Closed Bug 549546 Opened 14 years ago Closed 14 years ago

Crash [@ js_Interpret] when just browsing

Categories

(Firefox Build System :: General, defect)

Product:
Firefox Build System
Component:
General
Version:
1.9.2 Branch
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 464043

People

(Reporter: bas.schouten, Unassigned)

Details

I had a crash while using FF 3.6:

Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6

It didn't fire up the crash reporter. But VS did intercept it. I've got the stack trace, a mini dump, and a full dump with heap. Shortly before the crash memory usage was very high (around 1 GB). And there were intermittent freezes of the main thread (i.e. unresponsiveness).

>	js3250.dll!js_Interpret(JSContext * cx=0x12a54400)  Line 859 + 0x18 bytes	C++
 	js3250.dll!js_Invoke(JSContext * cx=0x12a54400, unsigned int argc=1, int * vp=0x07b16020, unsigned int flags=0)  Line 1368 + 0x6 bytes	C++
 	js3250.dll!js_InternalInvoke(JSContext * cx=0x12a54400, JSObject * obj=0x1753bd40, int fval=378512312, unsigned int flags=0, unsigned int argc=1, int * argv=0x08c4a5b8, int * rval=0x003fa8a8)  Line 1423 + 0x12 bytes	C++
 	js3250.dll!JS_CallFunctionValue(JSContext * cx=0x12a54400, JSObject * obj=0x1753bd40, int fval=378512312, unsigned int argc=1, int * argv=0x08c4a5b8, int * rval=0x003fa8a8)  Line 5113	C++
 	xul.dll!nsJSContext::CallEventHandler(nsISupports * aTarget=0x11669930, void * aScope=0x1753bd40, void * aHandler=0x168fa3b8, nsIArray * aargv=0x17c35ca4, nsIVariant * * arv=0x003fa948)  Line 2135	C++
 	xul.dll!nsGlobalWindow::RunTimeout(nsTimeout * aTimeout=0x17cf75c0)  Line 8077	C++
 	xul.dll!nsGlobalWindow::TimerCallback(nsITimer * aTimer=0x18d3c430, void * aClosure=0x17cf75c0)  Line 8412	C++
 	xul.dll!nsTimerImpl::Fire()  Line 427 + 0x7 bytes	C++
 	nspr4.dll!_PR_MD_UNLOCK(_MDLock * lock=0x0a41e420)  Line 347	C
 	xul.dll!nsThread::ProcessNextEvent(int mayWait=0, int * result=0x003faa50)  Line 533	C++
 	xul.dll!NS_ProcessPendingEvents_P(nsIThread * thread=0x00000000, unsigned int timeout=20)  Line 200 + 0xc bytes	C++
 	xul.dll!nsAppShell::EventWindowProc(HWND__ * hwnd=0x77016238, unsigned int uMsg=132022, unsigned int wParam=49621, long lParam=0)  + 0x1a7d67 bytes	C++
 	user32.dll!_InternalCallWinProc@20()  + 0x23 bytes	
 	user32.dll!_UserCallWinProcCheckWow@32()  + 0xb7 bytes	
 	user32.dll!_DispatchMessageWorker@8()  + 0xed bytes	
 	user32.dll!_DispatchMessageW@4()  + 0xf bytes	
 	user32.dll!_DialogBox2@16()  + 0x1c0 bytes	
 	user32.dll!_InternalDialogBox@24()  + 0xc9 bytes	
 	user32.dll!_SoftModalMessageBox@4()  + 0x757 bytes	
 	user32.dll!_MessageBoxWorker@4()  + 0x269 bytes	
 	user32.dll!_MessageBoxTimeoutW@24()  + 0x52 bytes	
 	user32.dll!_MessageBoxTimeoutA@24()  + 0x76 bytes	
 	user32.dll!_MessageBoxExA@20()  + 0x1b bytes	
 	user32.dll!_MessageBoxA@16()  + 0x18 bytes	
 	msvcr71.dll!__crtMessageBoxA(const char * lpText=0x003faf3c, const char * lpCaption=0x15e3f480, unsigned int uType=73744)  Line 118 + 0x10 bytes	C
 	msvcr71.dll!_NMSG_WRITE(int rterrnum=10)  Line 240 + 0x10 bytes	C
 	msvcr71.dll!abort()  Line 48	C
 	mozcrt19.dll!_getptd_noexit()  Line 631 + 0x7 bytes	C
 	ntdll.dll!___RtlUserThreadStart@8()  + 0x369dc bytes	
 	ntdll.dll!ExecuteHandler2@20()  + 0x26 bytes	
 	ntdll.dll!ExecuteHandler@20()  + 0x24 bytes	
 	ntdll.dll!_KiUserExceptionDispatcher@8()  + 0xf bytes	
 	KERNELBASE.dll!_RaiseException@16()  + 0x58 bytes	
 	mozcrt19.dll!_CxxThrowException(void * pExceptionObject=0x003fb700, const _s__ThrowInfo * pThrowInfo=0x6f97aa24)  Line 161	C++
 	mozcrt19.dll!operator new(unsigned int size=2097152)  Line 61	C++
 	xul.dll!nsDeque::GrowCapacity()  Line 179 + 0x18 bytes	C++
 	xul.dll!GraphWalker::DoWalk(nsDeque & aQueue={...})  Line 1237 + 0x7 bytes	C++
 	xul.dll!GraphWalker::WalkFromRoots(GCGraph & aGraph={...})  Line 1222	C++
 	xul.dll!nsCycleCollector::BeginCollection()  Line 2600	C++
 	xul.dll!XPCCycleCollectGCCallback(JSContext * cx=0x00724200, JSGCStatus status=JSGC_MARK_END)  Line 390 + 0x1d bytes	C++
 	js3250.dll!js_GC(JSContext * cx=0x00724200, JSGCInvocationKind gckind=GC_NORMAL)  Line 3537 + 0xb bytes	C++
 	js3250.dll!JS_GC(JSContext * cx=0x00724200)  Line 2439 + 0x8 bytes	C++
 	xul.dll!nsXPConnect::Collect()  Line 478	C++
 	xul.dll!nsCycleCollector::Collect(unsigned int aTryCollections=)  Line 2426	C++
 	xul.dll!nsCycleCollector::Collect(unsigned int aTryCollections=1)  Line 2434 + 0x5 bytes	C++
 	xul.dll!nsJSContext::CC()  Line 3578 + 0x1b bytes	C++
 	xul.dll!nsJSContext::IntervalCC()  Line 3667	C++
 	xul.dll!nsTimerImpl::Fire()  Line 427 + 0x7 bytes	C++
 	nspr4.dll!_PR_MD_UNLOCK(_MDLock * lock=0x095462a0)  Line 347	C
 	xul.dll!nsThread::ProcessNextEvent(int mayWait=1, int * result=0x003ff908)  Line 533	C++
 	xul.dll!nsBaseAppShell::Run()  Line 169	C++
 	xul.dll!nsAppStartup::Run()  Line 183	C++
 	xul.dll!XRE_main(int argc=, char * * argv=, const nsXREAppData * aAppData=)  Line 3507	C++
 	xul.dll!nsAString_internal::Assign(const wchar_t * data=0x00000000, unsigned int length=7561480)  Line 362 + 0x1a bytes	C++
 	xul.dll!nsLocalFile::Release()  Line 790 + 0x13 bytes	C++
 	xul.dll!nsRefPtr<nsIRunnable>::~nsRefPtr<nsIRunnable>()  Line 957	C++
 	firefox.exe!wmain(int argc=, wchar_t * * argv=)  Line 120 + 0xec bytes	C++
 	firefox.exe!__tmainCRTStartup()  Line 591 + 0x19 bytes	C
 	kernel32.dll!@BaseThreadInitThunk@12()  + 0x12 bytes	
 	ntdll.dll!___RtlUserThreadStart@8()  + 0x27 bytes	
 	ntdll.dll!__RtlUserThreadStart@8()  + 0x1b bytes	

Unhandled exception at 0x6f80ace9 in JSCrashMini.dmp: 0xC0000005: Access violation reading location 0x00000000.

EAX = 0E034D80 EBX = 07B16258 ECX = 00000000 EDX = 0E034D84 ESI = 0E034D80 EDI = 124D6CC2 EIP = 6F80ACE9 ESP = 003FA540 EBP = 003FA774 
EFL = 00010283
Obviously I just realized this is all just a problem of new throwing because of running out of memory, and the exception triggering a bunch of failures. Doesn't have to do anything with JavaScript necessarily.
We can't have new throw a C++ exception, or so I say.

Is this XPCOM, or Build Config? Going with latter for now.

/be
Assignee: general → nobody
Component: JavaScript Engine → Build Config
QA Contact: general → build-config
     msvcr71.dll!abort()  Line 48    C
     mozcrt19.dll!_getptd_noexit()  Line 631 + 0x7 bytes    C

Well, it's um. unfortunate. roughly speaking the other runtimes trapped our exit.

I had a bug/patch somewhere to change deque to not use new, it's fixed in trunk...
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Product: Core → Firefox Build System
You need to log in before you can comment on or make changes to this bug.