Closed
Bug 339950
Opened 19 years ago
Closed 18 years ago
Crash [@ js_NewFunction] with Random JS
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 344759
People
(Reporter: jruderman, Assigned: igor)
Details
(Keywords: crash)
Crash Data
Random JS (bug 326633) is giving me heisencrashes. Here's one stack from a Firefox nightly:
Thread 0 Crashed:
0 <<00000000>> 0x74732e6c 0 + 1953705580
1 libmozjs.dylib 0x2302a364 js_NewFunction + 260
2 org.mozilla.firefox 0x0040aaf8 XPCNativeMember::Resolve(XPCCallContext&, XPCNativeInterface*) + 484
3 org.mozilla.firefox 0x003f9fb0 nsContentShellInfo::~nsContentShellInfo [unified]() + 3092
4 org.mozilla.firefox 0x003fc994 XPC_WN_GetterSetter(JSContext*, JSObject*, unsigned, long*, long*) + 1156
5 libmozjs.dylib 0x23048ae0 js_LookupPropertyWithFlags + 1216
6 org.mozilla.firefox 0x003fc788 XPC_WN_GetterSetter(JSContext*, JSObject*, unsigned, long*, long*) + 632
7 libmozjs.dylib 0x2304a910 js_Enumerate + 260
8 libmozjs.dylib 0x2303eb10 js_NewNativeIterator + 260
9 libmozjs.dylib 0x2303ee18 js_DefaultIterator + 240
10 libmozjs.dylib 0x2302dfcc js_Invoke + 1828
11 libmozjs.dylib 0x2302e21c js_InternalInvoke + 184
12 libmozjs.dylib 0x2303eee0 js_ValueToIterator + 180
13 libmozjs.dylib 0x23030c20 js_Interpret + 6504
14 libmozjs.dylib 0x2302e010 js_Invoke + 1896
15 libmozjs.dylib 0x2302e21c js_InternalInvoke + 184
16 libmozjs.dylib 0x230085b0 JS_CallFunctionValue + 44
17 org.mozilla.firefox 0x005b0318 nsJSContext::CallEventHandler(JSObject*, JSObject*, unsigned, long*, long*) + 284
18 org.mozilla.firefox 0x004a9b68 nsGlobalWindow::RunTimeout(nsTimeout*) + 820
19 org.mozilla.firefox 0x004aa344 nsGlobalWindow::TimerCallback(nsITimer*, void*) + 40
20 libxpcom_core.dylib 0x2c04a9b8 nsTimerImpl::Fire() + 176
21 libxpcom_core.dylib 0x2c04aafc nsTimerEvent::Run() + 168
22 libxpcom_core.dylib 0x2c048054 nsThread::ProcessNextEvent(int, int*) + 280
23 libxpcom_core.dylib 0x2c008bf4 NS_ProcessNextEvent_P(nsIThread*, int) + 76
24 org.mozilla.firefox 0x0061d088 nsBaseAppShell::Run() + 80
25 org.mozilla.firefox 0x00389e84 nsAppStartup::Run() + 88
26 org.mozilla.firefox 0x00014304 XRE_main + 4148
27 org.mozilla.firefox 0x0000f558 start + 432
28 org.mozilla.firefox 0x0000f3d8 start + 48
Maybe it needs some WAY_TOO_MUCH_GC love.
|
||
Comment 1•19 years ago
|
||
Igor, I'm out on vacation -- any ideas?
/be
|
|
Assignee | |
Updated•19 years ago
|
Assignee: general → igor.bukanov
|
Reporter | |
Comment 2•19 years ago
|
||
Could this be a dup of bug 344759, "EIP hijack in FF 1.5.0.5 -- crash [@ 0x20202113] called by JS_SetPrivate"?
|
||
Updated•18 years ago
|
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
|
||
Updated•14 years ago
|
Crash Signature: [@ js_NewFunction]
You need to log in
before you can comment on or make changes to this bug.
Description
•