Closed Bug 1085461 Opened 11 years ago Closed 11 years ago

crash in nsAString_internal::BeginReading(nsReadingIterator<char16_t>&) const

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Platform:
All
Android
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(firefox34 unaffected, firefox35+ verified, firefox36+ verified, fennec35+)

Status:
VERIFIED DUPLICATE of bug 1083425
Tracking Flags:
Tracking Status
firefox34 --- unaffected
firefox35 + verified
firefox36 + verified
fennec 35+ ---

People

(Reporter: u279076, Unassigned)

Details

(Keywords: crash, regression, topcrash-android-armv7)

Crash Data

This bug was filed from the Socorro interface and is report bp-ebf3c368-5643-4d03-a20d-26b062141017. ============================================================= 0 libxul.so nsAString_internal::BeginReading(nsReadingIterator<char16_t>&) const xpcom/string/nsTSubstring.h 1 libxul.so AppendUTF16toUTF8(nsAString_internal const&, nsACString_internal&, mozilla::fallible_t const&) xpcom/string/nsReadableUtils.cpp 2 libxul.so AppendUTF16toUTF8(nsAString_internal const&, nsACString_internal&) xpcom/string/nsReadableUtils.cpp 3 libxul.so mozilla::dom::WebSocketImpl::GetName(nsACString_internal&) content/base/src/WebSocket.cpp 4 libxul.so nsLoadGroup::Cancel(tag_nsresult) netwerk/base/src/nsLoadGroup.cpp 5 libxul.so nsDocLoader::Stop() uriloader/base/nsDocLoader.cpp 6 libxul.so nsDocShell::Stop(unsigned int) docshell/base/nsDocShell.cpp 7 libxul.so nsDocShell::InternalLoad(nsIURI*, nsIURI*, nsISupports*, unsigned int, char16_t const*, char const*, nsAString_internal const&, nsIInputStream*, nsIInputStream*, unsigned int, nsISHEntry*, bool, nsAString_internal const&, nsIDocShell*, nsIURI*, nsIDocShell**, nsIRequest**) docshell/base/nsDocShell.cpp 8 libxul.so nsDocShell::OnLinkClickSync(nsIContent*, nsIURI*, char16_t const*, nsAString_internal const&, nsIInputStream*, nsIInputStream*, nsIDocShell**, nsIRequest**) docshell/base/nsDocShell.cpp 9 libxul.so OnLinkClickEvent::Run() docshell/base/nsDocShell.cpp 10 libxul.so nsThread::ProcessNextEvent(bool, bool*) xpcom/threads/nsThread.cpp 11 libxul.so NS_ProcessNextEvent(nsIThread*, bool) xpcom/glue/nsThreadUtils.cpp 12 libxul.so mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) ipc/glue/MessagePump.cpp 13 libxul.so MessageLoop::RunInternal() ipc/chromium/src/base/message_loop.cc 14 libxul.so MessageLoop::Run() ipc/chromium/src/base/message_loop.cc 15 libxul.so nsBaseAppShell::Run() widget/xpwidgets/nsBaseAppShell.cpp 16 libxul.so nsAppStartup::Run() toolkit/components/startup/nsAppStartup.cpp 17 libxul.so XREMain::XRE_mainRun() toolkit/xre/nsAppRunner.cpp 18 libxul.so XREMain::XRE_main(int, char**, nsXREAppData const*) toolkit/xre/nsAppRunner.cpp 19 libxul.so XRE_main toolkit/xre/nsAppRunner.cpp 20 libxul.so GeckoStart toolkit/xre/nsAndroidStartup.cpp 21 libmozglue.so Java_org_mozilla_gecko_mozglue_GeckoLoader_nativeRun mozglue/android/APKOpen.cpp Ø 22 libdvm.so libdvm.so@0x1ea12 Ø 23 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x4ef816 Ø 24 dalvik-heap (deleted) dalvik-heap (deleted)@0x2088f6 Ø 25 dalvik-heap (deleted) dalvik-heap (deleted)@0x25b81e Ø 26 libdvm.so libdvm.so@0x4f6d1 Ø 27 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x4ef814 28 libmozglue.so report_mapping mozglue/android/APKOpen.cpp 29 libmozglue.so report_mapping mozglue/android/APKOpen.cpp 30 @0x721dca46 Ø 31 libdvm.so libdvm.so@0x512e1 Ø 32 libdvm.so libdvm.so@0xb22c6 Ø 33 dalvik-aux-structure (deleted) dalvik-aux-structure (deleted)@0x17196 Ø 34 dalvik-heap (deleted) dalvik-heap (deleted)@0x25b81e Ø 35 dalvik-heap (deleted) dalvik-heap (deleted)@0x4e7dde Ø 36 libdvm.so libdvm.so@0xb22c6 Ø 37 dalvik-heap (deleted) dalvik-heap (deleted)@0x4e7dde Ø 38 libdvm.so libdvm.so@0x749e7 Ø 39 dalvik-LinearAlloc (deleted) dalvik-LinearAlloc (deleted)@0x3602f2 Ø 40 dalvik-heap (deleted) dalvik-heap (deleted)@0x2088f6 Ø 41 dalvik-LinearAlloc (deleted) dalvik-LinearAlloc (deleted)@0x3602de Ø 42 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x5376c1 Ø 43 libdvm.so libdvm.so@0x6d659 Ø 44 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x5376c1 Ø 45 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0xdb79e Ø 46 dalvik-heap (deleted) dalvik-heap (deleted)@0x2088f6 Ø 47 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x5376c1 Ø 48 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x6ffffe Ø 49 libdvm.so libdvm.so@0x511e7 Ø 50 libdvm.so libdvm.so@0xadc7a Ø 51 dalvik-LinearAlloc (deleted) dalvik-LinearAlloc (deleted)@0x3602de Ø 52 libdvm.so libdvm.so@0x4f53f Ø 53 libdvm.so libdvm.so@0xb22c6 Ø 54 libdvm.so libdvm.so@0xadc7a Ø 55 dalvik-heap (deleted) dalvik-heap (deleted)@0x25b81e Ø 56 libdvm.so libdvm.so@0x5109d Ø 57 data@app@org.mozilla.fennec_aurora-2.apk@classes.dex data@app@org.mozilla.fennec_aurora-2.apk@classes.dex@0x338fb6 Ø 58 dalvik-heap (deleted) dalvik-heap (deleted)@0x2088f6 Ø 59 libdvm.so libdvm.so@0x1eb7e Ø 60 libdvm.so libdvm.so@0x27ea2 Ø 61 libdvm.so libdvm.so@0x2f396 Ø 62 dalvik-LinearAlloc (deleted) dalvik-LinearAlloc (deleted)@0x36ebce Ø 63 dalvik-heap (deleted) dalvik-heap (deleted)@0x25b81e Ø 64 libdvm.so libdvm.so@0x2f3e6 Ø 65 libdvm.so libdvm.so@0xb22c6 Ø 66 libdvm.so libdvm.so@0x2f396 Ø 67 libdvm.so libdvm.so@0x2ca4a ============================================================= More reports: https://crash-stats.mozilla.com/report/list?product=FennecAndroid&signature=nsAString_internal%3A%3ABeginReading%28nsReadingIterator%3Cchar16_t%3E%26%29+const Top Devices =========== Nightly: * 45% - Samsung Galaxy Note II * 17% - Asus Nexus 7 Aurora: * 38% - Samsung Nexus 10 * 25% - Sony Xperia Z1 C6943 Top URLs ======== https://news.ycombinator.com/... http://www.collegehumor.com/... ============================================================= Currently this crash sits at #3 @ 10.57% in Fennec Aurora 35.0a2 and #2 in Fennec Nightly 36.0a1 @ 5.38%, with no crashes showing up for 33/34. I suspect this might be a regression introduced on Nightly 36 and uplifted to Aurora 35. Looking at build IDs, it looks like this first showed up in Aurora on Oct 17 and Nightly on Oct 15. Below I've included a pushlog for each branch. It may be premature to call this a topcrash since we only enabled updates on Friday. However I think we will want to keep an eye on this. Pushlogs ======== Nightly (2014-10-14 to 2014-10-15): https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=54217864bae9&tochange=62f0b771583c Aurora (2014-10-16 to 2014-10-17): https://hg.mozilla.org/releases/mozilla-aurora/pushloghtml?fromchange=8cd0eedecef2&tochange=c35d9f79f1ff Bugs in Common: https://bugzilla.mozilla.org/buglist.cgi?bug_id=1079848%2C1081906%2C1079312%2C1082114%2C1081992%2C1058660%2C1082108&bug_id_type=anyexact&list_id=11404546&query_format=advanced
Kevin, do we have any of these devices in house to try to reproduce this crash?
Flags: needinfo?(kbrosnan)
[Tracking Requested - why for this release]: regression that could potentially become a topcrash.
tracking-firefox35: --- → ?
tracking-firefox36: --- → ?
Keywords: regression
Have both Nexus devices, Aaron has most of the Note lineup.
Flags: needinfo?(kbrosnan)
(In reply to Kevin Brosnan [:kbrosnan] from comment #3) > Have both Nexus devices, Aaron has most of the Note lineup. Thanks, could you and/or Aaron try this on your devices and see if it reproduces?
Flags: needinfo?(kbrosnan)
Flags: needinfo?(aaron.train)
I'm upgrading this to a topcrash since it's #2 now and rising at 12% of our crashes in Fennec 35.
Keywords: topcrash-android-armv7
I was able to crash once on Aurora by going to http://www.collegehumor.com/ , clicking on the 50 states sex moves then clicking through the pages in the article. However I have been unable to reproduce this in Aurora or Nightly. I don't think this is device specific after looking at the affected devices for the 28 day view.
Flags: needinfo?(kbrosnan)
Looks like this crash may involve websockets. Needinfo to a couple of the networking team to take a look.
tracking-fennec: --- → ?
Flags: needinfo?(mcmanus)
Flags: needinfo?(jduell.mcbugs)
fallout from websockets on workers
Status: NEW → RESOLVED
Closed: 11 years ago
Flags: needinfo?(mcmanus)
Resolution: --- → DUPLICATE
Flags: needinfo?(jduell.mcbugs)
Flags: needinfo?(aaron.train)
Marking this verified based on bug 1083425 comment 19.
Status: RESOLVED → VERIFIED
status-firefox35: affectedverified
status-firefox36: affectedverified
tracking-fennec: ? → 35+
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.