Closed Bug 795685 Opened 12 years ago Closed 12 years ago

Crash [@ JS_NewStringCopyZ] with xpcshell

Categories

(Core :: XPConnect, defect)

x86_64
macOS
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 751387

People

(Reporter: gkw, Unassigned)

References

Details

(Keywords: crash, regression, testcase, Whiteboard: [fuzzblocker])

Crash Data

Attachments

(1 file)

Attached file stack
./xpcshell "-e "

crashes xpcshell on m-c changeset dc715e98e581 at JS_NewStringCopyZ.

Bug 688891 last touched the line js/src/jsapi.cpp:5992, but I'm not sure if that's the real cause, assuming until otherwise proven.

Since 0x732f73726573552f is being accessed, assuming s-s. Please feel free to open up if this is not the case.
Whiteboard: [fuzzblocker]
I think this is a dup of bug 751387.  Why is this marked as [fuzzblocker]?
(In reply to Jesse Ruderman from comment #1)
> I think this is a dup of bug 751387.  Why is this marked as [fuzzblocker]?

I was trying a combination of hooking this up to the fuzzer and running Valgrind with xpcshell, or something like that when I hit this.
As long as you pass in something (e.g. -e 42) you shouldn't hit this crash.
Assignee: general → nobody
Component: JavaScript Engine → XPConnect
QA Contact: general
Group: core-security
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: