This is a long-standing issue, but it seems to have become a top crash in Nightly. I see annotations on these crashes like: More references to an object than its refcount, for class nsGenericDOMDataNode for instance: bp-b166d28b-f760-4169-a00d-882960170816 I've also seen FragmentOrElement, as in this crash:bp-f11a1a07-f5a3-4672-9cfa-b60ac0170817
Crash Signature: [@ nsCycleCollector::ScanWhiteNodes ]
It looks like this first showed up on Nightly in great number with the 20170815100349 build.
Regression range for the 8-15 build: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=df9beb781895fcd0493c21e95ad313e0044515ec&tochange=564e82f0f289af976da01c2d50507017bbc152b5 Olli, do you have any ideas of what might have caused refcounting of elements to break?
status-firefox56: --- → unaffected
status-firefox57: --- → affected
tracking-firefox57: --- → ?
Keywords: regression, topcrash
Olli pointed out bug 1386480 in IRC, and I agree that is probably at fault, as the patch looks wrong to me.
Fixed by backout.
Status: NEW → RESOLVED
Last Resolved: 9 months ago
Resolution: --- → FIXED
Assignee: nobody → ehsan
status-firefox55: --- → unaffected
status-firefox57: affected → fixed
status-firefox-esr52: --- → unaffected
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.