Closed
Bug 815704
Opened 12 years ago
Closed 7 years ago
crash in je_free | js::GCHelperThread
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: marcia, Unassigned)
Details
(Keywords: crash)
Crash Data
This bug was filed from the Socorro interface and is report bp-91281791-2adb-4e3c-9db4-10d452121127 . ============================================================= Seen while looking at crash-stats for FF 17. This currently sits at the #21 top crash and does not have a bug. High correlation to Yandex: je_free | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()|EXCEPTION_ACCESS_VIOLATION_READ (31 crashes) 61% (19/31) vs. 7% (651/9962) vb@yandex.ru 61% (19/31) vs. 7% (662/9962) yasearch@yandex.ru (Yandex.Bar, https://addons.mozilla.org/addon/3495) 16% (5/31) vs. 3% (267/9962) {37964A3C-4EE8-47b1-8321-34DE2C39BA4D} 10% (3/31) vs. 0% (43/9962) rambler_toolbar@rambler.ru (Rambler-Assistant for Firefox, https://addons.mozilla.org/addon/6360) 10% (3/31) vs. 1% (133/9962) {9AA46F4F-4DC7-4c06-97AF-5035170634FE} (ImTranslator, https://addons.mozilla.org/addon/2257) 6% (2/31) vs. 1% (55/9962) {0b38152b-1b20-484d-a11f-5e04a9b0661f} (Winamp Toolbar, https://addons.mozilla.org/addon/12174) 6% (2/31) vs. 1% (64/9962) {4933189D-C7F7-4C6E-834B-A29F087BFD23} 6% (2/31) vs. 1% (101/9962) {B100D0FF-0001-8CE4-2790-AACE49B8AE35} Link to crashes: https://crash-stats.mozilla.com/report/list?signature=je_free%20|%20js::GCHelperThread::freeElementsAndArray%28void**,%20void**%29%20|%20js::GCHelperThread::doSweep%28%29 Frame Module Signature Source 0 mozglue.dll je_free memory/mozjemalloc/jemalloc.c:6565 1 mozjs.dll js::GCHelperThread::freeElementsAndArray js/src/jsgc.h:636 2 mozjs.dll js::GCHelperThread::doSweep js/src/jsgc.cpp:3118 3 mozjs.dll js::GCHelperThread::threadLoop js/src/jsgc.cpp:2959 4 mozjs.dll js::GCHelperThread::threadMain js/src/jsgc.cpp:2938 5 nspr4.dll _PR_NativeRunThread nsprpub/pr/src/threads/combined/pruthr.c:395 6 nspr4.dll pr_root nsprpub/pr/src/md/windows/w95thred.c:90 7 msvcr100.dll _callthreadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:314 8 msvcr100.dll _threadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:292 9 kernel32.dll BaseThreadStart
|
||
Updated•12 years ago
|
Assignee: nobody → general
Component: Extension Compatibility → JavaScript Engine
Keywords: topcrash
OS: Windows NT → Windows XP
Product: Firefox → Core
|
|
||
Comment 1•11 years ago
|
||
It's #124 browser crasher in 18.0.1, #52 in 19.0b4, #188 in 20.0a2, and #110 in 21.0a1, so no longer a top crasher. It's also no longer correlated to Yandex.
Crash Signature: [@ je_free | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()] → [@ je_free | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()]
[@ je_free | arena_dalloc_large | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()]
Keywords: topcrash
Hardware: x86 → All
Summary: crash in je_free | js::GCHelperThread (Correlation to Yandex) → crash in je_free | js::GCHelperThread
|
|
||
Updated•11 years ago
|
Crash Signature: [@ je_free | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()]
[@ je_free | arena_dalloc_large | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()] → [@ je_free | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()]
[@ RtlEnterCriticalSection | je_free | js::GCHelperThread::freeElementsAndArray(void** void**) | js::GCHelperThread::doSweep() ]
[@ moz_abort | je_fre…
Version: 17 Branch → Trunk
|
Assignee | |
Updated•10 years ago
|
Assignee: general → nobody
|
||
Updated•9 years ago
|
Crash Signature: , void**) | js::GCHelperThread::doSweep() ]
[@ je_free | arena_dalloc_large | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()] → , void**) | js::GCHelperThread::doSweep() ]
[@ je_free | arena_dalloc_large | js::GCHelperThread::freeElementsAndArray(void**, void**) | js::GCHelperThread::doSweep()]
[@ je_free | js::GCHelperThread::freeElementsAndArray | js::GCHelperThread::doSweep]
…
|
||
Comment 2•7 years ago
|
||
I'm marking this bug as WORKSFORME as bug crashlog signature didn't appear from a long time (over half year) in Firefox (except some obsolete Fx <24, no crashes starting since Fx 24).
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•