Closed
Bug 732897
Opened 11 years ago
Closed 6 months ago
64-bit crash @ MakeDay
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: scoobidiver, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: 64bit, crash, Whiteboard: qa-not-actionable)
Crash Data
It's a residual crash but it jumped from around 5 crashes/build to around 10 crashes/build around 13.0a1/20120225. The regression range for the spike might be: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=cd120efbe4c6&tochange=ce20e9b47e9c There are two kinds of stack: Frame Module Signature [Expand] Source 0 xul.dll MakeDay js/src/jsdate.cpp:376 1 xul.dll date_msecFromDate js/src/jsdate.cpp:589 2 xul.dll date_parseString js/src/jsdate.cpp:1166 3 xul.dll date_parse js/src/jsdate.cpp:1201 4 xul.dll js::InvokeKernel js/src/jsinterp.cpp:499 5 xul.dll js::types::TypeMonitorResult js/src/jsinfer.cpp:5151 6 xul.dll js::Interpret js/src/jsinterp.cpp:2699 ... Frame Module Signature [Expand] Source 0 xul.dll MakeDay js/src/jsdate.cpp:375 1 xul.dll JSObject::nativeLookup js/src/jsobj.cpp:3989 2 xul.dll js::ContextStack::currentScript js/src/vm/Stack-inl.h:620 3 xul.dll date_msecFromArgs js/src/jsdate.cpp:629 4 xul.dll js_Date js/src/jsdate.cpp:2623 5 xul.dll js::InvokeConstructorKernel js/src/jsinterp.cpp:572 6 xul.dll js::Interpret js/src/jsinterp.cpp:2691 ... More reports at: https://crash-stats.mozilla.com/report/list?signature=MakeDay
|
Reporter | |
Comment 1•11 years ago
|
||
It has slightly increased since May 3rd.
Here are interesting correlations:
MakeDay|EXCEPTION_ACCESS_VIOLATION_READ (46 crashes)
98% (45/46) vs. 6% (120/1975) dxva2.dll
74% (34/46) vs. 6% (127/1975) NPSWF64_11_2_202_233.dll|
|
Reporter | |
Comment 2•11 years ago
|
||
It's #2 top crasher in 15.0a1 over the last day. There's no need to track for 15.0 as it's only with 64-bit build.
Keywords: topcrash
|
||
Comment 3•11 years ago
|
||
In the `MakeDay` function [1], we do this: `month = fmod(month, 12.0);` [...] `monthday = DayFromMonth(month, leap);` `DayFromMonth` [2] is defined like so: #define DayFromMonth(m, leap) firstDayOfMonth[leap][(int)m] `firstDayOfMonth` [3] is a `double[2][13]` In stepping through the code, I've noticed that calling `fmod(4.0, 12.0)` is producing a value of `-1.#IND`. This doesn't happen consistently (in my testing it happens the second time `fmod` is called with those arguments), and it appears to be a bug in MSVC [4]. If the build bots are using VC++ 2005, then applying the hotfix might fix this issue. However, I'm building with MSVC11 and this issue has cropped up with my local builds. [1] https://mxr.mozilla.org/mozilla-central/source/js/src/jsdate.cpp?rev=fb914b623fa7#326 [2] https://mxr.mozilla.org/mozilla-central/source/js/src/jsdate.cpp?rev=fb914b623fa7#227 [3] https://mxr.mozilla.org/mozilla-central/source/js/src/jsdate.cpp?rev=fb914b623fa7#218 [4] http://support.microsoft.com/kb/957229
|
|
Reporter | |
Comment 4•11 years ago
|
||
There are only 3 crashes in the trunk over the last 4 weeks.
Keywords: topcrash
|
Assignee | |
Updated•9 years ago
|
Assignee: general → nobody
|
||
Updated•2 years ago
|
Whiteboard: qa-not-actionable
|
||
Updated•2 years ago
|
Blocks: sm-defects-crashes
|
||
Comment 6•6 months ago
|
||
Since the crash volume is low (less than 5 per week), the severity is downgraded to S3. Feel free to change it back if you think the bug is still critical.
For more information, please visit auto_nag documentation.
Severity: critical → S3
|
||
Comment 7•6 months ago
|
||
Bug is too old to be still actionable in any way.
Status: NEW → RESOLVED
Closed: 6 months ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•