Closed
Bug 1153280
Opened 10 years ago
Closed 7 years ago
Crash in mozilla::dom::indexedDB::IDBWrapperCache::Release
Categories
(Core :: Storage: IndexedDB, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: vingtetun, Unassigned)
Details
Pretty sure this is indexedDB related. Found that while hacking on top of the proposed architecture for apps. It happens at random time for me :/
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff04f2530 in mozilla::DOMEventTargetHelper::Release (this=0x7fffbf1d7080)
at /home/vnicolas/mozilla/code/firefox/central/dom/events/DOMEventTargetHelper.cpp:75
75 NS_IMPL_CYCLE_COLLECTING_RELEASE_WITH_LAST_RELEASE(DOMEventTargetHelper,
(gdb) bt
#0 0x00007ffff04f2530 in mozilla::DOMEventTargetHelper::Release (this=0x7fffbf1d7080)
at /home/vnicolas/mozilla/code/firefox/central/dom/events/DOMEventTargetHelper.cpp:75
#1 0x00007ffff0a48774 in mozilla::dom::indexedDB::IDBWrapperCache::Release (this=0x7fffbf1d7080)
at /home/vnicolas/mozilla/code/firefox/central/dom/indexedDB/IDBWrapperCache.cpp:45
#2 0x00007ffff0a48124 in mozilla::dom::indexedDB::IDBTransaction::Release (this=0x7fffbf1d7080)
at /home/vnicolas/mozilla/code/firefox/central/dom/indexedDB/IDBTransaction.cpp:963
#3 0x00007fffee3f69ab in nsCOMPtr_base::~nsCOMPtr_base (this=0x7fffb9a08808, __in_chrg=<optimized out>) at ../../../../dist/include/nsCOMPtr.h:296
#4 0x00007fffee434664 in nsCOMPtr<nsIRunnable>::~nsCOMPtr (this=0x7fffb9a08808, __in_chrg=<optimized out>) at ../../dist/include/nsCOMPtr.h:344
#5 0x00007ffff0b2561e in mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo::~PreemptingRunnableInfo (this=0x7fffb9a08808,
__in_chrg=<optimized out>) at /home/vnicolas/mozilla/code/firefox/central/dom/workers/WorkerPrivate.cpp:2660
#6 0x00007ffff0b3ba06 in nsTArrayElementTraits<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo>::Destruct (aE=0x7fffb9a08808)
at ../../dist/include/nsTArray.h:489
#7 0x00007ffff0b39af9 in nsTArray_Impl<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo, nsTArrayInfallibleAllocator>::DestructRange (
this=0x7fffbf07f430, aStart=0, aCount=2) at ../../dist/include/nsTArray.h:1727
#8 0x00007ffff0b35a1d in nsTArray_Impl<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo, nsTArrayInfallibleAllocator>::RemoveElementsAt
(this=0x7fffbf07f430, aStart=0, aCount=2) at ../../dist/include/nsTArray.h:1420
#9 0x00007ffff0b2ce0a in nsTArray_Impl<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo, nsTArrayInfallibleAllocator>::Clear (
this=0x7fffbf07f430) at ../../dist/include/nsTArray.h:1429
#10 0x00007ffff0b2c71a in nsTArray_Impl<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo, nsTArrayInfallibleAllocator>::~nsTArray_Impl (
this=0x7fffbf07f430, __in_chrg=<optimized out>) at ../../dist/include/nsTArray.h:790
#11 0x00007ffff0b259ae in nsTArray<mozilla::dom::workers::WorkerPrivate::PreemptingRunnableInfo>::~nsTArray (this=0x7fffbf07f430,
__in_chrg=<optimized out>) at ../../dist/include/nsTArray.h:1801
#12 0x00007ffff0b029d9 in mozilla::dom::workers::WorkerPrivate::~WorkerPrivate (this=0x7fffbf07f000, __in_chrg=<optimized out>)
at /home/vnicolas/mozilla/code/firefox/central/dom/workers/WorkerPrivate.cpp:4669
#13 0x00007ffff0b02af4 in mozilla::dom::workers::WorkerPrivate::~WorkerPrivate (this=0x7fffbf07f000, __in_chrg=<optimized out>)
at /home/vnicolas/mozilla/code/firefox/central/dom/workers/WorkerPrivate.cpp:4671
#14 0x00007ffff04f28d8 in mozilla::DOMEventTargetHelper::DeleteCycleCollectable (this=0x7fffbf07f000)
at /home/vnicolas/mozilla/code/firefox/central/dom/events/DOMEventTargetHelper.cpp:75
#15 0x00007fffef49f580 in mozilla::DOMEventTargetHelper::cycleCollection::DeleteCycleCollectable (
this=0x7ffff582e8f0 <mozilla::dom::workers::WorkerPrivateParent<mozilla::dom::workers::WorkerPrivate>::_cycleCollectorGlobal>, p=0x7fffbf07f000)
at ../../dist/include/mozilla/DOMEventTargetHelper.h:63
#16 0x00007fffee43a681 in SnowWhiteKiller::~SnowWhiteKiller (this=0x7fffffffc510, __in_chrg=<optimized out>)
at /home/vnicolas/mozilla/code/firefox/central/xpcom/base/nsCycleCollector.cpp:2647
#17 0x00007fffee42eee0 in nsCycleCollector::FreeSnowWhite (this=0x7fffe505d000, aUntilNoSWInPurpleBuffer=false)
at /home/vnicolas/mozilla/code/firefox/central/xpcom/base/nsCycleCollector.cpp:2813
#18 0x00007fffee43187c in nsCycleCollector_doDeferredDeletion () at /home/vnicolas/mozilla/code/firefox/central/xpcom/base/nsCycleCollector.cpp:4050
#19 0x00007fffeeeead46 in AsyncFreeSnowWhite::Run (this=0x7fffe2b52060)
---Type <return> to continue, or q <return> to quit---
at /home/vnicolas/mozilla/code/firefox/central/js/xpconnect/src/XPCJSRuntime.cpp:230
#20 0x00007fffee4b1b1c in nsThread::ProcessNextEvent (this=0x7ffff6b52140, aMayWait=false, aResult=0x7fffffffc6af)
at /home/vnicolas/mozilla/code/firefox/central/xpcom/threads/nsThread.cpp:866
#21 0x00007fffee4e869e in NS_ProcessNextEvent (aThread=0x7ffff6b52140, aMayWait=false)
at /home/vnicolas/mozilla/code/firefox/central/xpcom/glue/nsThreadUtils.cpp:265
#22 0x00007fffee908015 in mozilla::ipc::MessagePump::Run (this=0x7fffe503b180, aDelegate=0x7ffff6b6d360)
at /home/vnicolas/mozilla/code/firefox/central/ipc/glue/MessagePump.cpp:99
#23 0x00007fffee8a3ee9 in MessageLoop::RunInternal (this=0x7ffff6b6d360)
at /home/vnicolas/mozilla/code/firefox/central/ipc/chromium/src/base/message_loop.cc:233
#24 0x00007fffee8a3eb6 in MessageLoop::RunHandler (this=0x7ffff6b6d360)
at /home/vnicolas/mozilla/code/firefox/central/ipc/chromium/src/base/message_loop.cc:226
#25 0x00007fffee8a3e47 in MessageLoop::Run (this=0x7ffff6b6d360)
at /home/vnicolas/mozilla/code/firefox/central/ipc/chromium/src/base/message_loop.cc:200
#26 0x00007ffff0cf04dd in nsBaseAppShell::Run (this=0x7fffdf554da0) at /home/vnicolas/mozilla/code/firefox/central/widget/nsBaseAppShell.cpp:164
#27 0x00007ffff17fa4e9 in nsAppStartup::Run (this=0x7fffdf559d30)
at /home/vnicolas/mozilla/code/firefox/central/toolkit/components/startup/nsAppStartup.cpp:281
#28 0x00007ffff186de29 in XREMain::XRE_mainRun (this=0x7fffffffca10) at /home/vnicolas/mozilla/code/firefox/central/toolkit/xre/nsAppRunner.cpp:4173
#29 0x00007ffff186e0e9 in XREMain::XRE_main (this=0x7fffffffca10, argc=5, argv=0x7fffffffdf18, aAppData=0x7fffffffcc30)
at /home/vnicolas/mozilla/code/firefox/central/toolkit/xre/nsAppRunner.cpp:4249
#30 0x00007ffff186e383 in XRE_main (argc=5, argv=0x7fffffffdf18, aAppData=0x7fffffffcc30, aFlags=0)
at /home/vnicolas/mozilla/code/firefox/central/toolkit/xre/nsAppRunner.cpp:4469
#31 0x0000000000404cad in do_main (argc=5, argv=0x7fffffffdf18, xreDirectory=0x7ffff6b516c0)
at /home/vnicolas/mozilla/code/firefox/central/browser/app/nsBrowserApp.cpp:294
#32 0x0000000000405107 in main (argc=5, argv=0x7fffffffdf18) at /home/vnicolas/mozilla/code/firefox/central/browser/app/nsBrowserApp.cpp:667
Looks like we're releasing an object on the wrong thread because a reference to it is stuck in an event queue.
|
||
Comment 2•10 years ago
|
||
I think this is probably the same as my bug 1152026, except for the digression when I went to investigate with a debug build that turned out to be the "promises are broken" bug 1132436.
|
|
||
Comment 3•10 years ago
|
||
:khuey, :bent indicated on IRC the other day that he thought you were the responsible party to investigate the crash on this bug/the possibly intimately related bug 1152026 (since both involve preemptible runnables and the apparently related promises problem). I was wondering if you might have an ETA for investigating/address this? Right now I see 10-15 crashes a day on nightly during development from bug 1152026. I can probably workaround this by remoting things back to the main thread again, but it's going to suck and I'm a bit worried that we're either going to start seeing crashes on Firefox stable as people begin to realize that IndexedDB-on-workers is a thing or the "don't use IndexedDB" meme is going to gain more power from stability issues in Firefox when people try to use it.
Flags: needinfo?(khuey)
Or you could stop using promises :-P
|
|
||
Comment 5•10 years ago
|
||
Then all the promise puns in the code will stop making sense.
My target is "before Whistler"
Flags: needinfo?(khuey)
|
|
||
Comment 7•7 years ago
|
||
This bug is likely moot.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•