Closed Bug 944247 Opened 11 years ago Closed 11 years ago

Crash in JS::Zone *zone = arenaHeader()->zone;

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 942421

People

(Reporter: hub, Unassigned)

References

Details

I have a crash on inbound.

Program received signal SIGSEGV, Segmentation fault.
tenuredZone (this=<optimized out>) at /home/hub/source/mozilla/src/js/src/gc/Heap.h:1030
1030	    JS::Zone *zone = arenaHeader()->zone;
Missing separate debuginfos, use: debuginfo-install ORBit2-2.14.19-8.fc19.x86_64 adwaita-gtk2-theme-3.8.4-1.fc19.x86_64 avahi-glib-0.6.31-11.fc19.x86_64 avahi-libs-0.6.31-11.fc19.x86_64 dconf-0.16.0-2.fc19.x86_64 expat-2.1.0-5.fc19.x86_64 glib-networking-2.36.2-1.fc19.x86_64 gmp-5.1.1-2.fc19.x86_64 gnome-vfs2-2.24.4-12.fc19.x86_64 gnutls-3.1.15-1.fc19.x86_64 gvfs-1.16.3-2.fc19.x86_64 harfbuzz-0.9.19-1.fc19.x86_64 keyutils-libs-1.5.6-1.fc19.x86_64 krb5-libs-1.11.3-10.fc19.x86_64 libXau-1.0.8-1.fc19.x86_64 libXcursor-1.1.14-1.fc19.x86_64 libXi-1.7.2-1.fc19.x86_64 libXinerama-1.1.3-1.fc19.x86_64 libXrandr-1.4.1-1.fc19.x86_64 libXrender-0.9.7-6.20130524git786f78fd8.fc19.x86_64 libXt-1.1.4-5.fc19.x86_64 libXxf86vm-1.1.3-1.fc19.x86_64 libart_lgpl-2.3.21-7.fc19.x86_64 libbluray-0.2.3-2.fc19.x86_64 libbonobo-2.32.1-5.fc19.x86_64 libbonoboui-2.24.5-5.fc19.x86_64 libcom_err-1.42.7-2.fc19.x86_64 libgcrypt-1.5.3-2.fc19.x86_64 libgnome-2.32.1-6.fc19.x86_64 libgnomecanvas-2.30.3-6.fc19.x86_64 libgnomeui-2.24.5-6.fc19.x86_64 libgpg-error-1.11-1.fc19.x86_64 libmodman-2.0.1-6.fc19.x86_64 libogg-1.3.0-5.fc19.x86_64 libproxy-0.4.11-6.fc19.x86_64 libselinux-2.1.13-15.fc19.x86_64 libtasn1-3.3-1.fc19.x86_64 libuuid-2.23.2-4.fc19.x86_64 libvorbis-1.3.3-4.fc19.x86_64 libwayland-client-1.2.0-1.fc19.x86_64 libwayland-server-1.2.0-1.fc19.x86_64 nettle-2.6-2.fc19.x86_64 nss-mdns-0.10-12.fc19.x86_64 openssl-libs-1.0.1e-30.fc19.x86_64 p11-kit-0.18.7-1.fc19.x86_64 pcre-8.32-7.fc19.x86_64 pixman-0.30.0-1.fc19.x86_64 popt-1.13-14.fc19.x86_64 systemd-libs-204-17.fc19.x86_64 xz-libs-5.1.2-4alpha.fc19.x86_64
(gdb) where
#0  tenuredZone (this=<optimized out>) at /home/hub/source/mozilla/src/js/src/gc/Heap.h:1030
#1  zone (this=<optimized out>) at /home/hub/source/mozilla/src/js/src/gc/Barrier.h:153
#2  MarkInternal<JSAtom> (trc=trc@entry=0x7fffe8986380, thingp=thingp@entry=0x7fffd906f778) at /home/hub/source/mozilla/src/js/src/gc/Marking.cpp:190
#3  0x00007ffff4aa8dee in Mark<JSAtom> (name=name@entry=0x7ffff50c27a5 "atom", thing=thing@entry=0x7fffd906f778, trc=trc@entry=0x7fffe8986380)
    at /home/hub/source/mozilla/src/js/src/gc/Marking.cpp:225
#4  js::gc::MarkString (trc=trc@entry=0x7fffe8986380, thing=thing@entry=0x7fffd906f778, name=name@entry=0x7ffff50c27a5 "atom") at /home/hub/source/mozilla/src/js/src/gc/Marking.cpp:387
#5  0x00007ffff4ca5951 in trace (trc=0x7fffe8986380, this=0x7fffd906f740) at /home/hub/source/mozilla/src/js/src/jsfun.cpp:523
#6  fun_trace (trc=0x7fffe8986380, obj=0x7fffd906f740) at /home/hub/source/mozilla/src/js/src/jsfun.cpp:541
#7  0x00007ffff4ab0ae3 in processMarkStackTop (budget=..., this=0x7fffe8986380) at /home/hub/source/mozilla/src/js/src/gc/Marking.cpp:1480
#8  js::GCMarker::drainMarkStack (this=this@entry=0x7fffe8986380, budget=...) at /home/hub/source/mozilla/src/js/src/gc/Marking.cpp:1533
#9  0x00007ffff4cd8494 in DrainMarkStack (phase=js::gcstats::PHASE_MARK, sliceBudget=..., rt=0x7fffe8986000) at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4050
#10 IncrementalCollectSlice (rt=rt@entry=0x7fffe8986000, budget=budget@entry=0, reason=reason@entry=JS::gcreason::ALLOC_TRIGGER, gckind=gckind@entry=js::GC_NORMAL)
    at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4612
#11 0x00007ffff4cd9de5 in GCCycle (rt=rt@entry=0x7fffe8986000, incremental=incremental@entry=true, budget=0, budget@entry=10000, gckind=gckind@entry=js::GC_NORMAL, 
    reason=reason@entry=JS::gcreason::ALLOC_TRIGGER) at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4776
#12 0x00007ffff4cda24d in Collect (rt=rt@entry=0x7fffe8986000, incremental=incremental@entry=true, budget=10000, gckind=gckind@entry=js::GC_NORMAL, reason=JS::gcreason::ALLOC_TRIGGER)
    at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4914
#13 0x00007ffff4ce8979 in Collect (reason=<optimized out>, gckind=js::GC_NORMAL, budget=<optimized out>, incremental=true, rt=0x7fffe8986000)
    at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4954
#14 js::GCSlice (rt=rt@entry=0x7ffff7d6bd00, gckind=gckind@entry=js::GC_NORMAL, reason=<optimized out>, millis=millis@entry=0) at /home/hub/source/mozilla/src/js/src/jsgc.cpp:4953
#15 0x00007ffff4c660a2 in js_InvokeOperationCallback (cx=0x7fffce0d36a8) at /home/hub/source/mozilla/src/js/src/jscntxt.cpp:1019
#16 0x00007ffff4da58ef in Interpret (cx=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:1650
#17 0x00007ffff4da7d48 in js::RunScript (cx=cx@entry=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:420
#18 0x00007ffff4da8008 in js::Invoke (cx=0x7ffff7d6bd00, args=..., construct=<optimized out>) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:482
#19 0x00007ffff4d9f158 in Interpret (cx=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:2505
#20 0x00007ffff4da7d48 in js::RunScript (cx=cx@entry=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:420
#21 0x00007ffff4da8008 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:482
#22 0x00007ffff4a83f5e in IntlInitialize (cx=cx@entry=0x7ffff7d6bd00, obj=..., obj@entry=..., initializer=..., locales=..., locales@entry=..., options=..., options@entry=...)
    at /home/hub/source/mozilla/src/js/src/builtin/Intl.cpp:415
#23 0x00007ffff4a84f3a in InitCollatorClass (global=..., Intl=..., cx=0x7ffff7d6bd00) at /home/hub/source/mozilla/src/js/src/builtin/Intl.cpp:706
#24 js_InitIntlClass (cx=cx@entry=0x7ffff7d6bd00, obj=..., obj@entry=...) at /home/hub/source/mozilla/src/js/src/builtin/Intl.cpp:2037
#25 0x00007ffff4d477c0 in js::GlobalObject::initStandardClasses (cx=cx@entry=0x7ffff7d6bd00, global=global@entry=...) at /home/hub/source/mozilla/src/js/src/vm/GlobalObject.cpp:489
#26 0x00007ffff4c5d54a in JS_InitStandardClasses (cx=0x7ffff7d6bd00, objArg=<optimized out>) at /home/hub/source/mozilla/src/js/src/jsapi.cpp:1157
#27 0x00007ffff3e1696a in XPCWrappedNative::WrapNewGlobal (nativeHelper=..., principal=principal@entry=0x7fffe89825f0, initStandardClasses=initStandardClasses@entry=true, aOptions=..., 
    wrappedGlobal=wrappedGlobal@entry=0x7fffffff7490) at /home/hub/source/mozilla/src/js/xpconnect/src/XPCWrappedNative.cpp:187
#28 0x00007ffff3e16bee in nsXPConnect::InitClassesWithNewWrappedGlobal (this=this@entry=0x7fffe8b3e650, aJSContext=0x7ffff7d6bd00, aCOMObj=aCOMObj@entry=0x7fffb8b49a00, 
    aPrincipal=aPrincipal@entry=0x7fffe89825f0, aFlags=aFlags@entry=1, aOptions=..., _retval=0x7fffb8b49a48) at /home/hub/source/mozilla/src/js/xpconnect/src/nsXPConnect.cpp:495
#29 0x00007ffff3fd0cc3 in nsFrameScriptExecutor::InitTabChildGlobalInternal (this=this@entry=0x7fffb8b49a48, aScope=aScope@entry=0x7fffb8b49a00, aID=...)
    at /home/hub/source/mozilla/src/content/base/src/nsFrameMessageManager.cpp:1476
#30 0x00007ffff3fe7cc0 in nsInProcessTabChildGlobal::InitTabChildGlobal (this=this@entry=0x7fffb8b49a00) at /home/hub/source/mozilla/src/content/base/src/nsInProcessTabChildGlobal.cpp:331
#31 0x00007ffff3fe7d03 in nsInProcessTabChildGlobal::Init (this=this@entry=0x7fffb8b49a00) at /home/hub/source/mozilla/src/content/base/src/nsInProcessTabChildGlobal.cpp:170
#32 0x00007ffff3fe7e48 in nsInProcessTabChildGlobal::LoadFrameScript (this=0x7fffb8b49a00, aURL=...) at /home/hub/source/mozilla/src/content/base/src/nsInProcessTabChildGlobal.cpp:359
#33 0x00007ffff3ff1807 in nsAsyncScriptLoad::Run (this=<optimized out>) at /home/hub/source/mozilla/src/content/base/src/nsInProcessTabChildGlobal.cpp:343
#34 0x00007ffff3f93c64 in nsContentUtils::RemoveScriptBlocker () at /home/hub/source/mozilla/src/content/base/src/nsContentUtils.cpp:4785
#35 0x00007ffff3f85b04 in nsDocument::EndUpdate (this=this@entry=0x7fffcf981000, aUpdateType=1) at /home/hub/source/mozilla/src/content/base/src/nsDocument.cpp:4501
#36 0x00007ffff4192916 in mozilla::dom::XULDocument::EndUpdate (this=0x7fffcf981000, aUpdateType=<optimized out>) at /home/hub/source/mozilla/src/content/xul/document/src/XULDocument.cpp:3351
#37 0x00007ffff3f87551 in mozAutoDocUpdate::~mozAutoDocUpdate (this=0x7fffffff78b0, __in_chrg=<optimized out>) at /home/hub/source/mozilla/src/content/base/src/mozAutoDocUpdate.h:38
#38 0x00007ffff3fecbfe in nsINode::ReplaceOrInsertBefore (this=this@entry=0x7fffc83448b0, aReplace=aReplace@entry=false, aNewChild=aNewChild@entry=0x7fffb8921bc0, 
    aRefChild=aRefChild@entry=0x0, aError=...) at /home/hub/source/mozilla/src/content/base/src/nsINode.cpp:1941
#39 0x00007ffff3c03a13 in InsertBefore (aError=..., aChild=0x0, aNode=..., this=0x7fffc83448b0) at ../../dist/include/nsINode.h:1536
#40 AppendChild (aError=..., aNode=..., this=0x7fffc83448b0) at ../../dist/include/nsINode.h:1540
#41 mozilla::dom::NodeBinding::appendChild (cx=0x7ffff7d6bd00, obj=..., self=0x7fffc83448b0, args=...)
    at /home/hub/source/mozilla/src/obj-x86_64-unknown-linux-gnu/dom/bindings/NodeBinding.cpp:592
#42 0x00007ffff3c02bcb in mozilla::dom::NodeBinding::genericMethod (cx=0x7ffff7d6bd00, argc=<optimized out>, vp=0x7fffe8af74a8)
    at /home/hub/source/mozilla/src/obj-x86_64-unknown-linux-gnu/dom/bindings/NodeBinding.cpp:1412
#43 0x00007ffff4da80c7 in CallJSNative (args=..., native=0x7ffff3c02abe <mozilla::dom::NodeBinding::genericMethod(JSContext*, unsigned int, JS::Value*)>, cx=0x7ffff7d6bd00)
    at /home/hub/source/mozilla/src/js/src/jscntxtinlines.h:220
#44 js::Invoke (cx=0x7ffff7d6bd00, args=..., construct=<optimized out>) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:463
#45 0x00007ffff4d9f158 in Interpret (cx=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:2505
#46 0x00007ffff4da7d48 in js::RunScript (cx=cx@entry=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:420
#47 0x00007ffff4da8008 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:482
#48 0x00007ffff4da84d6 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, thisv=..., fval=..., argc=<optimized out>, argv=<optimized out>, rval=...)
    at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:513
#49 0x00007ffff4ca5cad in js::DirectProxyHandler::call (this=this@entry=0x7ffff6c70cc0 <js::CrossCompartmentWrapper::singleton>, cx=cx@entry=0x7ffff7d6bd00, proxy=..., proxy@entry=..., 
    args=...) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:467
#50 0x00007ffff4d22fe2 in js::CrossCompartmentWrapper::call (this=0x7ffff6c70cc0 <js::CrossCompartmentWrapper::singleton>, cx=0x7ffff7d6bd00, wrapper=..., args=...)
    at /home/hub/source/mozilla/src/js/src/jswrapper.cpp:457
#51 0x00007ffff4ce7b59 in call (args=..., proxy=..., cx=0x7ffff7d6bd00) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:2658
#52 proxy_Call (cx=cx@entry=0x7ffff7d6bd00, argc=<optimized out>, vp=<optimized out>) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:3066
#53 0x00007ffff4da81d7 in CallJSNative (args=..., native=0x7ffff4ce7ab0 <proxy_Call(JSContext*, unsigned int, JS::Value*)>, cx=0x7ffff7d6bd00)
    at /home/hub/source/mozilla/src/js/src/jscntxtinlines.h:220
#54 js::Invoke (cx=0x7ffff7d6bd00, args=..., construct=<optimized out>) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:456
#55 0x00007ffff4d9f158 in Interpret (cx=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:2505
#56 0x00007ffff4da7d48 in js::RunScript (cx=cx@entry=0x7ffff7d6bd00, state=...) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:420
#57 0x00007ffff4da8008 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:482
#58 0x00007ffff4cd740f in js::CallOrConstructBoundFunction (cx=0x7ffff7d6bd00, argc=<optimized out>, vp=0x7fffffffa058) at /home/hub/source/mozilla/src/js/src/jsfun.cpp:1274
#59 0x00007ffff4da80c7 in CallJSNative (args=..., native=0x7ffff4cd71e0 <js::CallOrConstructBoundFunction(JSContext*, unsigned int, JS::Value*)>, cx=0x7ffff7d6bd00)
    at /home/hub/source/mozilla/src/js/src/jscntxtinlines.h:220
#60 js::Invoke (cx=cx@entry=0x7ffff7d6bd00, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:463
#61 0x00007ffff4da84d6 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, thisv=..., fval=..., argc=<optimized out>, argv=<optimized out>, rval=...)
    at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:513
#62 0x00007ffff4ca5cad in js::DirectProxyHandler::call (this=this@entry=0x7ffff6c70cc0 <js::CrossCompartmentWrapper::singleton>, cx=cx@entry=0x7ffff7d6bd00, proxy=..., proxy@entry=..., 
    args=...) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:467
#63 0x00007ffff4d22fe2 in js::CrossCompartmentWrapper::call (this=0x7ffff6c70cc0 <js::CrossCompartmentWrapper::singleton>, cx=0x7ffff7d6bd00, wrapper=..., args=...)
    at /home/hub/source/mozilla/src/js/src/jswrapper.cpp:457
#64 0x00007ffff4ce7b59 in call (args=..., proxy=..., cx=0x7ffff7d6bd00) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:2658
#65 proxy_Call (cx=cx@entry=0x7ffff7d6bd00, argc=<optimized out>, vp=<optimized out>) at /home/hub/source/mozilla/src/js/src/jsproxy.cpp:3066
#66 0x00007ffff4da81d7 in CallJSNative (args=..., native=0x7ffff4ce7ab0 <proxy_Call(JSContext*, unsigned int, JS::Value*)>, cx=0x7ffff7d6bd00)
    at /home/hub/source/mozilla/src/js/src/jscntxtinlines.h:220
#67 js::Invoke (cx=cx@entry=0x7ffff7d6bd00, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:456
#68 0x00007ffff4da84d6 in js::Invoke (cx=cx@entry=0x7ffff7d6bd00, thisv=..., fval=..., argc=<optimized out>, argv=<optimized out>, rval=...)
    at /home/hub/source/mozilla/src/js/src/vm/Interpreter.cpp:513
#69 0x00007ffff4c674c9 in JS_CallFunctionValue (cx=cx@entry=0x7ffff7d6bd00, objArg=<optimized out>, fval=..., argc=argc@entry=1, argv=<optimized out>, rval=rval@entry=0x7fffffffa720)
    at /home/hub/source/mozilla/src/js/src/jsapi.cpp:5015
#70 0x00007ffff3b38d21 in mozilla::dom::EventListener::HandleEvent (this=this@entry=0x7fffd1b0db40, cx=0x7ffff7d6bd00, aThisObj=..., aThisObj@entry=..., event=..., aRv=...)
    at /home/hub/source/mozilla/src/obj-x86_64-unknown-linux-gnu/dom/bindings/EventListenerBinding.cpp:42
#71 0x00007ffff4068fd8 in mozilla::dom::EventListener::HandleEvent<mozilla::dom::EventTarget*> (this=0x7fffd1b0db40, thisObj=@0x7fffffffa928: 0x7fffd83c7c00, event=..., aRv=..., 
    aExceptionHandling=aExceptionHandling@entry=mozilla::dom::CallbackObject::eReportExceptions) at ../../../dist/include/mozilla/dom/EventListenerBinding.h:51
#72 0x00007ffff4065e7e in nsEventListenerManager::HandleEventSubType (this=this@entry=0x7fffd1d67c50, aListenerStruct=<optimized out>, aListenerStruct@entry=0x7fffc97acc08, 
    aDOMEvent=0x7fffd057a880, aCurrentTarget=aCurrentTarget@entry=0x7fffd83c7c00, aPusher=aPusher@entry=0x7fffffffab68)
    at /home/hub/source/mozilla/src/content/events/src/nsEventListenerManager.cpp:931
#73 0x00007ffff4066116 in nsEventListenerManager::HandleEventInternal (this=0x7fffd1d67c50, aPresContext=<optimized out>, aEvent=0x7fffffffac50, aDOMEvent=aDOMEvent@entry=0x7fffffffab50, 
    aCurrentTarget=0x7fffd83c7c00, aEventStatus=aEventStatus@entry=0x7fffffffab58, aPusher=<optimized out>) at /home/hub/source/mozilla/src/content/events/src/nsEventListenerManager.cpp:1011
#74 0x00007ffff40691df in HandleEvent (aPusher=0x7fffffffab68, aEventStatus=0x7fffffffab58, aCurrentTarget=<optimized out>, aDOMEvent=0x7fffffffab50, aEvent=<optimized out>, 
    aPresContext=<optimized out>, this=<optimized out>) at /home/hub/source/mozilla/src/content/events/src/nsEventListenerManager.h:326
#75 nsEventTargetChainItem::HandleEvent (this=0x7fffe4231008, aVisitor=..., aCd=..., aPusher=0x7fffffffab68) at /home/hub/source/mozilla/src/content/events/src/nsEventDispatcher.cpp:197
#76 0x00007ffff4066392 in nsEventTargetChainItem::HandleEventTargetChain (aChain=..., aVisitor=..., aCallback=aCallback@entry=0x0, aCd=..., aPusher=aPusher@entry=0x7fffffffab68)
    at /home/hub/source/mozilla/src/content/events/src/nsEventDispatcher.cpp:292
#77 0x00007ffff40675ce in nsEventDispatcher::Dispatch (aTarget=<optimized out>, aPresContext=<optimized out>, aEvent=aEvent@entry=0x7fffffffac50, aDOMEvent=aDOMEvent@entry=0x0, 
    aEventStatus=aEventStatus@entry=0x7fffffffac34, aCallback=aCallback@entry=0x0, aTargets=0x0) at /home/hub/source/mozilla/src/content/events/src/nsEventDispatcher.cpp:609
#78 0x00007ffff42cf65c in nsDocumentViewer::LoadComplete (this=0x7fffc7d82d20, aStatus=<optimized out>) at /home/hub/source/mozilla/src/layout/base/nsDocumentViewer.cpp:995
#79 0x00007ffff4566370 in nsDocShell::EndPageLoad (this=0x7fffd4fcf800, aChannel=0x7fffd218d948, aStatus=NS_ERROR_PARSED_DATA_CACHED, aProgress=<optimized out>)
    at /home/hub/source/mozilla/src/docshell/base/nsDocShell.cpp:6897
#80 0x00007ffff45683a0 in nsDocShell::OnStateChange (this=0x7fffd4fcf800, aProgress=0x7fffd4fcf828, aRequest=0x7fffd218d948, aStateFlags=131088, aStatus=NS_ERROR_PARSED_DATA_CACHED)
    at /home/hub/source/mozilla/src/docshell/base/nsDocShell.cpp:6694
#81 0x00007ffff3996814 in nsDocLoader::DoFireOnStateChange (this=0x7fffd4fcf800, aProgress=aProgress@entry=0x7fffd4fcf828, aRequest=aRequest@entry=0x7fffd218d948, 
    aStateFlags=@0x7fffffffb14c: 131088, aStatus=aStatus@entry=NS_ERROR_PARSED_DATA_CACHED) at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:1331
#82 0x00007ffff3997cf1 in nsDocLoader::doStopDocumentLoad (this=this@entry=0x7fffd4fcf800, request=0x7fffd218d948, aStatus=NS_ERROR_PARSED_DATA_CACHED)
    at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:865
#83 0x00007ffff3997f36 in nsDocLoader::DocLoaderIsEmpty (this=0x7fffd4fcf800, aFlushLayout=<optimized out>) at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:755
#84 0x00007ffff3997f5c in ChildDoneWithOnload (aChild=0x7fffc957d400, this=0x7fffd4fcf800) at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.h:190
#85 nsDocLoader::DocLoaderIsEmpty (this=0x7fffc957d400, aFlushLayout=<optimized out>) at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:758
#86 0x00007ffff39981d8 in nsDocLoader::OnStopRequest (this=0x7fffc957d400, aRequest=0x7fffc8f70810, aCtxt=<optimized out>, aStatus=NS_OK)
    at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:639
#87 0x00007ffff36aa1b9 in nsLoadGroup::RemoveRequest (this=0x7fffd0d05040, request=0x7fffc8f70810, ctxt=0x0, aStatus=NS_OK) at /home/hub/source/mozilla/src/netwerk/base/src/nsLoadGroup.cpp:689
#88 0x00007ffff3f7929b in nsDocument::DoUnblockOnload (this=0x7fffba491800) at /home/hub/source/mozilla/src/content/base/src/nsDocument.cpp:8011
#89 0x00007ffff3f7a91f in nsDocument::UnblockOnload (this=0x7fffba491800, aFireSync=<optimized out>) at /home/hub/source/mozilla/src/content/base/src/nsDocument.cpp:7939
#90 0x00007ffff3f7b235 in nsDocument::DispatchContentLoadedEvents (this=0x7fffba491800) at /home/hub/source/mozilla/src/content/base/src/nsDocument.cpp:4734
#91 0x00007ffff3f86903 in nsRunnableMethodImpl<void (nsDocument::*)(), void, true>::Run (this=<optimized out>) at ../../../dist/include/nsThreadUtils.h:383
#92 0x00007ffff365aa16 in nsThread::ProcessNextEvent (this=0x7ffff7d28e80, mayWait=true, result=0x7fffffffb54f) at /home/hub/source/mozilla/src/xpcom/threads/nsThread.cpp:612
#93 0x00007ffff361ccde in NS_ProcessNextEvent (thread=<optimized out>, mayWait=<optimized out>) at /home/hub/source/mozilla/src/xpcom/glue/nsThreadUtils.cpp:263
#94 0x00007ffff46494dc in nsNSSHttpRequestSession::internal_send_receive_attempt (this=this@entry=0x7fffd091a100, retryable_error=@0x7fffffffb620: false, pPollDesc=pPollDesc@entry=0x0, 
    http_response_code=http_response_code@entry=0x7fffffffb6b2, http_response_content_type=http_response_content_type@entry=0x0, http_response_headers=http_response_headers@entry=0x0, 
    http_response_data=0x7fffffffb6f0, http_response_data_len=0x7fffffffb6b4) at /home/hub/source/mozilla/src/security/manager/ssl/src/nsNSSCallbacks.cpp:446
#95 0x00007ffff4649791 in nsNSSHttpRequestSession::trySendAndReceiveFcn (this=0x7fffd091a100, pPollDesc=0x0, http_response_code=0x7fffffffb6b2, http_response_content_type=0x0, 
    http_response_headers=0x0, http_response_data=0x7fffffffb6f0, http_response_data_len=0x7fffffffb6b4) at /home/hub/source/mozilla/src/security/manager/ssl/src/nsNSSCallbacks.cpp:325
#96 0x00007ffff71a4d93 in fetchOcspHttpClientV1 (encodedRequest=0x7fffc936b440, location=0x7fffc936b380 "http://ocsp.godaddy.com/", 
    hcv1=0x7ffff6c358e8 <nsNSSHttpInterface::sNSSInterfaceTable+8>, arena=0x0) at ocsp.c:3428
#97 cert_FetchOCSPResponse (arena=arena@entry=0x0, location=location@entry=0x7fffc936b380 "http://ocsp.godaddy.com/", encodedRequest=encodedRequest@entry=0x7fffc936b440) at ocsp.c:3758
#98 0x00007ffff71a6220 in CERT_PostOCSPRequest (arena=arena@entry=0x0, location=location@entry=0x7fffc936b380 "http://ocsp.godaddy.com/", encodedRequest=encodedRequest@entry=0x7fffc936b440)
    at ocsp.c:3745
#99 0x00007ffff71a63d0 in ocsp_GetEncodedOCSPResponseFromRequest (arena=arena@entry=0x0, request=0x7fffba4fb020, location=location@entry=0x7fffc936b380 "http://ocsp.godaddy.com/", 
    mechanism=mechanism@entry=0x7ffff7252d19 "POST", pwArg=pwArg@entry=0x0, pRequest=pRequest@entry=0x7fffffffb968, addServiceLocator=<optimized out>, time=<optimized out>) at ocsp.c:3653
#100 0x00007ffff71a77c0 in ocsp_GetEncodedOCSPResponseForSingleCert (arena=0x0, pRequest=0x7fffffffb968, pwArg=0x0, addServiceLocator=<optimized out>, time=1385576291946178, 
    mechanism=0x7ffff7252d19 "POST", location=0x7fffc936b380 "http://ocsp.godaddy.com/", singleCert=0x7fffd09a4820, certID=0x7fffba4fb820) at ocsp.c:3791
#101 ocsp_GetOCSPStatusFromNetwork (rv_ocsp=0x7fffffffb95c, certIDWasConsumed=0x7fffffffb958, pwArg=0x0, time=1385576291946178, cert=0x7fffd09a4820, certID=0x7fffba4fb820, 
    handle=0x7fffc8b87830) at ocsp.c:5294
#102 CERT_CheckOCSPStatus (handle=0x7fffc8b87830, cert=0x7fffd09a4820, time=1385576291946178, pwArg=0x0) at ocsp.c:5055
#103 0x00007ffff71aa8ca in CERT_VerifyCert (handle=0x7fffc8b87830, cert=0x7fffd09a4820, checkSig=1, certUsage=certUsageSSLServer, t=1385576291946178, wincx=0x0, log=0x0) at certvfy.c:1335
#104 0x00007ffff463a79d in ClassicVerifyCert (verifyLog=0x0, validationChain=0x0, pinArg=0x0, time=1385576291946178, usage=2, cert=0x7fffd09a4820)
    at /home/hub/source/mozilla/src/security/manager/ssl/src/CertVerifier.cpp:107
#105 mozilla::psm::CertVerifier::VerifyCert (this=this@entry=0x7fffc8d4e510, cert=0x7fffd09a4820, usage=usage@entry=2, time=1385576291946178, pinArg=pinArg@entry=0x0, flags=flags@entry=0, 
    validationChain=0x0, evOidPolicy=0x7fffffffbdbc, verifyLog=0x0) at /home/hub/source/mozilla/src/security/manager/ssl/src/CertVerifier.cpp:311
#106 0x00007ffff46480e2 in nsNSSCertificate::hasValidEVOidTag (this=this@entry=0x7fffbcf0a330, resultOidTag=@0x7fffffffbdbc: SEC_OID_UNKNOWN, validEV=@0x7fffffffbea8: false)
    at /home/hub/source/mozilla/src/security/manager/ssl/src/nsIdentityChecking.cpp:1308
#107 0x00007ffff464816f in nsNSSCertificate::getValidEVOidTag (this=0x7fffbcf0a330, resultOidTag=@0x7fffffffbdbc: SEC_OID_UNKNOWN, validEV=@0x7fffffffbea8: false)
    at /home/hub/source/mozilla/src/security/manager/ssl/src/nsIdentityChecking.cpp:1329
#108 0x00007ffff46481e9 in nsNSSCertificate::GetIsExtendedValidation (this=0x7fffbcf0a330, aIsEV=0x7fffffffbea8)
    at /home/hub/source/mozilla/src/security/manager/ssl/src/nsIdentityChecking.cpp:1361
#109 0x00007ffff4645284 in nsSSLStatus::GetIsExtendedValidation (this=0x7fffbcf0a2e0, aIsEV=0x7fffffffbea8) at /home/hub/source/mozilla/src/security/manager/ssl/src/nsIdentityChecking.cpp:1279
#110 0x00007ffff46225c3 in nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState (this=this@entry=0x7fffd512d120, aRequest=aRequest@entry=0x7fffd0945850, info=0x7fffbd0ecb60, 
    withNewLocation=withNewLocation@entry=true) at /home/hub/source/mozilla/src/security/manager/boot/src/nsSecureBrowserUIImpl.cpp:500
#111 0x00007ffff4622853 in nsSecureBrowserUIImpl::OnLocationChange (this=0x7fffd512d120, aWebProgress=0x7fffdb0e5428, aRequest=0x7fffd0945850, aLocation=<optimized out>, 
    aFlags=<optimized out>) at /home/hub/source/mozilla/src/security/manager/boot/src/nsSecureBrowserUIImpl.cpp:1465
#112 0x00007ffff3996910 in nsDocLoader::FireOnLocationChange (this=this@entry=0x7fffdb0e5400, aWebProgress=aWebProgress@entry=0x7fffdb0e5428, aRequest=aRequest@entry=0x7fffd0945850, 
    aUri=0x7fffbced5ac0, aFlags=aFlags@entry=0) at /home/hub/source/mozilla/src/uriloader/base/nsDocLoader.cpp:1371
#113 0x00007ffff456920f in nsDocShell::CreateContentViewer (this=0x7fffdb0e5400, aContentType=<optimized out>, request=0x7fffd0945850, aContentHandler=<optimized out>)
    at /home/hub/source/mozilla/src/docshell/base/nsDocShell.cpp:8325
#114 0x00007ffff4572b12 in nsDSURIContentListener::DoContent (this=this@entry=0x7fffd89d6940, aContentType=0x7fffbcf21dc8 "text/html", aIsContentPreferred=aIsContentPreferred@entry=false, 
    request=request@entry=0x7fffd0945850, aContentHandler=0x7fffbcf0a120, aAbortProcess=aAbortProcess@entry=0x7fffffffc188)
    at /home/hub/source/mozilla/src/docshell/base/nsDSURIContentListener.cpp:122
#115 0x00007ffff3998ce0 in nsDocumentOpenInfo::TryContentListener (this=this@entry=0x7fffbcf0a100, aListener=0x7fffd89d6940, aChannel=0x7fffd0945850)
    at /home/hub/source/mozilla/src/uriloader/base/nsURILoader.cpp:681
#116 0x00007ffff3998ec6 in nsDocumentOpenInfo::DispatchContent (this=this@entry=0x7fffbcf0a100, request=request@entry=0x7fffd0945850, aCtxt=aCtxt@entry=0x0)
    at /home/hub/source/mozilla/src/uriloader/base/nsURILoader.cpp:382
#117 0x00007ffff399959f in nsDocumentOpenInfo::OnStartRequest (this=0x7fffbcf0a100, request=0x7fffd0945850, aCtxt=0x0) at /home/hub/source/mozilla/src/uriloader/base/nsURILoader.cpp:258
#118 0x00007ffff3737a10 in mozilla::net::nsHttpChannel::CallOnStartRequest (this=this@entry=0x7fffd0945800) at /home/hub/source/mozilla/src/netwerk/protocol/http/nsHttpChannel.cpp:870
#119 0x00007ffff373803d in mozilla::net::nsHttpChannel::ContinueOnStartRequest3 (this=this@entry=0x7fffd0945800, result=result@entry=NS_OK)
    at /home/hub/source/mozilla/src/netwerk/protocol/http/nsHttpChannel.cpp:4995
#120 0x00007ffff3738c6f in mozilla::net::nsHttpChannel::ContinueOnStartRequest2 (this=this@entry=0x7fffd0945800, result=result@entry=NS_OK)
    at /home/hub/source/mozilla/src/netwerk/protocol/http/nsHttpChannel.cpp:4986
#121 0x00007ffff37393bd in mozilla::net::nsHttpChannel::OnStartRequest (this=0x7fffd0945800, request=0x7fffc97b8740, ctxt=<optimized out>)
    at /home/hub/source/mozilla/src/netwerk/protocol/http/nsHttpChannel.cpp:4959
#122 0x00007ffff36a6e10 in nsInputStreamPump::OnStateStart (this=this@entry=0x7fffc97b8740) at /home/hub/source/mozilla/src/netwerk/base/src/nsInputStreamPump.cpp:517
#123 0x00007ffff36a98ae in nsInputStreamPump::OnInputStreamReady (this=0x7fffc97b8740, stream=<optimized out>) at /home/hub/source/mozilla/src/netwerk/base/src/nsInputStreamPump.cpp:431
#124 0x00007ffff3650888 in nsInputStreamReadyEvent::Run (this=0x7fffc97b4940) at /home/hub/source/mozilla/src/xpcom/io/nsStreamUtils.cpp:85
#125 0x00007ffff365aa16 in nsThread::ProcessNextEvent (this=0x7ffff7d28e80, mayWait=false, result=0x7fffffffc5af) at /home/hub/source/mozilla/src/xpcom/threads/nsThread.cpp:612
#126 0x00007ffff361ccde in NS_ProcessNextEvent (thread=<optimized out>, mayWait=<optimized out>) at /home/hub/source/mozilla/src/xpcom/glue/nsThreadUtils.cpp:263
#127 0x00007ffff3810879 in mozilla::ipc::MessagePump::Run (this=0x7fffeba6b700, aDelegate=0x7fffeba64240) at /home/hub/source/mozilla/src/ipc/glue/MessagePump.cpp:85
#128 0x00007ffff37f8576 in RunHandler (this=0x7fffeba64240) at /home/hub/source/mozilla/src/ipc/chromium/src/base/message_loop.cc:213
#129 MessageLoop::Run (this=0x7fffeba64240) at /home/hub/source/mozilla/src/ipc/chromium/src/base/message_loop.cc:187
#130 0x00007ffff3db0a1f in nsBaseAppShell::Run (this=0x7fffe8a2e2b0) at /home/hub/source/mozilla/src/widget/xpwidgets/nsBaseAppShell.cpp:161
#131 0x00007ffff46c7f36 in nsAppStartup::Run (this=0x7fffe6e63060) at /home/hub/source/mozilla/src/toolkit/components/startup/nsAppStartup.cpp:267
#132 0x00007ffff4664b39 in XREMain::XRE_mainRun (this=this@entry=0x7fffffffc858) at /home/hub/source/mozilla/src/toolkit/xre/nsAppRunner.cpp:3974
#133 0x00007ffff4664dbb in XREMain::XRE_main (this=this@entry=0x7fffffffc858, argc=argc@entry=1, argv=argv@entry=0x7fffffffdcd8, aAppData=aAppData@entry=0x7fffffffca50)
    at /home/hub/source/mozilla/src/toolkit/xre/nsAppRunner.cpp:4042
#134 0x00007ffff4665010 in XRE_main (argc=1, argv=0x7fffffffdcd8, aAppData=0x7fffffffca50, aFlags=<optimized out>) at /home/hub/source/mozilla/src/toolkit/xre/nsAppRunner.cpp:4244
#135 0x0000000000403c68 in do_main (argc=argc@entry=1, argv=argv@entry=0x7fffffffdcd8, xreDirectory=0x7ffff7d31840) at /home/hub/source/mozilla/src/browser/app/nsBrowserApp.cpp:280
#136 0x0000000000403644 in main (argc=1, argv=0x7fffffffdcd8) at /home/hub/source/mozilla/src/browser/app/nsBrowserApp.cpp:647


With a new profile, go to bmo, click "login". and it crashes.

changeset:   157795:862e92d55d50 is bad. That's when I found it. Bisecting it right now but it is at least a few days old.
This is on Linux x86_64.
Result of bisecting:

changeset:   157002:3b9e118ded0f
user:        Ehsan Akhgari <ehsan@mozilla.com>
date:        Fri Nov 22 00:16:31 2013 -0500
summary:     Bug 941424 - Build more of the JS engine in unified mode; r=djvj
I wonder if this is not bug 942421

gcc --version
gcc (GCC) 4.8.2 20131017 (Red Hat 4.8.2-1)
Also with my regular profile, it does crash when I click "restore" in the session restore. This is how I found it. But I get it with a new profile.
Blocks: 941424
This might be fixed with my patch in bug 943839.  Can you please give that patch a shot if you can reproduce this reliably?

Thanks!
Flags: needinfo?(hub)
Oh, I just noted that you're using gcc 4.8.2, so you may also be being bitten by bug 942421.
I have patches for both bug 943839 and bug 942421 and I no longer have any crash.
Flags: needinfo?(hub)
Only the patch for bug 942421 is needed to fix that crash. DUPE
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.