Closed Bug 606173 Opened 13 years ago Closed 13 years ago

Firefox crashes [@ xpc::ResolveNativeProperty ]

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
blocking2.0 --- betaN+

People

(Reporter: ryanli, Assigned: mrbkap)

Details

User-Agent:       Mozilla/5.0 (X11; Linux i686; rv:2.0b8pre) Gecko/20101021 Firefox/4.0b8pre
Build Identifier: Mozilla/5.0 (X11; Linux i686; rv:2.0b8pre) Gecko/20101021 Firefox/4.0b8pre

Firefox crashes when I opened a page at http://www.ht-world.org/.
No special action was taken thus no way to reproduce.

Reproducible: Couldn't Reproduce




bp-27ad797a-563f-43e0-8a1d-46bc72101021

Signature	xpc::ResolveNativeProperty
UUID	27ad797a-563f-43e0-8a1d-46bc72101021
Time 	2010-10-21 06:08:50.14666
Uptime	3288
Last Crash	34343 seconds (9.5 hours) before submission
Install Age	35085 seconds (9.7 hours) since version was first installed.
Product	Firefox
Version	4.0b8pre
Build ID	20101020104642
Branch	2.0
OS	Linux
OS Version	0.0.0 Linux 2.6.34-gentoo-r6 #15 SMP Mon Oct 18 10:21:00 CST 2010 i686
CPU	x86
CPU Info	GenuineIntel family 6 model 37 stepping 2
Crash Reason	SIGSEGV
Crash Address	0x6a
User Comments	
Processor Notes 	This dump is too long and has triggered the automatic truncation routine
EMCheckCompatibility	False
Ryan Li, do you recall which page?  I assume just loading that page again doesn't crash?
This is crashing on:

   219    if (NATIVE_HAS_FLAG(wn, WantNewResolve)) {

in ResolveNativeProperty in XRayWrapper.cpp.
Status: UNCONFIRMED → NEW
blocking2.0: --- → ?
Component: General → XPConnect
Ever confirmed: true
QA Contact: general → xpconnect
The 0x6a confuses me.

On 32-bit, as here, mScriptableInfo is at 0x1c in wn.  And we null-check GetScriptableInfo().  And mFlags is at offset 0 in XPCNativeScriptableShared....

So the only way I see for this to be crashing on 0x6a is if the original wn is bogus or something.
It's on http://www.ht-world.org/china/scoutplayers.php?language=2, and not reproducible….
I just had a similar crash, reported as
http://crash-stats.mozilla.com/report/index/268fac83-61d1-4f75-b3ec-d91a32101028

Firefox window was in the background, so there was no navigation or user interaction involved. I think Gmail just received a new mail.
We should look at this for 2.0, but no need to worry about this for beta7 IMO. Blake, can you look into this?
Assignee: nobody → mrbkap
blocking2.0: ? → betaN+
just had a crash after closing the active tab.

http://crash-stats.mozilla.com/report/index/bp-581d2054-468a-4c08-af35-d6b032101109

strangely quite a few crashes in the last month happened while/after clicking the close-tab button, most with different signatures.
checking --- xpc::ResolveNativeProperty 20101213-crashdata.csv
found in: 4.0b7
release total-crashes
              xpc::ResolveNativeProperty crashes
                         pct.
all     338233  55      0.00016261
4.0b7   42486   55      0.00129454

os breakdown
xpc::ResolveNativePropertyTotal 55
Win5.1  0.20
Win6.0  0.05
Win6.1  0.45

addons_checked
   8 [unknown]
  47 checked

pretty disperse set of URLs at time of crash

domains of sites
   7 \N//
   3 http://www.facebook.com
   2 https://docs.google.com
   2 http://www.pornhub.com
   1 wyciwyg://24
   1 https://ngn.embit.ro
   1 http://www.tomshardware.com
   1 http://www.teachparentstech.org
   1 http://www.supermedia.com
   1 http://www.sports.ru
   1 http://www.rememberthemilk.com
   1 http://www.planetromeo.com
   1 http://www.onsemi.com
   1 http://www.locabest.fr
   1 http://www.ftvgirlshardcore.com
   1 http://www.eyewonderlabs.com
   1 http://www.etsy.com
   1 http://www.etotheipiplusone.net
   1 http://www.downloadhelper.net
   1 http://www.dn.se
   1 http://www.crossfitla.com
   1 http://www.colegiosantaemilia.com.br
   1 http://www.civilization5.com
   1 http://www.chinanews.com.cn
   1 http://www.celebmovie.com
   1 http://www.buienradar.nl
   1 http://www.bittorrent.am
   1 http://www.barclayswealth.com
   1 http://www.appbrain.com
   1 http://www.anbsoft.com
   1 http://veehd.com
   1 http://tariffe.tomshw.it
   1 http://sourceforge.net
   1 http://scripts.spamsys.osa.pl
   1 http://sbsla99bj39.shareadult.com
   1 http://ru.wikipedia.org
   1 http://msk-00-hdi.tsretail.ru
   1 http://market.yandex.ru
   1 http://gawkermedia.us2.list-manage.com
   1 http://forum.phpwcms.org
   1 http://feedburner.google.com
   1 http://eu.battle.net
   1 http://divxlain.3dn.ru
   1 http://delivery.trafficjunky.net
   1 http://d33.lewap.cn
Chofmann, I don't see a single crash with this signature after beta7 in the last week. It would be nice to know when this stopped occurring, if you have data that shows the last day we saw this crash that'd be good to get into this bug. Crash-stats isn't cooperating atm, can't seem to see past
Either way, this appears fixed.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 9 was supposed to end with ...past 3 weeks.
You need to log in before you can comment on or make changes to this bug.