Last Comment Bug 702904 - Crash in JSC::Yarr::Interpreter::allocDisjunctionContext
: Crash in JSC::Yarr::Interpreter::allocDisjunctionContext
Status: RESOLVED FIXED
: crash, regression
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: 10 Branch
: x86 Windows 7
: -- critical (vote)
: mozilla10
Assigned To: general
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-16 01:41 PST by Scoobidiver (away)
Modified: 2011-11-22 01:23 PST (History)
1 user (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Scoobidiver (away) 2011-11-16 01:41:38 PST
It's #15 top crasher in 10.0a2 and #16 in 11.0a1.

Stack traces look like:
Frame 	Module 	Signature [Expand] 	Source
0 	mozjs.dll 	JSC::Yarr::Interpreter::allocDisjunctionContext 	js/src/yarr/YarrInterpreter.cpp:114
1 	mozjs.dll 	JSC::Yarr::Interpreter::interpret 	js/src/yarr/YarrInterpreter.cpp:1398
2 	mozjs.dll 	JSC::Yarr::interpret 	js/src/yarr/YarrInterpreter.cpp:1900
3 	mozjs.dll 	js::RegExpPrivateCode::execute 	js/src/vm/RegExpObject-inl.h:350
4 	mozjs.dll 	js::RegExpPrivate::execute 	js/src/vm/RegExpObject.cpp:212
5 	mozjs.dll 	ExecuteRegExpImpl<js::RegExpPrivate> 	js/src/builtin/RegExp.cpp:135
6 	mozjs.dll 	ExecuteRegExp 	js/src/builtin/RegExp.cpp:565
7 	mozjs.dll 	js::regexp_exec 	js/src/builtin/RegExp.cpp:584
8 	mozjs.dll 	js::InvokeKernel 	js/src/jsinterp.cpp:629
9 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:3948
10 	mozjs.dll 	js::RunScript 	js/src/jsinterp.cpp:584
11 	mozjs.dll 	js::InvokeKernel 	js/src/jsinterp.cpp:647
12 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:679
13 	mozjs.dll 	JS_CallFunctionValue 	js/src/jsapi.cpp:5199
14 	xul.dll 	nsJSContext::CallEventHandler 	dom/base/nsJSEnvironment.cpp:1937
15 	xul.dll 	nsGlobalWindow::RunTimeout 	dom/base/nsGlobalWindow.cpp:9307
16 	xul.dll 	nsGlobalWindow::TimerCallback 	dom/base/nsGlobalWindow.cpp:9747
17 	xul.dll 	nsTimerImpl::Fire 	xpcom/threads/nsTimerImpl.cpp:425
18 	xul.dll 	nsTimerEvent::Run 	xpcom/threads/nsTimerImpl.cpp:521
19 	xul.dll 	nsThread::ProcessNextEvent 	xpcom/threads/nsThread.cpp:631
20 	xul.dll 	mozilla::ipc::MessagePump::Run 	ipc/glue/MessagePump.cpp:110
...

More reports at:
https://crash-stats.mozilla.com/report/list?signature=JSC%3A%3AYarr%3A%3AInterpreter%3A%3AallocDisjunctionContext%28JSC%3A%3AYarr%3A%3AByteDisjunction*%29
Comment 1 Scoobidiver (away) 2011-11-16 10:48:53 PST
There have been no crashes in 11.0a1/20111115 and above.
Comment 2 Sheila Mooney 2011-11-21 22:04:05 PST
Looks like it's gone on 10.0a2 since 20111116042011. Fixed by backout of bug 702426.

Note You need to log in before you can comment on or make changes to this bug.