Open
Bug 1280186
Opened 8 years ago
Updated 3 years ago
Crash in DoMarking<T> (heap / memory corruption)
Categories
(Core :: JavaScript: GC, defect, P3)
Tracking
()
People
(Reporter: marcia, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: crash, triage-deferred, Whiteboard: [tbird crash])
Crash Data
This bug was filed from the Socorro interface and is report bp-d62d9b9f-eb78-43ab-aaef-459692160609. ============================================================= Seen while looking at crash stats. This showed up on the explosive report and didn't have a bug associated with it. Link to crashes: https://crash-stats.mozilla.com/report/list?signature=DoMarking%3CT%3E. Top URL appears to be facebook.com. Currently is #28 top crasher in Beta. Frame Module Signature Source 0 xul.dll DoMarking<JSObject>(js::GCMarker*, JSObject*) js/src/gc/Marking.cpp:772 1 xul.dll DispatchToTracer<JSObject*>(JSTracer*, JSObject**, char const*) js/src/gc/Marking.cpp:640 2 xul.dll mozilla::dom::ProtoAndIfaceCache::PageTableCache::Trace(JSTracer*) obj-firefox/dist/include/mozilla/dom/BindingUtils.h:383 3 xul.dll xpc::TraceXPCGlobal(JSTracer*, JSObject*) js/xpconnect/src/nsXPConnect.cpp:371 4 xul.dll JS_GlobalObjectTraceHook(JSTracer*, JSObject*) js/src/jsapi.cpp:1915 5 xul.dll CallTraceHook<TraverseObjectFunctor, js::GCMarker* const, JSObject*&> js/src/gc/Marking.cpp:1304 6 xul.dll js::GCMarker::processMarkStackTop(js::SliceBudget&) js/src/gc/Marking.cpp:1517 7 xul.dll js::GCMarker::drainMarkStack(js::SliceBudget&) js/src/gc/Marking.cpp:1350 8 xul.dll js::gc::GCRuntime::drainMarkStack(js::SliceBudget&, js::gcstats::Phase) js/src/jsgc.cpp:5482 9 ntdll.dll ZwQueryPerformanceCounter 10 ntdll.dll RtlEnterCriticalSection
Comment 1•8 years ago
|
||
Crash volume for signature 'DoMarking<T>': - nightly(version 50):20 crashes from 2016-06-06. - aurora (version 49):35 crashes from 2016-06-07. - beta (version 48):1998 crashes from 2016-06-06. - release(version 47):367 crashes from 2016-05-31. - esr (version 45):28 crashes from 2016-04-07. Crash volume on the last weeks: W. N-1 W. N-2 W. N-3 W. N-4 W. N-5 W. N-6 W. N-7 - nightly 2 2 7 4 0 2 3 - aurora 8 7 6 0 5 7 2 - beta 90 71 316 118 92 519 585 - release 53 54 50 38 53 53 43 - esr 4 3 6 1 1 4 2 Affected platforms: Windows, Linux
status-firefox47:
--- → affected
status-firefox49:
--- → affected
status-firefox50:
--- → affected
status-firefox-esr45:
--- → affected
Comment 2•8 years ago
|
||
Crash volume for signature 'DoMarking<T>': - nightly (version 51): 11 crashes from 2016-08-01. - aurora (version 50): 11 crashes from 2016-08-01. - beta (version 49): 162 crashes from 2016-08-02. - release (version 48): 78 crashes from 2016-07-25. - esr (version 45): 44 crashes from 2016-05-02. Crash volume on the last weeks (Week N is from 08-22 to 08-28): W. N-1 W. N-2 W. N-3 - nightly 2 6 2 - aurora 3 7 1 - beta 73 40 13 - release 26 30 4 - esr 6 7 3 Affected platforms: Windows, Linux Crash rank on the last 7 days: Browser Content Plugin - nightly #459 - aurora #887 - beta #292 #555 - release #697 - esr #966
status-firefox51:
--- → affected
Comment 3•8 years ago
|
||
Crash volume for signature 'DoMarking<T>': - nightly (version 52): 4 crashes from 2016-09-19. - aurora (version 51): 6 crashes from 2016-09-19. - beta (version 50): 116 crashes from 2016-09-20. - release (version 49): 215 crashes from 2016-09-05. - esr (version 45): 76 crashes from 2016-06-01. Crash volume on the last weeks (Week N is from 10-03 to 10-09): W. N-1 W. N-2 - nightly 4 0 - aurora 5 1 - beta 94 22 - release 169 46 - esr 6 9 Affected platforms: Windows, Linux Crash rank on the last 7 days: Browser Content Plugin - nightly #165 - aurora #372 #353 - beta #199 #132 - release #326 #507 - esr #1119
status-firefox52:
--- → affected
Comment 5•7 years ago
|
||
Too late for firefox 52, mass-wontfix.
Comment 6•7 years ago
|
||
Today's 20170623115718 on Debian Testing x64 bp-66fd43a6-1803-4605-9257-854140170623 I am using * gpu-process (need it for stability, see bug 1375058 comment 3 if you wanted to say it would be windows-only for the moment) * webrender + webrendest (continuous testing) and have enabled and disabled layout.css.servo.enabled multiple times for bug 1375906. This is the first Nightly with stylo built-in (but disabled). I can't tell you if it was the cause or not.
Updated•7 years ago
|
Keywords: triage-deferred
Priority: -- → P3
Comment 7•7 years ago
|
||
Are there still plans to fix this bug? It does continue to crash the browser: https://crash-stats.mozilla.com/report/index/52c54b7a-0376-41bc-b5c9-2ac0c0171114
Comment 8•7 years ago
|
||
(In reply to User Dderss from comment #7) This is another unactionable heap / memory corruption crash.
Blocks: GCCrashes
Comment 9•6 years ago
|
||
The crash rate of DoMarking<T> doubled since August one which correlates roughly to the release of version 61.0.2
Comment 10•6 years ago
|
||
(In reply to User Dderss from comment #7) > Are there still plans to fix this bug? The last crash ID you posted has been purged from the system. Please post your crash IDs from the past month.
Flags: needinfo?(zxspectrum3579)
Comment 11•6 years ago
|
||
I am not seeing this specific signature among my crash reports in the latest months.
Flags: needinfo?(zxspectrum3579)
Comment 12•6 years ago
|
||
(In reply to User Dderss from comment #11) > I am not seeing this specific signature among my crash reports in the latest months. OK, but that wasn't my question. Please post all your your crash IDs.
Comment 13•6 years ago
|
||
https://crash-stats.mozilla.com/report/index/bp-0e44ced9-ad8b-4d7d-8019-da6880181001 https://crash-stats.mozilla.com/report/index/bp-11cd09cd-6d5b-4bb4-902d-e76e30181001 https://crash-stats.mozilla.com/report/index/bp-218ca972-86a4-4fc2-8735-c0afd0180918 https://crash-stats.mozilla.com/report/index/bp-04b58738-08c6-4222-b024-84b790180905 https://crash-stats.mozilla.com/report/index/bp-95bd87a5-9454-4c29-8eaa-612560180905 https://crash-stats.mozilla.com/report/index/bp-918b07d9-1091-44a1-ac4c-1e4cb0180905 https://crash-stats.mozilla.com/report/index/bp-ef82875b-c7d3-47d5-8081-f3ec20180905
Comment 14•3 years ago
|
||
There are still crashes, but the majority of crashes were ESR, specifically version 68 which is now almost zero. (which happened in late September)
https://crash-stats.mozilla.org/signature/?product=Firefox&release_channel=esr&signature=DoMarking%3CT%3E&date=%3E%3D2020-09-15T05%3A15%3A00.000Z&date=%3C2020-10-26T05%3A15%3A00.000Z#graphs
Overall, very low crash rate
Severity: critical → S3
OS: Windows XP → All
Summary: Crash in DoMarking<T> → Crash in DoMarking<T> (heap / memory corruption)
You need to log in
before you can comment on or make changes to this bug.
Description
•