Closed
Bug 795675
Opened 12 years ago
Closed 11 years ago
crash in JSC::Yarr::interpret mainly on JB
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
WORKSFORME
| Tracking | Status | |
|---|---|---|
| firefox18 | --- | affected |
| firefox19 | --- | affected |
| firefox20 | --- | unaffected |
People
(Reporter: scoobidiver, Unassigned)
Details
(Keywords: crash, topcrash, Whiteboard: [native-crash][startupcrash][js:p3])
Crash Data
It's similar to bug 763864 but this one happens on JB at startup. It's #19 top crasher in 16.0b5. Signature JSC::Yarr::interpret More Reports Search UUID 3cf1ddba-3db8-4c55-8d41-5aea82120930 Date Processed 2012-09-30 01:25:38 Uptime 7 Last Crash 1.5 weeks before submission Install Age 1.5 days since version was first installed. Install Time 2012-09-28 14:35:52 Product FennecAndroid Version 16.0 Build ID 20120925201147 Release Channel beta OS Linux OS Version 0.0.0 Linux 3.1.10-g52027f9 #1 SMP PREEMPT Thu Jun 28 16:19:26 PDT 2012 armv7l Build Architecture arm Build Architecture Info Crash Reason SIGSEGV Crash Address 0x0 App Notes AdapterDescription: 'NVIDIA Corporation -- NVIDIA Tegra 3 -- OpenGL ES 2.0 14.01002 -- Model: Nexus 7, Product: nakasi, Manufacturer: asus, Hardware: grouper' asus Nexus 7 google/nakasi/grouper:4.1.1/JRO03D/402395:user/release-keys Processor Notes This dump is too long and has triggered the automatic truncation routine EMCheckCompatibility True Adapter Vendor ID NVIDIA Corporation Adapter Device ID NVIDIA Tegra 3 Device asus Nexus 7 Android API Version 16 (REL) Android CPU ABI armeabi-v7a Frame Module Signature Source 0 libxul.so JSC::Yarr::interpret js/src/yarr/YarrInterpreter.cpp:93 1 libxul.so js::RegExpShared::execute js/src/vm/RegExpObject.cpp:224 2 libxul.so js::ExecuteRegExp js/src/builtin/RegExp.cpp:109 3 libxul.so DoMatch js/src/jsstr.cpp:1539 4 libxul.so js::str_replace js/src/jsstr.cpp:2106 5 libxul.so js::InvokeKernel js/src/jscntxtinlines.h:382 6 libxul.so js::Interpret js/src/jsinterp.cpp:2442 7 libxul.so js::RunScript js/src/jsinterp.cpp:301 8 libxul.so js::Invoke js/src/jsinterp.cpp:355 9 libxul.so js::IndirectProxyHandler::call js/src/jsproxy.cpp:442 10 libxul.so js::DirectWrapper::call js/src/jswrapper.cpp:295 11 libxul.so js::CrossCompartmentWrapper::call js/src/jswrapper.cpp:689 12 libxul.so proxy_Call js/src/jsproxy.cpp:1143 13 libxul.so js::Invoke js/src/jscntxtinlines.h:382 14 libxul.so JS_CallFunctionValue js/src/jsapi.cpp:5604 15 libxul.so nsXPCWrappedJSClass::CallMethod js/xpconnect/src/XPCWrappedJSClass.cpp:1436 16 libxul.so nsXPCWrappedJS::CallMethod js/xpconnect/src/XPCWrappedJS.cpp:580 17 libxul.so PrepareAndDispatch xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp:105 18 libxul.so libxul.so@0xaa64db 19 libxul.so nsEventListenerManager::HandleEventSubType content/events/src/nsEventListenerManager.cpp:820 ... More reports at: https://crash-stats.mozilla.com/report/list?signature=JSC%3A%3AYarr%3A%3Ainterpret
|
Reporter | |
Comment 1•12 years ago
|
||
From 19.0a1/20121009, every crash signatures on Linux have a Windows look. For this bug, more reports at: https://crash-stats.mozilla.com/report/list?signature=JSC%3A%3AYarr%3A%3Ainterpret%28JSC%3A%3AYarr%3A%3ABytecodePattern*%2C+unsigned+short+const*%2C+unsigned+int%2C+unsigned+int%2C+int*%29
Crash Signature: [@ JSC::Yarr::interpret] → [@ JSC::Yarr::interpret]
[@ JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, unsigned short const*, unsigned int, unsigned int, int*)]
|
|
Reporter | |
Updated•12 years ago
|
Summary: crash in JSC::Yarr::interpret on JB → crash in JSC::Yarr::interpret mainly on JB
I see this fairly often in my automated benchmark suite running on a N7; I can probably reproduce it in a reasonable amount of time if that's helpful. I also see this other crash: https://crash-stats.mozilla.com/report/index/c45a78aa-5678-4939-ba9a-6bd762121106 at roughly similar frequency and at the same spot; so it could be that this isn't necessarily a JSC::Yarr problem, but maybe just memory corruption?
|
|
Reporter | |
Updated•12 years ago
|
Crash Signature: [@ JSC::Yarr::interpret]
[@ JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, unsigned short const*, unsigned int, unsigned int, int*)] → [@ JSC::Yarr::interpret]
[@ JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, unsigned short const*, unsigned int, unsigned int, int*)]
[@ JSC::Yarr::interpret(JSC::Yarr::BytecodePattern*, unsigned short const*, unsigned int, unsigned int unsigned int*)]
|
||
Comment 3•12 years ago
|
||
Without STR not much we can do other than watch this. It has gone quiet since 11/19. Worth noting that we updated our jsc::yarr in fx19. If :vladv is seeing crashes from bugs would be curious if they get addressed.
Whiteboard: [native-crash][startupcrash] → [native-crash][startupcrash][js:p3]
|
|
Reporter | |
Comment 4•12 years ago
|
||
It's #23 to crasher in 17.0, #20 in 18.0b2, and #29 in 19.0a2, so pretty stable in ranking.
|
|
Reporter | |
Comment 5•11 years ago
|
||
It's #7 top crasher in 18.0 and #17 in 19.0a2.
status-firefox18:
--- → affected
status-firefox19:
--- → affected
Keywords: topcrash
Version: 16 Branch → 18 Branch
QA Wanted to try to get STRs per comment 3. Vlad can you try to get some STRs please? URLs listed: 38 about:blank 22 about:home 1 http://www.wicount.co.za/ActiveDeals?utm_source=Wicount+South+Africa&utm_campaig 1 https://fbcdn-sphotos-b-a.akamaihd.net/hphotos-ak-prn1/535791_569340773077336_17 1 http://ca.blackberry.com/smartphones/blackberry-z10/buy.html?CPID=CRM_E_CNA_01_C 1 http://www.exquisitequeens.com/ 1 http://t.co/jykH3fEH 1 http://zh.wikipedia.org/zh/%E9%AB%98%E6%96%AF%E5%AE%9A%E5%BE%8B 1 https://www.google.com/search?q=famke+janssen+muriel+quotes+pray&oq=famke+jansse 1 file:///storage/sdcard0/Download/%D1%82%D0%B5%D1%85%D0%BE%D0%B1%D1%81%D0%BB%D1%8 1 http://v-cdn-r.xshare.com/mp4-mobile/babygotboobs_810.mp4?nva=20130202042844&nvb 1 http://theoatmeal.com/comics/house 1 http://192.168.100.1:5280/?redirect=http%3A//www.asus.com/ 1 http://m.scmp.com//business?utm_source=edm&utm_medium=edm&utm_content=20130205&u 1 file:///storage/sdcard0/Download/Settings.aspx 1 http://windows.appstorm.net/ 1 http://www.linkedin.com/profile/view?trk=eml-comm_invm-b-pro_txt-inv28&authType= 1 http://ventura.craigslist.org/search/?areaID=208&subAreaID=&query=wood+door&catA 1 https://play.google.com/store/apps/details?id=net.eworldui.videouploader.adfree 1 http://www.mandatory.com/2012/09/11/funny-photo-hall-of-fame/2 1 http://www.hwupgrade.it/news/telefonia/il-futuro-degli-os-mobile-alternativi-a-i 1 https://play.google.com/store/apps/details?id=org.mozilla.firefox&rdid=org.mozil 1 http://en.m.wikipedia.org/wiki/Cefdinir 1 http://maliactu.net/incroyable-mais-vrai-une-partie-de-la-region-de-kidal-vendue 1 https://nbillpay.verizonwireless.com/vzw/accountholder/unbilledusage/UnbilledMes 1 http://m.facebook.com/home.php?ref=bookmark&__user=100001839823598 1 http://m.youtube.com/watch?v=iDqcnypFEBk&desktop_uri=%2Fwatch%3Fv%3DiDqcnypFEBk 1 http://m.yahoo.com/w/ygo-mail/forward.bp?f=Inbox&m=2_0_0_1_9639119_AI7TimIAALQ8U 1 https://www.facebook.com/
Flags: needinfo?(vladimir)
Keywords: qawanted
|
||
Comment 7•11 years ago
|
||
I loaded all the urls from crash stats directly. No crashes were found.
Flags: needinfo?(vladimir)
Keywords: qawanted
|
|
Reporter | |
Comment 8•11 years ago
|
||
There are no crashes in 20.0 and above.
Status: NEW → RESOLVED
Closed: 11 years ago
status-firefox20:
--- → unaffected
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•