584938 - Linked URL immediately crashes Minefield

Status: RESOLVED DUPLICATE of bug 584437

(Core :: JavaScript Engine, defect)

Description

[Neil Lee [:neilio]]

When I load this url before anything is even displayed Minefield (20100804 nightly) crashes.

http://crash-stats.mozilla.com/report/index/bp-32ba2418-bfdf-414f-98ae-798602100805

Sorry if this is the wrong component - I'm not sure where this should be filed.

Comment 1

[Andreas Gal :gal]

Hidden while I look at the cause.

Comment 2

[Andreas Gal :gal]

I don't crash with a minefield nightly (macosx, product build).

Comment 3

[Andreas Gal :gal]

dup of bug 571626?

Comment 4

[timeless]

Signature	js::ExecuteTree
UUID	32ba2418-bfdf-414f-98ae-798602100805
Time	2010-08-05 20:30:07.407845
Uptime	30
Last Crash	34 seconds before submission
Install Age	98941 seconds (1.1 days) since version was first installed.
Product	Firefox
Version	4.0b3pre
Build ID	20100804082536
Branch	2.0
OS	Mac OS X
OS Version	10.6.4 10F569
CPU	x86
CPU Info	GenuineIntel family 6 model 37 stepping 2
Crash Reason	EXC_BAD_ACCESS / KERN_PROTECTION_FAILURE
Crash Address	0x4
User Comments	
Processor Notes	
EMCheckCompatibility	False
Related Bugs

---
Bug 584916 NEW Crash when loading any page on vimeo.com [@ js::ExecuteTree ]
Bug 579551 NEW That link crashes Firefox. [@ js::ExecuteTree ]
OPEN
Bug 571626 NEW TM: Crash in [@ js::ExecuteTree]


Frame	Module	Signature [Expand]	Source
0		@0x636bd83	
1	libmozjs.dylib	js::ExecuteTree	js/src/jstracer.cpp:6646
2	libmozjs.dylib	js::MonitorLoopEdge	js/src/jstracer.cpp:7252
3	libmozjs.dylib	js::Interpret	js/src/jsinterp.cpp:2907
4	libmozjs.dylib	js::Execute	js/src/jsinterp.cpp:907
5	libmozjs.dylib	JS_EvaluateUCScriptForPrincipals	js/src/jsapi.cpp:4761
6	XUL	nsJSContext::EvaluateString	dom/base/nsJSEnvironment.cpp:1811
7	XUL	nsScriptLoader::EvaluateScript	content/base/src/nsScriptLoader.cpp:764
8	XUL	nsScriptLoader::ProcessRequest	content/base/src/nsScriptLoader.cpp:674
9	XUL	nsScriptLoader::ProcessScriptElement	content/base/src/nsScriptLoader.cpp:547
10	XUL	nsScriptElement::MaybeProcessScript	content/base/src/nsScriptElement.cpp:195
11	XUL	nsHTMLScriptElement::MaybeProcessScript	content/html/content/src/nsHTMLScriptElement.cpp:551
12	XUL	nsHTMLScriptElement::DoneAddingChildren	content/html/content/src/nsHTMLScriptElement.cpp:479
13	XUL	nsHtml5TreeOpExecutor::RunScript	parser/html/nsHtml5TreeOpExecutor.cpp:726
14	XUL	nsHtml5TreeOpExecutor::RunFlushLoop	parser/html/nsHtml5TreeOpExecutor.cpp:521
15	XUL	nsHtml5ExecutorReflusher::Run	parser/html/nsHtml5TreeOpExecutor.cpp:90
16	XUL	nsThread::ProcessNextEvent	xpcom/threads/nsThread.cpp:547
17	XUL	NS_ProcessPendingEvents_P	 nsThreadUtils.cpp:200
18	XUL	nsBaseAppShell::NativeEventCallback	widget/src/xpwidgets/nsBaseAppShell.cpp:126
19	XUL	nsAppShell::ProcessGeckoEvents	widget/src/cocoa/nsAppShell.mm:394
20	CoreFoundation	__CFRunLoopDoSources0	
21	CoreFoundation	__CFRunLoopRun	
22	CoreFoundation	CFRunLoopRunSpecific	
23	CoreFoundation	CFRunLoopRunInMode	
24	HIToolbox	RunCurrentEventLoopInMode	
25	HIToolbox	ReceiveNextEventCommon	
26	HIToolbox	BlockUntilNextEventMatchingListInMode	
27	AppKit	_DPSNextEvent	
28	AppKit	-[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]	
29	AppKit	-[NSApplication run]	
30	XUL	nsAppShell::Run	widget/src/cocoa/nsAppShell.mm:747
31	XUL	nsAppStartup::Run	toolkit/components/startup/src/nsAppStartup.cpp:191
32	XUL	XRE_main	toolkit/xre/nsAppRunner.cpp:3646
33	firefox-bin	main	browser/app/nsBrowserApp.cpp:158

Comment 5

[Daniel Veditz [:dveditz]]

Can we get a testcase attached to this bug in case the page changes? Reduced would be even better.

Comment 6

[Robert Sayre]

looks like a dupe of 584437