Open Bug 1869084 Opened 2 years ago Updated 3 months ago

Crash in [@ JS::RealmCreationOptions::profilerRealmID]

Categories

(Core :: Gecko Profiler, defect, P3)

Product:
Core
Component:
Gecko Profiler
Type:
defect

Tracking

()

Status:
REOPENED

People

(Reporter: mccr8, Unassigned)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/f1557067-a165-45c6-9b4e-336a60231003

Reason: SIGSEGV / SEGV_MAPERR

Top 10 frames of crashing thread:

0  libxul.so  JS::RealmCreationOptions::profilerRealmID const  js/public/RealmOptions.h:283
0  libxul.so  js::jit::IonEntry::lookupRealmID const  js/src/jit/JitcodeMap.cpp:111
1  libxul.so  JS::ProfiledFrameHandle::realmID const  js/src/jit/JitcodeMap.cpp:1120
1  libxul.so  StreamJITFrame  tools/profiler/core/ProfileBufferEntry.cpp:554
1  libxul.so  JSONForJITFrame  tools/profiler/core/ProfileBufferEntry.cpp:578
1  libxul.so  JITFrameInfo::AddInfoForRange const  tools/profiler/core/ProfileBufferEntry.cpp:620
1  libxul.so  std::_Function_handler<void   /builds/worker/fetches/sysroot-x86_64-linux-gnu/usr/include/c++/8/bits/std_function.h:297
2  libxul.so  std::function<void  const  /builds/worker/fetches/sysroot-x86_64-linux-gnu/usr/include/c++/8/bits/std_function.h:687
2  libxul.so  ProfileBuffer::AddJITInfoForRange const  tools/profiler/core/ProfileBufferEntry.cpp:1575
3  libxul.so  mozilla::ProfileChunkedBuffer::Read<ProfileBuffer::AddJITInfoForRange const  mozglue/baseprofiler/public/ProfileChunkedBuffer.h:652

4 crashes in the last 6 months, so it is very low volume. Some kind of null deref crash.

The signature looks generic, but all of the crashes are on the GatherProfileThread thread.

Severity: -- → S3
Priority: -- → P3

I got this crash today: https://crash-stats.mozilla.org/report/index/cad24a30-2d3e-417f-8e44-8d1f70240615#tab-bugzilla
I was profiling a js/canvas demo at https://www.fxhash.xyz/generative/slug/industrial-devolution-1 . The collecting phase of the profile got over and when i clicked to "analyse" the profile, I got this crash.

Closing because no crashes reported for 12 weeks.

Status: NEW → RESOLVED
Closed: 9 months ago
Resolution: --- → WORKSFORME

Got a crash today: https://crash-stats.mozilla.org/report/index/895339a6-c2f4-43b3-8bda-8454b0250207#tab-bugzilla
tentatively reopening.

Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
You need to log in before you can comment on or make changes to this bug.