Closed Bug 1033219 Opened 11 years ago Closed 10 years ago

Intermittent test_app_update.html | application crashed [@ 0xfffffffe]

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1038803

People

(Reporter: cbook, Unassigned)

References

(
URL
)

Details

Android 4.0 Panda fx-team debug test mochitest-4 on 2014-07-02 00:52:22 PDT for push 1b9e9be1db29 slave: panda-0541 https://tbpl.mozilla.org/php/getParsedLog.php?id=42919010&tree=Fx-Team filing as sg bug because of the crash adress, just in case 01:11:34 WARNING - PROCESS-CRASH | /tests/dom/apps/tests/test_app_update.html | application crashed [@ 0xfffffffe] 01:11:34 INFO - Crash dump filename: /tmp/tmpcRii2n/077371ec-d7a5-d804-4bcff822-2f233cc5.dmp 01:11:34 INFO - Operating system: Android 01:11:34 INFO - 0.0.0 Linux 3.2.0+ #2 SMP PREEMPT Thu Nov 29 08:06:57 EST 2012 armv7l pandaboard/pandaboard/pandaboard:4.0.4/IMM76I/5:eng/test-keys 01:11:34 INFO - CPU: arm 01:11:34 INFO - 2 CPUs 01:11:34 INFO - Crash reason: SIGSEGV 01:11:34 INFO - Crash address: 0xfffffffe 01:11:34 INFO - Thread 13 (crashed) 01:11:34 INFO - 0 0xfffffffe 01:11:34 INFO - r4 = 0x6e838620 r5 = 0x66310978 r6 = 0x66310000 r7 = 0x00000000 01:11:34 INFO - r8 = 0x00000001 r9 = 0x69c57758 r10 = 0x63cfb58c fp = 0x69c57760 01:11:34 INFO - sp = 0x5d49c518 lr = 0x631c4f83 pc = 0xfffffffe 01:11:34 INFO - Found by: given as instruction pointer in context 01:11:34 INFO - 1 libxul.so!js::CurrentThreadCanAccessZone(JS::Zone*) [Runtime.cpp:1b9e9be1db29 : 769 + 0x5] 01:11:34 INFO - sp = 0x5d49c520 pc = 0x63478c5f 01:11:34 INFO - Found by: stack scanning 01:11:34 INFO - 2 libxul.so!js::gc::Cell::tenuredZone() const [Heap.h:1b9e9be1db29 : 1063 + 0x5] 01:11:34 INFO - r4 = 0x5be5c400 sp = 0x5d49c528 pc = 0x6317be97 01:11:34 INFO - Found by: call frame info 01:11:34 INFO - 3 0x5b3b4d49 01:11:34 INFO - r4 = 0x4f2d2b2f sp = 0x5d49c530 pc = 0x5b3b4d4b 01:11:34 INFO - Found by: call frame info 01:11:34 INFO - 4 libxul.so!CheckMarkedThing<js::LazyScript> [Marking.cpp:1b9e9be1db29 : 125 + 0xb] 01:11:34 INFO - sp = 0x5d49c538 pc = 0x631c5a5f 01:11:34 INFO - Found by: stack scanning 01:11:34 INFO - 5 libxul.so + 0x2184582 01:11:34 INFO - r4 = 0x5be5c400 r5 = 0x0000003e r6 = 0x6e83d9a0 r7 = 0x0000003e 01:11:34 INFO - r8 = 0x66310978 sp = 0x5d49c960 pc = 0x63cfb584 01:11:34 INFO - Found by: call frame info 01:11:34 INFO - 6 libxul.so!JSScript::markChildren(JSTracer*) [jsscript.cpp:1b9e9be1db29 : 3413 + 0xd] 01:11:34 INFO - sp = 0x5d49c970 pc = 0x63414e4b 01:11:34 INFO - Found by: stack scanning 01:11:34 INFO - 7 libxul.so!js::gc::PushArena(js::GCMarker*, js::gc::ArenaHeader*) [Marking.cpp:1b9e9be1db29 : 1291 + 0x7] 01:11:34 INFO - r4 = 0x66310978 r5 = 0x63d33710 r6 = 0x000003d9 r7 = 0x00007b34 01:11:34 INFO - r8 = 0x00000001 sp = 0x5d49c988 pc = 0x631cc0b5 01:11:34 INFO - Found by: call frame info 01:11:34 INFO - 8 libxul.so!js::GCMarker::markDelayedChildren(js::gc::ArenaHeader*) [Tracer.cpp:1b9e9be1db29 : 544 + 0x3] 01:11:34 INFO - r4 = 0x00000002 r5 = 0x6e83d000 r6 = 0x66310978 r7 = 0x5d49cb68 01:11:34 INFO - r8 = 0x00000000 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
gkw/decoder: Do you guys think you could take a look?
It's ARM and GC is on the stack, so cc'ing our ARM and GC folks.
It looks like we attempted to jump to 0xffffffff. According to the backtrace, this happened from js::CurrentThreadCanAccessZone, which doesn't look like it makes any virtual calls, so other explanations are: something this called made a bad virtual call, or the stack got corrupted. I suspect that from this path re-entering jit code is unlikely.
Ryan, is this a test slave that has been having problems lately? The crash itself isn't so obviously scary.
Flags: needinfo?(ryanvm)
Nothing immediately obvious looking at the slave health page.
Flags: needinfo?(ryanvm)
I'm just going to unhide this. It happened once, so there's not much to go on.
Group: core-security
Status: NEW → RESOLVED
Closed: 10 years ago
Keywords: crash, intermittent-failure
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.