Closed Bug 821762 Opened 13 years ago Closed 13 years ago

crash in js::GCMarker::sizeOfExcludingThis @ js::CompartmentsIter::CompartmentsIter

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Version:
20 Branch
Platform:
All
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 821493
Milestone:
mozilla20
Tracking Flags:
Tracking Status
firefox20 --- affected

People

(Reporter: scoobidiver, Unassigned)

References

Details

(Keywords: crash, regression, topcrash, Whiteboard: [native-crash][startupcrash])

Crash Data

It first showed up in 20.0a1/20121214 and is #2 top crasher in this build. The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=edd45de440ba&tochange=b11065872128 It's likely a regression from bug 820422. Signature js::CompartmentsIter::CompartmentsIter(JSRuntime*) More Reports Search UUID 6b57e850-a035-4412-9faa-1d13e2121214 Date Processed 2012-12-14 17:11:42 Uptime 4 Last Crash 10.9 minutes before submission Install Age 11.8 minutes since version was first installed. Install Time 2012-12-14 16:59:27 Product Firefox Version 20.0a1 Build ID 20121214030827 Release Channel nightly OS Windows NT OS Version 6.1.7601 Service Pack 1 Build Architecture x86 Build Architecture Info GenuineIntel family 6 model 42 stepping 7 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x18 App Notes AdapterVendorID: 0x8086, AdapterDeviceID: 0x0116, AdapterSubsysID: 00000000, AdapterDriverVersion: 8.15.10.2622 D2D? D2D+ DWrite? DWrite+ D3D10 Layers? D3D10 Layers+ EMCheckCompatibility True Adapter Vendor ID 0x8086 Adapter Device ID 0x0116 Total Virtual Memory 4294836224 Available Virtual Memory 3728629760 System Memory Use Percentage 50 Available Page File 5265735680 Available Physical Memory 2074861568 Frame Module Signature Source 0 mozjs.dll js::CompartmentsIter::CompartmentsIter js/src/jscompartment.h:656 1 mozjs.dll js::GCMarker::sizeOfExcludingThis js/src/jsgc.cpp:1797 2 mozjs.dll JSRuntime::sizeOfIncludingThis js/src/jscntxt.cpp:132 3 mozjs.dll JS::CollectRuntimeStats js/src/jsmemorymetrics.cpp:296 4 xul.dll xpc::JSMemoryMultiReporter::CollectReports js/xpconnect/src/XPCJSRuntime.cpp:2202 5 xul.dll nsWindowMemoryReporter::CollectReports dom/base/nsWindowMemoryReporter.cpp:322 6 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:70 7 xul.dll XPC_WN_CallMethod js/xpconnect/src/XPCWrappedNativeJSOps.cpp:1488 8 mozjs.dll js::InvokeKernel js/src/jsinterp.cpp:389 9 mozjs.dll js::Interpret js/src/jsinterp.cpp:2348 10 mozjs.dll js::ion::CanEnter js/src/ion/Ion.cpp:1436 11 mozjs.dll js::RunScript js/src/jsinterp.cpp:338 12 mozjs.dll js::InvokeKernel js/src/jsinterp.cpp:404 13 mozjs.dll js::Invoke js/src/jsinterp.cpp:437 14 mozjs.dll JS_CallFunctionValue js/src/jsapi.cpp:5792 15 xul.dll mozilla::dom::EventHandlerNonNull::Call obj-firefox/dom/bindings/EventHandlerBinding.cpp:46 16 xul.dll mozilla::dom::EventHandlerNonNull::Call<nsISupports*> obj-firefox/dist/include/mozilla/dom/EventHandlerBinding.h:59 17 xul.dll nsJSEventListener::HandleEvent dom/src/events/nsJSEventListener.cpp:249 18 xul.dll nsEventListenerManager::HandleEventInternal content/events/src/nsEventListenerManager.cpp:994 19 xul.dll nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventDispatcher.cpp:316 ... More reports at: https://crash-stats.mozilla.com/report/list?signature=js%3A%3ACompartmentsIter%3A%3ACompartmentsIter%28JSRuntime*%29
No crash using latest hourly build cset: https://hg.mozilla.org/mozilla-central/rev/c8a1314aa449 STR: open about:memory in tab, pin tab Close/restart browser crashes , confirmed crash using hourly build cset: https://hg.mozilla.org/mozilla-central/rev/bb2f453b7c0f No crash in cset: c8a1314aa449 I have not looked at the patched in the above cset to attempt a guess as to why its not crashing with that build.
Status: NEW → RESOLVED
Closed: 13 years ago
status-firefox20: affectedfixed
Depends on: 773911
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
The chance of bug 773911 actually fixing this is pretty damn low.... It should not have changed behavior at all.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Crash Signature: [@ js::CompartmentsIter::CompartmentsIter(JSRuntime*)] → [@ js::CompartmentsIter::CompartmentsIter(JSRuntime*)] [@ js::GCMarker::sizeOfExcludingThis(unsigned long (*)(void const*)) const] [@ js::GCMarker::sizeOfExcludingThis(unsigned int (*)(void const*)) const]
status-firefox20: fixedaffected
No longer depends on: 773911
Summary: crash in js::CompartmentsIter::CompartmentsIter → crash in js::GCMarker::sizeOfExcludingThis @ js::CompartmentsIter::CompartmentsIter
Whiteboard: [startupcrash] → [native-crash][startupcrash]
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → DUPLICATE
Crash Signature: [@ js::CompartmentsIter::CompartmentsIter(JSRuntime*)] [@ js::GCMarker::sizeOfExcludingThis(unsigned long (*)(void const*)) const] [@ js::GCMarker::sizeOfExcludingThis(unsigned int (*)(void const*)) const] → [@ js::CompartmentsIter::CompartmentsIter(JSRuntime*) ] [@ js::GCMarker::sizeOfExcludingThis(unsigned long (*)(void const*)) const ] [@ js::GCMarker::sizeOfExcludingThis(unsigned int (*)(void const*)) const ]
You need to log in before you can comment on or make changes to this bug.