run js/src/gc/ParallelWork.h:67
2 xul.dll js::GCParallelTask::runTask js/src/gc/GCParallelTask.cpp:146
3 xul.dll js::GCParallelTask::runFromHelperThread js/src/gc/GCParallelTask.cpp:131
4 xul.dll js::HelperThread::handleGCParallelWorkload js/src/vm/HelperThreads.cpp:1675
5 xul.dll static js::HelperThread::ThreadMain js/src/vm/HelperThreads.cpp:2000
6 xul.dll static js::detail::ThreadTrampoline<void js/src/threading/Thread.h:206
7 ucrtbase.dll thread_start<unsigned int >
8 kernel32.dll BaseThreadInitThunk
9 ntdll.dll __RtlUserThreadStart
crash reports with this signature are newly showing up since firefox 79.
|
||
Comment 1•5 years ago
|
||
Probably a signature shift from bug 1612769 / bug 1634143.
|
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
Group: javascript-core-security
|
||
Updated•5 years ago
|
|
||
Updated•5 years ago
|
Has Regression Range: --- → yes
|
||
Comment 2•1 year ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•