Closed
Bug 1125940
Opened 10 years ago
Closed 10 years ago
Monkey Crash [@ mozilla::dom::File::IsFile]
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
People
(Reporter: ntroast, Assigned: baku)
References
Details
(Keywords: crash, Whiteboard: [b2g-crash][caf-crash 490][caf priority: p1][CR 786703])
Crash Data
Attachments
(13 files, 2 obsolete files)
747 bytes,
text/plain
|
Details | |
415.82 KB,
text/plain
|
Details | |
117.10 KB,
text/plain
|
Details | |
339.08 KB,
text/plain
|
Details | |
717 bytes,
text/plain
|
Details | |
527.94 KB,
text/plain
|
Details | |
717 bytes,
text/plain
|
Details | |
527.94 KB,
text/plain
|
Details | |
122.83 KB,
text/plain
|
Details | |
343.79 KB,
text/plain
|
Details | |
120.22 KB,
text/plain
|
Details | |
345.15 KB,
text/plain
|
Details | |
1001 bytes,
patch
|
khuey
:
review+
m1
:
feedback+
lmandel
:
approval-mozilla-beta+
bajaj
:
approval-mozilla-b2g37+
|
Details | Diff | Splinter Review |
We have been observing the following crash during monkey runs. [@ mozilla::dom::File::IsFile | mozilla::dom::File::QueryInterface | nsQueryInterface::operator() | nsCOMPtr_base::assign_from_qi ] STR not available. cafbot will upload minidump.
Comment 1•10 years ago
|
||
Comment 2•10 years ago
|
||
Comment 3•10 years ago
|
||
We've seen this crash signature on both kk and L builds, around 100 times total over past couple of weeks.
Flags: needinfo?(bbajaj)
Updated•10 years ago
|
Whiteboard: [CR 786703]
Updated•10 years ago
|
Whiteboard: [CR 786703] → [caf priority: p1][CR 786703]
Updated•10 years ago
|
Whiteboard: [caf priority: p1][CR 786703] → [b2g-crash][caf-crash 490][caf priority: p1][CR 786703]
Comment 4•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.054 Moz BuildID: 20150120002507 B2G Version: 2.2 Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=f5b3d1b6cfa3e702033f613915ae637cb735cbfb Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=bb6c4d3fc51281f1a2ee0ff471221dbc1d0d1035 Patches: bug 1067629, bug 1117862, bug 1122162, bug 1119980, bug 1091307, bug 1106637
Comment 5•10 years ago
|
||
:sku/ken, Can we please find an owner for this?
blocking-b2g: 2.2? → 2.2+
Flags: needinfo?(sku)
Flags: needinfo?(kchang)
Flags: needinfo?(bbajaj)
Comment 6•10 years ago
|
||
Hi Aknow, Can you please take this bug? If you are not available, please ni back to me. Thanks.
Flags: needinfo?(kchang) → needinfo?(szchen)
Comment 7•10 years ago
|
||
(bumping priority as we now this crash as a part of basic build sanity testing)
Severity: major → blocker
Priority: -- → P1
Comment 8•10 years ago
|
||
Hi, Could you help clarify question below? This crash was hit by doing memory report. Will you monkey script dump memory info? Below might be the root cause of issue. 1. Someone request memory dump, but delete the File object before finishing dumping. 2. Data partition is full, that no available space for memory dump. 3. Other timing issue. 0|0|libxul.so|mozilla::dom::File::IsFile|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/dom/base/File.cpp|315|0x0 0|1|libxul.so|mozilla::dom::File::QueryInterface|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/dom/base/File.cpp|155|0x5 0|2|libxul.so|nsQueryInterface::operator()|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/glue/nsCOMPtr.cpp|14|0x5 0|3|libxul.so|nsCOMPtr_base::assign_from_qi|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/glue/nsCOMPtr.cpp|59|0x7 0|4|libxul.so|xpc::OrphanReporter::sizeOfIncludingThis|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/out/target/product/msm8610/obj/objdir-gecko/dist/include/nsCOMPtr.h|482|0x3 0|5|libxul.so|StatsCellCallback<(Granularity)0u>|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/js/src/vm/MemoryMetrics.cpp|426|0x7 0|6|libxul.so|IterateCompartmentsArenasCells|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/js/src/gc/Iteration.cpp|49|0x3 0|7|libxul.so|js::IterateZonesCompartmentsArenasCells|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/js/src/gc/Iteration.cpp|66|0x11 0|8|libxul.so|JS::CollectRuntimeStats|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/js/src/vm/MemoryMetrics.cpp|722|0x3 0|9|libxul.so|xpc::JSReporter::CollectReports|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/js/xpconnect/src/XPCJSRuntime.cpp|2824|0xd 0|10|libxul.so|nsWindowMemoryReporter::CollectReports|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/dom/base/nsWindowMemoryReporter.cpp|547|0xf 0|11|libxul.so|nsMemoryReporterManager::GetReportsForThisProcessExtended|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryReporterManager.cpp|1270|0x9 0|12|libxul.so|nsMemoryReporterManager::StartGettingReports|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryReporterManager.cpp|1206|0xf 0|13|libxul.so|nsMemoryReporterManager::GetReportsExtended|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryReporterManager.cpp|1183|0x5 0|14|libxul.so|DumpMemoryInfoToFile|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryInfoDumper.cpp|670|0x17 0|15|libxul.so|nsMemoryInfoDumper::DumpMemoryInfoToTempDir|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryInfoDumper.cpp|760|0xd 0|16|libxul.so|DumpMemoryInfoToTempDirRunnable::Run|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/base/nsMemoryInfoDumper.cpp|76|0xd 0|17|libxul.so|nsThread::ProcessNextEvent|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/threads/nsThread.cpp|855|0x5 0|18|libxul.so|NS_ProcessNextEvent|/local/mnt/workspace/lnxbuild/project/trees_in_use/free_tree_b2g_manifest_LF.BF.1.1_msm8610_commander_7081765/checkout/gecko/xpcom/glue/nsThreadUtils.cpp|265|0xb
Flags: needinfo?(ntroast)
Comment 9•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.060 Moz BuildID: 20150201002504 B2G Version: 2.2 Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=d6141fa3208f224393269e17c39d1fe53b7e6a05 Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=29ba8859a5dcf7c207ba2f846a99dbe3a4232bb5 Patches: bug 1067629, bug 1117862, bug 1091307, bug 1106637
Reporter | ||
Comment 10•10 years ago
|
||
Our monkey script is collecting gecko memory reports. We found that a file was filling the /data partition, so it is likely the condition that causes Gecko to crash when collecting a memory report. Gecko memory report should gracefully fail if the /data partition is full, or if the /data partition is filled during the collection process.
Flags: needinfo?(ntroast)
Comment 11•10 years ago
|
||
Hi Nicholas,
Can you please share the available storage on problematic device via below command to us?
> adb shell df /data
Filesystem Size Used Free Blksize
/data 2.0G 53.2M 2.0G 4096
1. If /data is really full by memory report (triggered by monkey), I don't think this should be P1 issue.
2. From user perspective, there is no way for user to update /date to full due to 5MB low storage threshold.
In short, if #1 case is real, this issue should be fixed as a long term solution, but not P1 blocker.
Flags: needinfo?(ntroast)
Comment 12•10 years ago
|
||
(In reply to shawn ku [:sku] from comment #11) > In short, if #1 case is real, this issue should be fixed as a long term > solution, but not P1 blocker. Yep, I agree too. It's not a blocker but just something to resolve for general device stability -- programs (not the user) could potentially fill up /data and cause the same crash in the field.
Severity: blocker → normal
Priority: P1 → P3
Comment 13•10 years ago
|
||
Clear my ni because Shawn has already been working on it and provided some feedback. Also, seems the bug is not a blocker now.
Flags: needinfo?(szchen)
Reporter | ||
Comment 14•10 years ago
|
||
/data had 0.0G Free when I checked it on the problematic device
Flags: needinfo?(ntroast)
Comment 15•10 years ago
|
||
[Blocking Requested - why for this release]: Hi Ken: Please help assign a member to study/finish this task per all the conversation we have on the bug. I expect this issue can be fixed on m-c first with gracefully handling of 0 space condition. Even user will not hit this, programs might do such things from gecko, gonk or even kernel side. Thanks!! Shawn
blocking-b2g: 2.2+ → 3.0?
Flags: needinfo?(sku) → needinfo?(kchang)
Comment 16•10 years ago
|
||
Hi Thinker, Who is familiar with this part. It seems that we need to check the reaming storage of data partition before creating memory report.
Flags: needinfo?(kchang) → needinfo?(tlee)
Comment 17•10 years ago
|
||
Or instead of checking available disk space beforehand, just gracefully exit if a write fails, etc. Checking space beforehand is no guarantee another program won't take it away later.
Comment 18•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.063 Moz BuildID: 20150204002509 B2G Version: 3.0 Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=a4c4cc86303a554facb8f45b7e764e5c4473c3de Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=5523db61e51c5263191d5df2f4b40f78c82e8746 Patches: bug 1067629, bug 1117862, bug 1091307, bug 1106637
Comment 19•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.065 Moz BuildID: 20150205002503 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.065.xml?h=release B2G Version: 3.0 Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=c2047a46e29696238e9b4c9caaba47736421449a Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=7927bc87af9e30bb8fc9cb00fc7608a1002ea3f0 Patches: bug 1067629, bug 1117862, bug 1091307, bug 1106637
Comment 20•10 years ago
|
||
(In reply to Michael Vines [:m1] [:evilmachines] from comment #17) > Or instead of checking available disk space beforehand, just gracefully exit > if a write fails, etc. Checking space beforehand is no guarantee another > program won't take it away later. I agree with you partly! All we need to do is to print an error message to explain the reason, and crash the program at point immediately.
Flags: needinfo?(tlee) → needinfo?(sku)
Updated•10 years ago
|
Flags: needinfo?(sku)
Comment 21•10 years ago
|
||
This crash has been observed on v2.2 when /data is not full.
blocking-b2g: 3.0? → 2.2?
Comment 22•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.069 Moz BuildID: 20150205002503 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.069.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=c2047a46e29696238e9b4c9caaba47736421449a Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=7927bc87af9e30bb8fc9cb00fc7608a1002ea3f0 Patches: bug 1130271, bug 1067629, bug 1091307
Comment 24•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.071 Moz BuildID: 20150211002505 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.071.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=943be6fd146017dcd9d4c9d1027be1e43bad13eb Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=3829518d5d1898c888e6c88ec1fa2bbf0b7bc72a Patches: bug 1091307, bug 1067629, bug 1125418, bug 1130271
Comment 25•10 years ago
|
||
Comment 26•10 years ago
|
||
Comment 27•10 years ago
|
||
Comment on attachment 8563255 [details]
EXTRA file attachment - AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.071
(cafbot screwed up here)
Attachment #8563255 -
Attachment is obsolete: true
Comment 28•10 years ago
|
||
Comment on attachment 8563256 [details]
decoded minidump - AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.071
(cafbot screwed up here)
Attachment #8563256 -
Attachment is obsolete: true
Comment 30•10 years ago
|
||
Hi Michael: There is no new attachment for case mentioned in comment 21. Please have a person to update bugzilla first. Besides, few things to update too. 1. available storage left on device? 2. Since there is no clear STR, can Mozilla setup monkey to repo. this issue by our-self? Who can help this topic?
Flags: needinfo?(mvines)
Comment 31•10 years ago
|
||
Comment 32•10 years ago
|
||
Comment 33•10 years ago
|
||
(In reply to shawn ku [:sku] from comment #30) > Hi Michael: > There is no new attachment for case mentioned in comment 21. > Please have a person to update bugzilla first. cafbot just uploaded the latest occurrence of this crash, from a build based on Mozilla build ID 20150211183853. We see this crash consistently a couple times a day still > Besides, few things to update too. > 1. available storage left on device? Filesystem Size Used Free Blksize /dev 437.5M 52.0K 437.4M 4096 /sys/fs/cgroup 437.5M 12.0K 437.4M 4096 /mnt/asec 437.5M 0.0K 437.5M 4096 /mnt/obb 437.5M 0.0K 437.5M 4096 /system 1.2G 300.4M 880.4M 4096 /data 1.7G 54.7M 1.6G 4096 /cache 248.0M 156.0K 247.8M 4096 /persist 27.5M 92.0K 27.4M 4096 /firmware 64.0M 48.5M 15.4M 16384 /mnt/media_rw/sdcard 7.4G 291.0M 7.1G 32768 /mnt/secure/asec 7.4G 291.0M 7.1G 32768 /storage/sdcard 7.4G 291.0M 7.1G 32768 > 2. Since there is no clear STR, can Mozilla setup monkey to repo. this issue > by our-self? Who can help this topic? https://github.com/mozilla-b2g/orangutan can probably help. I'm a little surprised the Mozilla QA team isn't already running monkey on v2.2 though.
Flags: needinfo?(mvines)
Comment 34•10 years ago
|
||
The last logcat entries before the crash (which are consistent with other instances of this crash as well) from the .extra file might contain a hint? --- 01-01 00:07:56.831 944 944 D slogger : Triggered Gecko memory report for iteration 0 01-01 00:07:56.832 3356 3370 I Gecko:DumpUtils: FifoWatcher(command:memory report) dispatching memory report runnable. 01-01 00:07:56.832 3356 3370 I Gecko:DumpUtils: FifoWatcher closing and re-opening fifo. 01-01 00:07:56.834 3356 3356 I DMD : opened /data/local/tmp/memory-reports/dmd-476-4122.json.gz for writing 01-01 00:07:56.837 3356 3356 I DMD : opened /data/local/tmp/memory-reports/dmd-476-3935.json.gz for writing 01-01 00:07:56.840 3356 3356 I DMD : opened /data/local/tmp/memory-reports/dmd-476-3356.json.gz for writing 01-01 00:07:59.103 3356 3701 E libsuspend: Error reading from /sys/power/wakeup_count: Interrupted system call --- "slogger" is a logging daemon (which has been unmodified and active for months before this crash was first observed) that is requesting a Gecko memory report by writing "memory report" to the /data/local/debug_info_trigger pipe, much like what this code does -- https://github.com/mozilla-b2g/B2G/blob/3a3278e0f3bac37741a81c9a793dd836e7622f9a/tools/get_about_memory.py#L212-L220
Comment 35•10 years ago
|
||
(In reply to Michael Vines [:m1] [:evilmachines] from comment #33) > (In reply to shawn ku [:sku] from comment #30) > > Hi Michael: > > There is no new attachment for case mentioned in comment 21. > > Please have a person to update bugzilla first. > > cafbot just uploaded the latest occurrence of this crash, from a build based > on Mozilla build ID 20150211183853. We see this crash consistently a couple > times a day still > > > Besides, few things to update too. > > 1. available storage left on device? > > Filesystem Size Used Free Blksize > /dev 437.5M 52.0K 437.4M 4096 > /sys/fs/cgroup 437.5M 12.0K 437.4M 4096 > /mnt/asec 437.5M 0.0K 437.5M 4096 > /mnt/obb 437.5M 0.0K 437.5M 4096 > /system 1.2G 300.4M 880.4M 4096 > /data 1.7G 54.7M 1.6G 4096 > /cache 248.0M 156.0K 247.8M 4096 > /persist 27.5M 92.0K 27.4M 4096 > /firmware 64.0M 48.5M 15.4M 16384 > /mnt/media_rw/sdcard 7.4G 291.0M 7.1G 32768 > /mnt/secure/asec 7.4G 291.0M 7.1G 32768 > /storage/sdcard 7.4G 291.0M 7.1G 32768 > > > 2. Since there is no clear STR, can Mozilla setup monkey to repo. this issue > > by our-self? Who can help this topic? > > https://github.com/mozilla-b2g/orangutan can probably help. I'm a little > surprised the Mozilla QA team isn't already running monkey on v2.2 though. Michael: For QA part, I need to check with them about the status of monkey. ni is just in case we don't need back-n-forth. Thanks for your information.
Comment 36•10 years ago
|
||
After talk with Shawn, the situation of this bug more complicate than what I had acknowledged. It seems includes multiple issues. Shawn would follow up this bug to figure out all of them, then we may open more bugs and assign bugs to someone.
Flags: needinfo?(tlee)
Comment 37•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.073 Moz BuildID: 20150212002504 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.073.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=791e53728cd8018f1d7cf7efe06bbeb1179f0370 Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=2a90b4d5194b06c63ebcf0377703126b08349b92 Patches: bug 1130271, bug 1067629, bug 1125418, bug 1091307, bug 1130196
Comment 38•10 years ago
|
||
Comment 39•10 years ago
|
||
Comment 40•10 years ago
|
||
(In reply to Thinker Li [:sinker] from comment #36) > After talk with Shawn, the situation of this bug more complicate than what I > had acknowledged. It seems includes multiple issues. Shawn would follow up > this bug to figure out all of them, then we may open more bugs and assign > bugs to someone. Sounds a little nebulous, but thanks. What are the next steps Shawn? We continue to see this crash multiple times a day in our automation. Who will carry this forward while Taipei is on holiday?
Flags: needinfo?(sku)
Comment 41•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.074 Moz BuildID: 20150214002504 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.074.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=ea64caf6d4ab03fc4472eca9f41f20d651d55fa9 Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=f0efef29cfa937da4d8497636cdae4b978d93674 Patches: bug 1091307, bug 1067629, bug 1125418, bug 1130271, bug 1130196
Comment 42•10 years ago
|
||
Comment 43•10 years ago
|
||
Comment 44•10 years ago
|
||
Mike: Due to CNY holidays, there is no resource on this issue checking from TPE, could you please help find someone to check issue first?
Flags: needinfo?(mlee)
Comment 45•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.075 Moz BuildID: 20150216002503 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.075.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=ea64caf6d4ab03fc4472eca9f41f20d651d55fa9 Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=f9bcea955c11dd8e3268b1d84e011145eec8299f Patches: bug 1130271, bug 1067629, bug 1125418, bug 1091307, bug 1130196
Comment 46•10 years ago
|
||
Comment 47•10 years ago
|
||
Comment 48•10 years ago
|
||
Observed on: Device: msm8909 Gonk Version: AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.076 Moz BuildID: 20150217002515 Manifest: https://www.codeaurora.org/cgit/quic/lf/b2g/manifest/tree/caf_AU_LINUX_GECKO_LF.BR.1.2.3.00.00.00.000.076.xml?h=release Gecko Version: 37.0a2 Gaia: http://git.mozilla.org/?p=releases/gaia.git;a=commit;h=ea64caf6d4ab03fc4472eca9f41f20d651d55fa9 Gecko: http://git.mozilla.org/?p=releases/gecko.git;a=commit;h=84bec0d9b79928608c3ec5de50bdf81af2e8e580 Patches: bug 1091307, bug 1067629, bug 1125418, bug 1130271, bug 1130196
Comment 49•10 years ago
|
||
Comment 50•10 years ago
|
||
Comment 51•10 years ago
|
||
Andrew, Can you have someone on the DOM team help investigate this as the Crash signature points to mozilla::dom::File::IsFile and mozilla::dom::File::QueryInterface? Thanks, Mike
Component: Stability → DOM
Flags: needinfo?(mlee) → needinfo?(overholt)
Product: Firefox OS → Core
A file that's already been unlinked (and thus had mImpl set to null), perhaps?
Flags: needinfo?(overholt) → needinfo?(amarchesini)
We probably just should not unlink mImpl. We do similar stuff in IDB. As long as the object graph that survives cycle collection is acyclic it'll all get torn down appropriately in the end anyways.
Comment 54•10 years ago
|
||
Nathan, Can you help investigate this crash or get this to the engineer who can? You appear to have done the code review for the section of code referenced in the crash signature: nsCOMPtr_base::assign_from_qi Thanks, Mike
Flags: needinfo?(nfroyd)
Comment 55•10 years ago
|
||
(In reply to Mike Lee [:mlee] from comment #54) > Can you help investigate this crash or get this to the engineer who can? You > appear to have done the code review for the section of code referenced in > the crash signature: nsCOMPtr_base::assign_from_qi It looks much more likely that the problem resides in mozilla::dom::File, so I think the request to Andrea is sufficient here.
Flags: needinfo?(nfroyd)
Assignee | ||
Comment 56•10 years ago
|
||
Flags: needinfo?(amarchesini)
Attachment #8566174 -
Flags: review?(khuey)
Comment on attachment 8566174 [details] [diff] [review] file.patch Review of attachment 8566174 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/base/File.cpp @@ +128,5 @@ > > NS_IMPL_CYCLE_COLLECTION_CLASS(File) > > NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(File) > + // No unlink for mImpl bacause FileImpl is not CC-able and it's needed for QI. I would just drop this comment entirely. @@ +134,5 @@ > NS_IMPL_CYCLE_COLLECTION_UNLINK_PRESERVED_WRAPPER > NS_IMPL_CYCLE_COLLECTION_UNLINK_END > > NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN(File) > // No traverse for mImpl bacause FileImpl is not CC-able. and this one.
Attachment #8566174 -
Flags: review?(khuey) → review+
Assignee | ||
Comment 59•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/3fea2967b275
Comment 60•10 years ago
|
||
Setting the assignee to :baku since he is working on the patch.
Assignee: nobody → amarchesini
Comment 61•10 years ago
|
||
Comment on attachment 8566174 [details] [diff] [review] file.patch We pulled this patch into a couple monkey runs overnight and they could not reproduce the crash. More testing tonight, but this looks good so far. Thanks!
Attachment #8566174 -
Flags: feedback+
Updated•10 years ago
|
Flags: needinfo?(sku)
Comment 62•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/3fea2967b275
Status: NEW → RESOLVED
Closed: 10 years ago
status-firefox38:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
Comment 63•10 years ago
|
||
Comment on attachment 8566174 [details] [diff] [review] file.patch User impact if declined: Their device will crash Testing completed: Crash has not been reproduced by hours of monkey testing with this patch applied
Attachment #8566174 -
Flags: approval-mozilla-b2g37?
Updated•10 years ago
|
Crash Signature: [@ mozilla::dom::File::IsFile | mozilla::dom::File::QueryInterface | nsQueryInterface::operator() | nsCOMPtr_base::assign_from_qi ] → [@ mozilla::dom::File::IsFile | mozilla::dom::File::QueryInterface | nsQueryInterface::operator() | nsCOMPtr_base::assign_from_qi ]
[@ mozilla::dom::File::IsFile() const ]
Updated•10 years ago
|
Attachment #8566174 -
Flags: approval-mozilla-b2g37? → approval-mozilla-b2g37+
Comment 64•10 years ago
|
||
https://hg.mozilla.org/releases/mozilla-b2g37_v2_2/rev/1e1aee3bd362
status-b2g-v2.2:
--- → fixed
status-b2g-master:
--- → fixed
status-firefox36:
--- → wontfix
status-firefox37:
--- → wontfix
Comment on attachment 8566174 [details] [diff] [review] file.patch We should take this on branch too.
Attachment #8566174 -
Flags: approval-mozilla-beta?
Comment 66•10 years ago
|
||
Does this fix address a crash in Firefox desktop/mobile as well or the uplift about keeping the branches in sync?
Flags: needinfo?(khuey)
Yes, this could crash any product when taking memory reports.
Flags: needinfo?(khuey)
Comment 68•10 years ago
|
||
Comment on attachment 8566174 [details] [diff] [review] file.patch Let's take this in 37 Beta as per khuey's request in comment 65. Simple crash fix. Beta+
Attachment #8566174 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Updated•10 years ago
|
Blocks: CAF-v3.0-FL-metabug
No longer blocks: CAF-v3.0-FL-metabug
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•