Closed Bug 1361594 Opened 2 years ago Closed 2 years ago
Crash in js::Get
This bug was filed from the Socorro interface and is report bp-0dbc8b09-6383-49e0-9418-1b0db0170503. ============================================================= Top #5 of Nightly 20170430030208 on Windows, 41 reports from 21 installations.
#5 crash on the 5-4 Nightly also. Searching for crashes with this signature on Nightly, and faceting on proto signatures, I see a lot of crashes under nsGlobalWindow::RunTimeoutHandler (such as bp-451bb569-0498-403d-9bc2-1a2030170503 ) and a number being called from plugin code (such as c6985cff-6829-4c48-beb3-b16120170502 ), but I don't know if that means anything. It looks like it first showed up in high volume on Nightly in the 20170427030231 build. Based on that, here's a possible regression Window: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=0b77ed3f26c5335503bc16e85b8c067382e7bb1e&tochange=84762dbeb5380461fe27f0afa0e27e8ba9dd3b01 Nothing really leaps out at me in that range, though I do see the reenabling of intersection observers (bug 1321865), which has caused stability problems in the past. Bug 1339909 looks timer related. I see very few actual JS engine changes.
Boris, do you have any idea what might be causing this regression?
> I see a lot of crashes under nsGlobalWindow::RunTimeoutHandler (such as bp-451bb569-0498-403d-9bc2-1a2030170503) That basically shows a timeout firing, JS running, and then while it's running getting a property and crashing. The crash address is being listed as 0xffffffffffffffff but I can't recall how reliable that is on amd64. The couple of crashes I just looked at all seem to be on return statements. In terms of stuff in that regression range... First of all, it's not the right range. If things started crashing with 20170427030231 then the right range is more like https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=0f5ba06c4c5959030a05cb852656d854065e2226&tochange=0b77ed3f26c5335503bc16e85b8c067382e7bb1e In that range, bug 1352430 is rather suspicious-looking. Especially given the known crash regression from it in bug 1360961, which would likely affect plugin cases. We should see whether landing that helps here.
Depends on: 1360961
Oops. Thanks for taking a look. That does make a lot of sense. I wonder if this means there's a still-unfixed issue with window timeouts.
No crashes on Nightly after bug 1360961 landed there.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1360961
You need to log in before you can comment on or make changes to this bug.