Closed
Bug 646380
Opened 14 years ago
Closed 14 years ago
[@ JSContext::popSegmentAndFrame]
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: timeless, Assigned: luke)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
734 bytes,
patch
|
sfink
:
review+
dveditz
:
approval2.0+
|
Details | Diff | Splinter Review |
Build identifier: Mozilla/5.0 (Windows NT 6.1; rv:2.2a1pre) Gecko/20110329 Firefox/4.2a1pre Product Firefox Version 4.2a1pre Build ID 20110329030437 Branch 2.2 OS Windows NT OS Version 6.1.7601 Service Pack 1 CPU x86 CPU Info GenuineIntel family 6 model 28 stepping 10 Crash Reason EXCEPTION_ACCESS_VIOLATION_WRITE Crash Address 0x0 User Comments grr. somewhat hacked firefox (browser.js) with venkman (actively debugging chrome) App Notes AdapterVendorID: 8086, AdapterDeviceID: a011, AdapterDriverVersion: 8.14.10.2230 D3D10 Layers? D3D10 Layers- D3D9 Layers? D3D9 Layers- Processor Notes INFO: This record is a replacement for a previous record with the same uuid EMCheckCompatibility False Bugzilla - Report this Crash Crashing Thread Frame Module Signature [Expand] Source 0 mozjs.dll JSContext::popSegmentAndFrame js/src/jscntxt.cpp:2065 1 mozjs.dll js::FrameGuard::~FrameGuard js/src/jscntxt.cpp:360 2 mozjs.dll js::AutoCompartment::leave js/src/jswrapper.cpp:407 3 mozjs.dll JS_LeaveCrossCompartmentCall js/src/jsapi.cpp:1213 4 xul.dll jsd_GetValueString js/jsd/jsd_val.c:250 5 xul.dll jsdValue::GetStringValue js/jsd/jsd_xpc.cpp:2307 6 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102 7 xul.dll XPC_WN_GetterSetter js/src/xpconnect/src/xpcwrappednativejsops.cpp:1663 8 mozjs.dll js::Invoke js/src/jsinterp.cpp:703 9 mozjs.dll js::ExternalInvoke js/src/jsinterp.cpp:863 10 mozjs.dll js::Shape::get js/src/jsscopeinlines.h:249 11 mozjs.dll js::Interpret js/src/jsinterp.cpp:4215 12 mozjs.dll UncachedInlineCall js/src/methodjit/InvokeHelpers.cpp:393 13 mozjs.dll js::mjit::stubs::UncachedCallHelper js/src/methodjit/InvokeHelpers.cpp:469 14 mozjs.dll js::mjit::stubs::UncachedCall js/src/methodjit/InvokeHelpers.cpp:431 15 @0x5d32ee1 16 mozjs.dll js::Invoke js/src/jsinterp.cpp:740 17 mozjs.dll js::ExternalInvoke js/src/jsinterp.cpp:863 18 mozjs.dll JS_CallFunctionValue js/src/jsapi.cpp:5173 19 xul.dll nsXPCWrappedJSClass::CallMethod js/src/xpconnect/src/xpcwrappedjsclass.cpp:1672 20 xul.dll nsXPCWrappedJS::CallMethod js/src/xpconnect/src/xpcwrappedjs.cpp:588 21 xul.dll xpc_UnmarkGrayObject js/src/xpconnect/src/xpcpublic.h:165 22 xul.dll SharedStub xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:141 23 xul.dll jsds_ExecutionHookProc js/jsd/jsd_xpc.cpp:697
Assignee | ||
Comment 1•14 years ago
|
||
The crash is under jsd_GetValueString, so I took a look and I think I found something that could cause this crash: Say string == NULL, then we will have called JS_LeaveCrossCompartmentCall(call), but, since 'call' is still non-null, the subsequent code will call JS_LeaveCrossCompartmentCall again on 'call'.
Attachment #523023 -
Flags: review?
Assignee | ||
Updated•14 years ago
|
Attachment #523023 -
Flags: review? → review?(sphink)
Updated•14 years ago
|
Attachment #523023 -
Flags: review?(sphink) → review+
Assignee: general → sphink
Component: JavaScript Engine → JavaScript Debugging/Profiling APIs
QA Contact: general → jsd
this bug makes using venkman pretty much impossible
Keywords: checkin-needed
Assignee | ||
Comment 4•14 years ago
|
||
Do you need on mozilla-central or is tracemonkey good enough?
Comment 5•14 years ago
|
||
I'd like whatever will get it fixed fastest in Gecko 2.0.x ;-)
Assignee | ||
Comment 6•14 years ago
|
||
In that case, I'll need to request approval to land on mozilla-2.0.
blocking2.0: --- → ?
Assignee | ||
Comment 7•14 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/a538db9ab619 (Still waiting on 2.0 approval to land on mozilla-2.0)
Assignee | ||
Updated•14 years ago
|
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Updated•14 years ago
|
Attachment #523023 -
Flags: approval2.0?
Updated•14 years ago
|
Keywords: checkin-needed
Comment 8•14 years ago
|
||
can someone test a mozilla-central nightly and see if it appears to fix this crash?
Keywords: testcase-wanted
Comment 9•14 years ago
|
||
(In reply to comment #8) > can someone test a mozilla-central nightly and see if it appears to fix this > crash? It fixed bug 645651 for me, which got resolved duplicate of this bug.
Comment 10•14 years ago
|
||
Comment on attachment 523023 [details] [diff] [review] fix a bug in jsd_val.c, maybe this bug Approved for the mozilla2.0 repository, a=dveditz
Attachment #523023 -
Flags: approval2.0? → approval2.0+
Updated•14 years ago
|
blocking2.0: ? → Macaw+
Updated•14 years ago
|
Crash Signature: [@ JSContext::popSegmentAndFrame]
Updated•13 years ago
|
Component: JavaScript Debugging/Profiling APIs → JavaScript Engine
Updated•9 years ago
|
Keywords: testcase-wanted
You need to log in
before you can comment on or make changes to this bug.
Description
•