Closed Bug 1811522 Opened 2 years ago Closed 2 years ago

Crash in [@ mozilla::jni::detail::Accessor<T>::Accessor]

Categories

(GeckoView :: General, defect, P2)

Unspecified
Android
defect

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1778039

People

(Reporter: amejia, Unassigned)

References

Details

(Keywords: crash, topcrash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/a61c1a02-0e94-44f4-8236-3efda0230120

Reason: SIGSEGV / SEGV_MAPERR

Top 10 frames of crashing thread:

0  libxul.so  RefPtr<mozilla::jni::detail::NativeWeakPtrControlBlock<mozilla::a11y::SessionAccessibility> >::RefPtr  mfbt/RefPtr.h:93
0  libxul.so  mozilla::jni::detail::Accessor<mozilla::a11y::SessionAccessibility>::Accessor  widget/android/jni/Natives.h:743
0  libxul.so  mozilla::jni::NativeWeakPtr<mozilla::a11y::SessionAccessibility>::Access const  widget/android/jni/Natives.h:789
0  libxul.so  mozilla::jni::detail::NativePtrTraits<mozilla::a11y::SessionAccessibility,   widget/android/jni/Natives.h:1006
0  libxul.so  mozilla::jni::NativeStub<mozilla::java::SessionAccessibility::NativeProvider::IsCacheEnabled_t, mozilla::a11y::SessionAccessibility, mozilla::jni::Args<> >::Wrap<&mozilla::a11y::SessionAccessibility  widget/android/jni/Natives.h:1398
1  base.odex  base.odex@0x2a9794  
2  base.art]  base.art]@0x3622bc  
3  base.odex  base.odex@0xd15c74  
4  base.art]  base.art]@0x30742c  
5  memfd:jit-cache (deleted)  memfd:jit-cache @0x201c174  
Severity: -- → S3
Priority: -- → P2

This appears to have spiked in the 106 timeframe, which would correlate to when CtW was enabled by default for Android. Any thoughts, Jamie?

Component: General → Disability Access APIs
Flags: needinfo?(jteh)
Product: GeckoView → Core

Redirecting to Eitan. Perhaps we cleared the SessionAccessibility pointer without calling setAttached somehow?

Flags: needinfo?(jteh) → needinfo?(eitan)
Blocks: a11y-ctw

This has to do with the conversion to weak references in bug 1651705, I think. When we shut down in the gecko thread we queue a message to the UI thread saying we are detached, but perhaps the UI thread runnable isn't run until after the fatal JNI call. I am not familiar enough with GeckoView JNI object lifecycle to confidently say what will fix this. But I could say that caching the caching-enabled boolean on the Java side seems trivial and might remedy this specific JNI call failure.

Flags: needinfo?(eitan)

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 10 AArch64 and ARM crashes on release

:Jamie, could you consider increasing the severity of this top-crash bug?

For more information, please visit auto_nag documentation.

Flags: needinfo?(jteh)
Keywords: topcrash
Severity: S3 → S2
Flags: needinfo?(jteh)

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 10 AArch64 and ARM crashes on release (startup)

For more information, please visit auto_nag documentation.

I'm truly stumped by this. Since this is in the android widget code I'm going to move this to the GV component so it gets visibility there.

Bryan, is there someone in the GeckoView team who is familiar with the intricacies of our JNI code that can advise on this?

Component: Disability Access APIs → Core
Flags: needinfo?(brclark)
Product: Core → GeckoView
Version: unspecified → Trunk

Based on the topcrash criteria, the crash signature linked to this bug is not a topcrash signature anymore.

For more information, please visit auto_nag documentation.

dup to old bug

Status: NEW → RESOLVED
Closed: 2 years ago
Duplicate of bug: 1778039
Flags: needinfo?(brclark)
Resolution: --- → DUPLICATE
Component: Core → General
You need to log in before you can comment on or make changes to this bug.