Closed
Bug 492487
Opened 15 years ago
Closed 15 years ago
reproducible fx3.5b4 crash [@ js_DeepBail ] when searching on aim.search.aol.com
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 487240
People
(Reporter: chofmann, Assigned: jorendorff)
References
Details
(Keywords: topcrash+, Whiteboard: [sg:critical?] gc-hazard)
currently ranks at #13 for 3.5b4 crashes and easily reproduced for me when trying the first test URL. Firefox 3.5b4 1 http://aim.search.aol.com/search/weboffers?s_it=wo_more&query=http%3A%2F%2Fwww.psp+iso.com%2F js_DeepBail Firefox 3.5b4 1 http://aim.search.aol.com/search/search?&query=9th+centeury&invocationType=tb50fftrab js_DeepBail Firefox 3.5b4 1 http://aim.search.aol.com/search/search?&query=f&invocationType=tb50fftrab js_DeepBail stack for my crash during testing looks like: 0 libmozjs.dylib js_DeepBail js/src/jstracer.cpp:5056 1 libmozjs.dylib PopulateReportBlame js/src/jscntxt.h:1463 2 libmozjs.dylib js_ReportErrorNumberVA js/src/jscntxt.cpp:1554 3 libmozjs.dylib JS_ReportErrorFlagsAndNumberUC js/src/jsapi.cpp:5679 4 libmozjs.dylib ReportRegExpErrorHelper js/src/jsregexp.cpp:452 5 libmozjs.dylib ParseRegExp js/src/jsregexp.cpp:458 6 libmozjs.dylib js_NewRegExp js/src/jsregexp.cpp:2538 7 libmozjs.dylib js_NewRegExpOpt js/src/jsregexp.cpp:2637 8 libmozjs.dylib regexp_compile_sub js/src/jsregexp.cpp:4780 9 libmozjs.dylib RegExp_tn2 js/src/jsregexp.cpp:4971 10 @0x3a2ab956 11 @0xbfffd1a7 12 libmozjs.dylib js_MonitorLoopEdge js/src/jstracer.cpp:4513 13 libmozjs.dylib js_Interpret js/src/jsinterp.cpp:3835 14 libmozjs.dylib js_Execute js/src/jsinterp.cpp:1599 15 libmozjs.dylib JS_EvaluateUCScriptForPrincipals js/src/jsapi.cpp:5145 16 XUL nsJSContext::EvaluateString dom/src/base/nsJSEnvironment.cpp:1603 17 XUL nsScriptLoader::EvaluateScript content/base/src/nsScriptLoader.cpp:686 18 XUL nsScriptLoader::ProcessRequest content/base/src/nsScriptLoader.cpp:600 19 XUL nsScriptLoader::ProcessScriptElement content/base/src/nsScriptLoader.cpp:554 20 XUL nsScriptElement::MaybeProcessScript content/base/src/nsScriptElement.cpp:193 21 XUL nsHTMLScriptElement::MaybeProcessScript content/html/content/src/nsHTMLScriptElement.cpp:546 22 XUL HTMLContentSink::ProcessSCRIPTEndTag content/html/document/src/nsHTMLContentSink.cpp:3142 23 XUL SinkContext::CloseContainer content/html/document/src/nsHTMLContentSink.cpp:1022 24 XUL HTMLContentSink::CloseContainer content/html/document/src/nsHTMLContentSink.cpp:2393 25 XUL CNavDTD::CloseContainer parser/htmlparser/src/CNavDTD.cpp:2800 26 XUL CNavDTD::HandleEndToken parser/htmlparser/src/CNavDTD.cpp:1679 27 XUL CNavDTD::HandleToken parser/htmlparser/src/CNavDTD.cpp:760 28 XUL CNavDTD::BuildModel parser/htmlparser/src/CNavDTD.cpp:332 29 XUL nsParser::BuildModel parser/htmlparser/src/nsParser.cpp:2378 30 XUL nsParser::ResumeParse parser/htmlparser/src/nsParser.cpp:2251 31 XUL nsParser::OnDataAvailable parser/htmlparser/src/nsParser.cpp:2904 32 XUL nsHTTPCompressConv::do_OnDataAvailable netwerk/streamconv/converters/nsHTTPCompressConv.cpp:375 33 XUL nsHTTPCompressConv::OnDataAvailable netwerk/streamconv/converters/nsHTTPCompressConv.cpp:319 34 XUL nsStreamListenerTee::OnDataAvailable netwerk/base/src/nsStreamListenerTee.cpp:97 35 XUL nsHttpChannel::OnDataAvailable netwerk/protocol/http/src/nsHttpChannel.cpp:5035 36 XUL nsInputStreamPump::OnStateTransfer netwerk/base/src/nsInputStreamPump.cpp:508 37 XUL nsInputStreamPump::OnInputStreamReady netwerk/base/src/nsInputStreamPump.cpp:398 38 XUL nsInputStreamReadyEvent::Run xpcom/io/nsStreamUtils.cpp:111 39 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:510 40 XUL NS_ProcessPendingEvents_P nsThreadUtils.cpp:180 41 XUL nsBaseAppShell::NativeEventCallback widget/src/xpwidgets/nsBaseAppShell.cpp:121 42 XUL nsAppShell::ProcessGeckoEvents widget/src/cocoa/nsAppShell.mm:405 43 CoreFoundation CoreFoundation@0x735f4 44 CoreFoundation CoreFoundation@0x73cd7 45 HIToolbox HIToolbox@0x302bf 46 HIToolbox HIToolbox@0x30011 47 HIToolbox HIToolbox@0x2ff4c 48 AppKit AppKit@0x40d7c 49 AppKit AppKit@0x4062f 50 JavaEmbeddingPlugin JavaEmbeddingPlugin@0x12fc2 51 AppKit AppKit@0x3966a 52 XUL nsAppShell::Run widget/src/cocoa/nsAppShell.mm:716 53 XUL nsAppStartup::Run toolkit/components/startup/src/nsAppStartup.cpp:193 54 XUL XRE_main toolkit/xre/nsAppRunner.cpp:3298 55 firefox-bin main browser/app/nsBrowserApp.cpp:156 56 firefox-bin firefox-bin@0x1541 57 firefox-bin firefox-bin@0x1468 58 @0x1
Flags: blocking1.9.1?
Reporter | ||
Updated•15 years ago
|
Keywords: topcrash+
Summary: crash [@ js_DeepBail ] when searching on aim.search.aol.com → reproducable fx3.5b4 crash [@ js_DeepBail ] when searching on aim.search.aol.com
Updated•15 years ago
|
Assignee: general → jorendorff
Updated•15 years ago
|
Flags: blocking1.9.1? → blocking1.9.1+
Comment 3•15 years ago
|
||
This looks like the GC hazard 487134 fixed. I am not crashing on TM tip.
Updated•15 years ago
|
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Updated•15 years ago
|
Summary: reproducable fx3.5b4 crash [@ js_DeepBail ] when searching on aim.search.aol.com → reproducible fx3.5b4 crash [@ js_DeepBail ] when searching on aim.search.aol.com
Updated•15 years ago
|
Flags: wanted1.9.0.x-
Whiteboard: [sg:critical?] gc-hazard
Updated•15 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•