Closed
Bug 1303967
Opened 8 years ago
Closed 8 years ago
Crash in mozalloc_abort | NS_DebugBreak | mozilla::ipc::LogicError | mozilla::dom::PBrowser::Transition
Categories
(Core :: DOM: Content Processes, defect)
Tracking
()
RESOLVED
FIXED
mozilla52
People
(Reporter: ting, Assigned: billm)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
2.71 KB,
patch
|
mrbkap
:
review+
gchang
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-0fce5ec5-fa63-4446-bcc6-277b62160920. ============================================================= #6 of 0918 Nightly on Windows, 89 crashes from 50 installations.
Reporter | ||
Updated•8 years ago
|
Flags: needinfo?(wmccloskey)
Comment 1•8 years ago
|
||
[Tracking Requested - why for this release]: Over 100 crashes on 51 as well so far.
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → wmccloskey
Flags: needinfo?(wmccloskey)
Assignee | ||
Comment 2•8 years ago
|
||
Here's the relevant part of the crash stack: 4 xul.dll mozilla::dom::PBrowserChild::SendForcePaintNoOp(unsigned __int64 const&) obj-firefox/ipc/ipdl/PBrowserChild.cpp:2452 5 xul.dll mozilla::dom::TabChild::RecvSetDocShellIsActive(bool const&, bool const&, unsigned __int64 const&) dom/ipc/TabChild.cpp:2663 6 xul.dll mozilla::dom::TabChild::ForcePaint(unsigned __int64) ... 29 xul.dll nsDocShellTreeOwner::AddChromeListeners() embedding/browser/nsDocShellTreeOwner.cpp:976 30 xul.dll nsWebBrowser::Create() embedding/browser/nsWebBrowser.cpp:1286 31 xul.dll mozilla::dom::TabChild::Init() dom/ipc/TabChild.cpp:762 So we're getting an interrupt callback too soon--before the TabChild has been initialized. When we try to send an IPC message, we crash. I think it makes sense for mIPCOpen to be false until we can actually send messages. That's how it's typically used. So I delayed setting it to true until TabChild::Init finishes. I also added an IPCOpen() check in TabChild::ForcePaint. I don't think it makes sense to do any of that stuff if it's false.
Attachment #8793104 -
Flags: review?(mrbkap)
Updated•8 years ago
|
Attachment #8793104 -
Flags: review?(mrbkap) → review+
Pushed by wmccloskey@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/a536a062f1d9 Don't set mIPCOpen until TabChild is initialized (r=mrbkap)
Assignee | ||
Comment 4•8 years ago
|
||
Comment on attachment 8793104 [details] [diff] [review] patch Approval Request Comment [Feature/regressing bug #]: bug 1279086 [User impact if declined]: crashes [Describe test coverage new/current, TreeHerder]: will be on m-c soon [Risks and why]: pretty low risk, just avoiding some bad code [String/UUID change made/needed]: none
Attachment #8793104 -
Flags: approval-mozilla-aurora?
Comment 5•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/a536a062f1d9
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
Comment 6•8 years ago
|
||
Comment on attachment 8793104 [details] [diff] [review] patch Review of attachment 8793104 [details] [diff] [review]: ----------------------------------------------------------------- This patch fixes a crash. Take it in 51 aurora.
Attachment #8793104 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 7•8 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-aurora/rev/1456ca7b0683
Comment 9•8 years ago
|
||
Crash volume for signature 'mozalloc_abort | NS_DebugBreak | mozilla::ipc::LogicError | mozilla::dom::PBrowser::Transition': - nightly (version 52): 260 crashes from 2016-09-19. - aurora (version 51): 404 crashes from 2016-09-19. - beta (version 50): 0 crashes from 2016-09-20. - release (version 49): 3 crashes from 2016-09-05. - esr (version 45): 0 crashes from 2016-06-01. Crash volume on the last weeks (Week N is from 10-03 to 10-09): W. N-1 W. N-2 - nightly 24 236 - aurora 93 311 - beta 0 0 - release 2 1 - esr 0 0 Affected platforms: Windows, Linux Crash rank on the last 7 days: Browser Content Plugin - nightly #49 - aurora #678 #16 - beta - release #3686 - esr
status-firefox49:
--- → affected
Updated•8 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•