Open
Bug 1389451
Opened 8 years ago
Updated 3 years ago
Crash in nsWrapperCache::GetWrapperPreserveColor
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
REOPENED
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox-esr60 | --- | affected |
| firefox55 | --- | wontfix |
| firefox56 | --- | wontfix |
| firefox57 | --- | wontfix |
| firefox64 | --- | wontfix |
| firefox65 | --- | wontfix |
| firefox66 | --- | fix-optional |
People
(Reporter: philipp, Unassigned)
References
Details
(Keywords: crash, regression)
Crash Data
This bug was filed from the Socorro interface and is
report bp-a91512d7-5c58-4e22-96a9-e65300170811.
=============================================================
Crashing Thread (0)
Frame Module Signature Source
0 xul.dll nsWrapperCache::GetWrapperPreserveColor() dom/base/nsWrapperCacheInlines.h:18
1 xul.dll NeedsScriptTraverse dom/base/FragmentOrElement.cpp:511
2 xul.dll mozilla::dom::FragmentOrElement::CanSkipInCC(nsINode*) dom/base/FragmentOrElement.cpp:1720
3 xul.dll nsGenericDOMDataNode::cycleCollection::CanSkipInCCReal(void*) dom/base/nsGenericDOMDataNode.cpp:84
4 xul.dll nsCycleCollectionParticipant::CanSkipInCC(void*) xpcom/base/nsCycleCollectionParticipant.h:195
5 xul.dll CCGraphBuilder::AddPurpleRoot(void*, nsCycleCollectionParticipant*) xpcom/base/nsCycleCollector.cpp:2234
6 xul.dll SelectPointersVisitor::Visit(nsPurpleBuffer&, nsPurpleBufferEntry*) xpcom/base/nsCycleCollector.cpp:1184
7 xul.dll nsPurpleBuffer::VisitEntries<SelectPointersVisitor>(SelectPointersVisitor&) xpcom/base/nsCycleCollector.cpp:1071
8 xul.dll nsCycleCollector::BeginCollection(ccType, nsICycleCollectorListener*) xpcom/base/nsCycleCollector.cpp:3884
9 xul.dll nsCycleCollector::Collect(ccType, js::SliceBudget&, nsICycleCollectorListener*, bool) xpcom/base/nsCycleCollector.cpp:3671
10 xul.dll nsCycleCollector_collectSlice(js::SliceBudget&, bool) xpcom/base/nsCycleCollector.cpp:4223
11 xul.dll nsJSContext::RunCycleCollectorSlice(mozilla::TimeStamp) dom/base/nsJSEnvironment.cpp:1727
12 xul.dll CCRunnerFired dom/base/nsJSEnvironment.cpp:2108
13 xul.dll CollectorRunner::Run() dom/base/nsJSEnvironment.cpp:260
14 xul.dll nsThread::ProcessNextEvent(bool, bool*) xpcom/threads/nsThread.cpp:1446
15 xul.dll mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) ipc/glue/MessagePump.cpp:97
16 xul.dll mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) ipc/glue/MessagePump.cpp:302
17 xul.dll MessageLoop::RunHandler() ipc/chromium/src/base/message_loop.cc:319
18 xul.dll MessageLoop::Run() ipc/chromium/src/base/message_loop.cc:299
19 xul.dll nsBaseAppShell::Run() widget/nsBaseAppShell.cpp:156
20 xul.dll nsAppShell::Run() widget/windows/nsAppShell.cpp:278
21 xul.dll XRE_RunAppShell() toolkit/xre/nsEmbedFunctions.cpp:882
22 xul.dll mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) ipc/glue/MessagePump.cpp:270
23 xul.dll MessageLoop::RunHandler() ipc/chromium/src/base/message_loop.cc:319
24 xul.dll MessageLoop::Run() ipc/chromium/src/base/message_loop.cc:299
25 xul.dll XRE_InitChildProcess(int, char** const, XREChildData const*) toolkit/xre/nsEmbedFunctions.cpp:699
26 xul.dll mozilla::BootstrapImpl::XRE_InitChildProcess(int, char** const, XREChildData const*) toolkit/xre/Bootstrap.cpp:65
27 firefox.exe content_process_main(mozilla::Bootstrap*, int, char** const) ipc/contentproc/plugin-container.cpp:64
28 firefox.exe wmain toolkit/xre/nsWindowsWMain.cpp:115
29 firefox.exe __scrt_common_main_seh f:/dd/vctools/crt/vcstartup/src/startup/exe_common.inl:253
30 kernel32.dll BaseThreadInitThunk
31 ntdll.dll __RtlUserThreadStart
32 ntdll.dll _RtlUserThreadStart
crashes with this signature are regressing in pre-release versions since version 55, but are generally rather low volume so far.
|
||
Updated•8 years ago
|
|
||
Updated•8 years ago
|
Priority: -- → P3
|
||
Comment 1•7 years ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
|
||
Comment 2•7 years ago
|
||
There are still some crashes so reopen it.
Status: RESOLVED → REOPENED
status-firefox64:
--- → affected
status-firefox65:
--- → affected
status-firefox-esr60:
--- → affected
Resolution: WONTFIX → ---
|
||
Updated•7 years ago
|
|
||
Updated•7 years ago
|
Component: JavaScript: GC → XPCOM
|
||
Updated•7 years ago
|
status-firefox66:
--- → affected
|
||
Comment 3•7 years ago
|
||
Happy to take a patch in nightly 67, or potentially, in beta 66 for this.
I'm marking it fix-optional to remove it from weekly regression triage, since it has a priority assigned.
|
|
||
Comment 4•7 years ago
|
||
mccr8, do you know why this might be showing up? Bonus points if you can why all the crashes are on Fennec and not on desktop.
Flags: needinfo?(continuation)
|
||
Comment 5•7 years ago
•
|
||
(In reply to Nathan Froyd [:froydnj] from comment #4)
mccr8, do you know why this might be showing up? Bonus points if you can why all the crashes are on Fennec and not on desktop.
There's not a ton of commonality to these crashes that I can see. Probably just the first place we're touching some mangled DOM objects.
My guess for why these are on Fennec would be that this method is probably inlined with PGO, and we weren't PGOing Android in 64?
Component: XPCOM → DOM
Flags: needinfo?(continuation)
|
Assignee | |
Updated•7 years ago
|
Component: DOM → DOM: Core & HTML
|
|
||
Comment 6•3 years ago
|
||
Since the crash volume is low (less than 5 per week), the severity is downgraded to S3. Feel free to change it back if you think the bug is still critical.
For more information, please visit auto_nag documentation.
Severity: critical → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•