Closed
Bug 752262
Opened 12 years ago
Closed 12 years ago
cross_fuzz_v3 crash NULL_CLASS_PTR_DEREFERENCE_c0000005_xul.dll!xpc::WrapperFactory::PrepareForWrapping
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: geeknik, Unassigned)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
|
127.62 KB,
text/plain
|
Details |
While running cross_fuzz_randomized_20110105_seed.html#1337 locally, Firefox 15a1 x64 (Built from http://hg.mozilla.org/mozilla-central/rev/0a48e6561534), Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:15.0) Gecko/15.0 Firefox/15.0a1, crashes within 2-3 minutes. There is no crash reporter popup, Firefox simply vanishes. I've attached a complete WinDBG log file. FAULTING_IP: xul!xpc::WrapperFactory::PrepareForWrapping+25d [e:\builds\moz2_slave\m-cen-w64-ntly\build\js\xpconnect\wrappers\wrapperfactory.cpp @ 234] 000007fe`e093001d 4d8b5d08 mov r11,qword ptr [r13+8] EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 000007fee093001d (xul!xpc::WrapperFactory::PrepareForWrapping+0x000000000000025d) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000008 Attempt to read from address 0000000000000008 FAULTING_THREAD: 000000000000103c PROCESS_NAME: firefox.exe ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: 0000000000000008 READ_ADDRESS: 0000000000000008 FOLLOWUP_IP: xul!xpc::WrapperFactory::PrepareForWrapping+25d [e:\builds\moz2_slave\m-cen-w64-ntly\build\js\xpconnect\wrappers\wrapperfactory.cpp @ 234] 000007fe`e093001d 4d8b5d08 mov r11,qword ptr [r13+8] NTGLOBALFLAG: 70 APPLICATION_VERIFIER_FLAGS: 0 BUGCHECK_STR: APPLICATION_FAULT_NULL_CLASS_PTR_DEREFERENCE_INVALID_POINTER_READ PRIMARY_PROBLEM_CLASS: NULL_CLASS_PTR_DEREFERENCE DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE LAST_CONTROL_TRANSFER: from 000007fee0baa09b to 000007fee093001d
|
||
Comment 1•12 years ago
|
||
Probably a dupe of bug 752164.
Crash Signature: [@ xpc::WrapperFactory::PrepareForWrapping(JSContext*, JSObject*, JSObject*, unsigned int)]
Component: General → XPConnect
Product: Firefox → Core
QA Contact: general → xpconnect
|
|
||
Updated•12 years ago
|
|
||
Comment 2•12 years ago
|
||
(In reply to Scoobidiver from comment #1) > Probably a dupe of bug 752164. Actually, bug 752309 is where we are tracking this one.
|
|
||
Comment 3•12 years ago
|
||
Brian, does it work for you?
|
Reporter | |
Comment 4•12 years ago
|
||
No longer crashes here.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
|
|
||
Updated•12 years ago
|
Resolution: FIXED → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•