Closed Bug 685054 Opened 13 years ago Closed 13 years ago

CheckScript Talos crash

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: mccr8, Unassigned)

References

Details

philor found this: https://tbpl.mozilla.org/php/getParsedLog.php?id=6298625 0 XUL!CrashInJS [jsutil.cpp:915acb9f6d29 : 92 + 0x0] eip = 0x042ad4b3 esp = 0xbfffb370 ebp = 0x01631700 ebx = 0x0427864d esi = 0x00000000 edi = 0x00000020 eax = 0x00000000 ecx = 0x00000000 edx = 0x00000000 efl = 0x00210282 Found by: given as instruction pointer in context 1 XUL!js::CheckScript [jsscript.cpp:915acb9f6d29 : 302 + 0x1f] eip = 0x0427870d esp = 0xbfffb390 ebp = 0x01631700 ebx = 0x0427864d esi = 0x00000000 edi = 0x00000020 Found by: call frame info 2 XUL!js::gc::MarkChildren [jsgcmark.cpp:915acb9f6d29 : 828 + 0xf] eip = 0x04194c89 esp = 0xbfffb4e0 ebp = 0x01631700 ebx = 0x04194c6c esi = 0x016446e0 edi = 0x00000020 Found by: call frame info 3 XUL!js::GCMarker::markDelayedChildren [jsgc.cpp:915acb9f6d29 : 1603 + 0x17] eip = 0x0418bc5d esp = 0xbfffb520 ebp = 0x01645000 ebx = 0x0418bb6c esi = 0x016446e0 edi = 0x00000020 Found by: call frame info 4 XUL!js::GCMarker::drainMarkStack [jsgcmark.cpp:915acb9f6d29 : 1004 + 0x7] eip = 0x04197019 esp = 0xbfffb570 ebp = 0x00000000 ebx = 0x0419649f esi = 0xbfffb764 edi = 0x00000000 Found by: call frame info 5 XUL!XPCJSRuntime::TraceJS [jsgc.h:915acb9f6d29 : 1512 + 0x7] eip = 0x0399a43a esp = 0xbfffb620 ebp = 0xbfffb63c ebx = 0x00000000 esi = 0x00164690 edi = 0xbfffb764 Found by: call frame info 6 XUL!js::MarkRuntime [jsgc.cpp:915acb9f6d29 : 1886 + 0x15] eip = 0x04191886 esp = 0xbfffb660 ebp = 0x0465378b ebx = 0x00165770 esi = 0x00165770 edi = 0x1e67ccd0 Found by: call frame info 7 XUL!GCCycle [jsgc.cpp:915acb9f6d29 : 2264 + 0x7] eip = 0x04191fb2 esp = 0xbfffb720 ebp = 0xbfffb764 ebx = 0x04191bcf esi = 0x00164820 edi = 0x00164820 Found by: call frame info 8 XUL!js_GC [jsgc.cpp:915acb9f6d29 : 2731 + 0x1b] eip = 0x04192dc0 esp = 0xbfffb7f0 ebp = 0x00000001 ebx = 0x006e7000 esi = 0x0070a384 edi = 0x0b4f7660 Found by: call frame info 9 XUL!JS_GC [jsapi.cpp:915acb9f6d29 : 2607 + 0x17] eip = 0x0411411d esp = 0xbfffb890 ebp = 0xbfffba18 ebx = 0x041140d4
In IRC, philor said: "the only insider info I have is that it would have been while loading the page listed as being "next:" in the last line before the crash, so the talosized version of chemistry.about.com/chemistry.about.com/index.html"
should be chemistry.about.com/index.html not chemistry.about.com/chemistry.about.com/index.html
I guess this hasn't recurred, so I'll close it. Bug 673551 will give us better testing of markDelayedChildren.
Status: NEW → RESOLVED
Closed: 13 years ago
Depends on: 673551
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.