Closed
Bug 607271
Opened 14 years ago
Closed 14 years ago
Firefox 4.0b8pre Crash Report [@ nsCOMPtr_base::assign_from_qi | nsContentUtils::CanCallerAccess ]
Categories
(Core :: General, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 605017
Tracking | Status | |
---|---|---|
blocking2.0 | --- | betaN+ |
People
(Reporter: cbook, Unassigned)
References
()
Details
(Keywords: crash, regression, Whiteboard: [crashkill])
Crash Data
Attachments
(1 file)
3.94 KB,
text/plain
|
Details |
new regression - crash in Firefox 4.0beta8pre - http://crash-stats.mozilla.com/report/list?range_value=2&range_unit=weeks&date=2010-10-26%2001%3A00%3A00&signature=nsCOMPtr_base%3A%3Aassign_from_qi%20|%20nsContentUtils%3A%3ACanCallerAccess&version=Firefox%3A4.0b8pre Mac OS 10.6.4 only crash so far. Crashing Thread Frame Module Signature [Expand] Source 0 XUL nsCOMPtr_base::assign_from_qi nsCOMPtr.cpp:47 1 XUL nsContentUtils::CanCallerAccess nsCOMPtr.h:595 2 XUL nsDOMConstructor::Create dom/base/nsDOMClassInfo.cpp:5817 3 XUL ResolvePrototype dom/base/nsDOMClassInfo.cpp:6094 4 XUL nsDOMClassInfo::PostCreatePrototype dom/base/nsDOMClassInfo.cpp:4734 5 XUL XPCWrappedNativeProto::Init js/src/xpconnect/src/xpcwrappednativeproto.cpp:143 6 XUL XPCWrappedNativeProto::GetNewOrUsed js/src/xpconnect/src/xpcwrappednativeproto.cpp:264 7 XUL XPCWrappedNative::GetNewOrUsed js/src/xpconnect/src/xpcwrappednative.cpp:541 8 XUL XPCConvert::NativeInterface2JSObject js/src/xpconnect/src/xpcconvert.cpp:1290 9 XUL XPCConvert::NativeData2JS js/src/xpconnect/src/xpcconvert.cpp:490 10 XUL nsXPCWrappedJSClass::CallMethod js/src/xpconnect/src/xpcprivate.h:3175 11 XUL PrepareAndDispatch xpcom/reflect/xptcall/src/md/unix/xptcstubs_x86_64_darwin.cpp:153 12 XUL XUL@0xd9656a 13 XUL nsEventListenerManager::HandleEventSubType content/events/src/nsEventListenerManager.cpp:1112 14 XUL nsEventListenerManager::HandleEventInternal content/events/src/nsEventListenerManager.cpp:1208 15 XUL nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventListenerManager.h:146 16 XUL nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:628 17 XUL PresShell::HandleEventInternal layout/base/nsPresShell.cpp:6926 18 XUL PresShell::HandlePositionedEvent layout/base/nsPresShell.cpp:6760 19 XUL PresShell::HandleEvent layout/base/nsPresShell.cpp:6613 20 XUL PresShell::HandleEvent layout/base/nsPresShell.cpp:6370 21 XUL nsViewManager::DispatchEvent view/src/nsViewManager.cpp:1092 22 XUL HandleEvent view/src/nsView.cpp:161 23 XUL nsChildView::DispatchEvent widget/src/cocoa/nsChildView.mm:1786 24 XUL nsChildView::DispatchWindowEvent widget/src/cocoa/nsChildView.mm:1796 25 XUL -[ChildView mouseUp:] widget/src/cocoa/nsChildView.mm:3278 26 AppKit AppKit@0x13d7ec 27 CoreFoundation CoreFoundation@0x21eca 28 CoreFoundation CoreFoundation@0x100cb 29 libSystem.B.dylib libSystem.B.dylib@0x65d3 30 CoreFoundation CoreFoundation@0x6191 31 CoreFoundation CoreFoundation@0xf876 32 CoreFoundation CoreFoundation@0x10067 33 CoreFoundation CoreFoundation@0xf6ce 34 CoreFoundation CoreFoundation@0xf876 35 CoreFoundation CoreFoundation@0xf6ce 36 libSystem.B.dylib libSystem.B.dylib@0x6b19 37 Foundation Foundation@0x5ff3 38 libobjc.A.dylib libobjc.A.dylib@0x619f 39 XUL -[ToolbarWindow sendEvent:] widget/src/cocoa/nsCocoaWindow.mm:2344 40 AppKit AppKit@0x72ee1 41 CoreFoundation CoreFoundation@0x24228 42 AppKit AppKit@0x71904 43 AppKit AppKit@0x749ff7 44 AppKit AppKit@0x749ff7 45 AppKit AppKit@0x43f09 46 CoreFoundation CoreFoundation@0x10067 47 XUL xml_namespace js/src/jsxml.cpp:5895 48 @0x4093a7ffffffffff 49 CoreFoundation CoreFoundation@0x243b4 50 AppKit AppKit@0x77e13f 51 AppKit AppKit@0x9921 52 XUL nsAppShell::Run widget/src/cocoa/nsAppShell.mm:746 53 XUL nsAppStartup::Run toolkit/components/startup/src/nsAppStartup.cpp:191 54 XUL XRE_main toolkit/xre/nsAppRunner.cpp:3682 55 firefox-bin main browser/app/nsBrowserApp.cpp:158 56 firefox-bin firefox-bin@0x1953
Reporter | ||
Updated•14 years ago
|
blocking2.0: --- → ?
Comment 1•14 years ago
|
||
is this variation of https://bugzilla.mozilla.org/show_bug.cgi?id=604449 and https://bugzilla.mozilla.org/show_bug.cgi?id=605017 ?
Updated•14 years ago
|
blocking2.0: ? → beta7+
Comment 2•14 years ago
|
||
Probably compartments fallout. Why is this blocking b7? Is it high frequency? Can we fix for b8?
Comment 3•14 years ago
|
||
fix for bug 604449 landed 2010-10-25 14:09:29 and we saw crashes from this signature in builds from the 26th, so my guess about this being related doesn't look to be correct. date tl crashes at, count build, count build, ... nsCOMPtr_base::assign_from_qi...nsContentUtils::CanCallerAccess 20101026 16 9 4.0b8pre2010102603, 6 4.0b8pre2010102503, 1 4.0b8pre2010101903, looks like this first appeared on the 14th, in builds from the 13th nsCOMPtr_base::assign_from_qi...nsContentUtils::CanCallerAccess date total breakdown by build crashes count build, count build, ... 20101019 6 5 4.0b8pre2010101903, 1 4.0b8pre2010101803, 20101018 5 3 4.0b8pre2010101803, 2 4.0b8pre2010101703, 20101017 13 6 4.0b8pre2010101703, 5 4.0b8pre2010101603, 2 4.0b8pre2010101503, 20101016 6 3 4.0b8pre2010101603, 2 4.0b8pre2010101403, 1 4.0b8pre2010101503, 20101015 6 4 4.0b8pre2010101403, 2 4.0b8pre2010101503, 20101014 7 5 4.0b8pre2010101403, 2 4.0b8pre2010101321, 20101013 20101012 none of the source lines near the top of the stack map to any recent changes but there is work going on around in the files around then. http://hg.mozilla.org/mozilla-central/log/4788083ce564/dom/base/nsDOMClassInfo.cpp and then brain transplants happend a bit later. http://hg.mozilla.org/mozilla-central/log/6c45f066ed17/js/src/xpconnect/src/xpcconvert.cpp since this is on the b7 blocker list it needs an owner, or more ideas to aleast to eveluate risk.
Comment 4•14 years ago
|
||
I am having trouble recalling why we made this block b7; it's certainly moving up the topcrash list, about 20 or so a day. I think it was because we believed it to be a variant of the other assign_from_qi crashes which were marked b7 blockers.
Comment 5•14 years ago
|
||
I don't think volume warrants blocking b7 since its only running 7-13 crashes per day. a set of sites to try and test with are: 1 http://www.youtube.com/watch?v=ux3vnQBWXqI 1 http://www.pandora.com/facebook/xd_receiver.htm#%7B%22id%22%3A24%2C%22h%22%3A%22http_client%22%2C%22sid%22%3A%220.593%2 2%2C%22t%22%3A0%7D%7B%22status%22%3A200%2C%22statusText%22%3A%22OK%22%2C%22responseText%22%3A%22%7B%5C%22error%5C%22%3A-1%2C %5C%22sessio 1 http://www.freshwap.net/6aa/dl/genghis+khan+and+the+making+of+the+modern+world 1 1 http://tomnliz.com/Livecam/weather.html 1 http://taylor.migapps.com/icinga/cgi-bin/tac.cgi 1 http://forums.macrumors.com/showthread.php?t=1035729 1 http://forums.macrumors.com/showthread.php?p=11299681#post11299681 100% mac 10.6
Comment 6•14 years ago
|
||
OK, and the signature doesn't make us think that it's indicating some extension compatibility issues?
Comment 7•14 years ago
|
||
doesn't register with high enough volume to get into the nightly addon correlation reports, but attachment shows when/where addons are present in the crash reports for 10/26. addons show up quite frequently, but not always. these are the addons that showed up most frequently out of the 16 reports from yesterday. 3 "http://addons.mozilla.org/en-US/firefox/addon/433">Flashblock</a></td> 3 "http://addons.mozilla.org/en-US/firefox/addon/1865">Adblock Plus</a></td> 3 "http://addons.mozilla.org/en-US/firefox/addon/1843">Firebug</a></td> 2 "http://addons.mozilla.org/en-US/firefox/addon/15003">Add-on Compatibility Reporter</a></td>
Comment 8•14 years ago
|
||
I spent some time trying to reproduce this today in the lab with all the sites in comment 5 and with the set of addons in Comment 7 but did not have any luck.
Comment 9•14 years ago
|
||
Moving this from blocking b7 to blocking b8. All relevant comments suggest this shouldn't block, so making that happen. We'll always have top crashes. Let's ship beta 7!
blocking2.0: beta7+ → beta8+
Comment 10•14 years ago
|
||
Thought I would update with some recent data... + 37 crashes on beta7 in the past week. + 72 crashes on the trunk in the past week. + #32 on the list of top crashes on the trunk.
Comment 11•14 years ago
|
||
Stack trace looks like this may be a dupe of bug 606421.
Comment 12•14 years ago
|
||
Bumping to beta9. Just want a quick turnaround on 8.
blocking2.0: beta8+ → beta9+
Comment 13•14 years ago
|
||
jst: can you confirm/deny comment 11 and if so, mark this as a dupe?
Comment 14•14 years ago
|
||
Yes, this is similar to bug 606421, but it's not clear to me that it's actually the same problem, so not duping, at least not yet.
Updated•14 years ago
|
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
Comment 16•14 years ago
|
||
As per today's meeting, beta 9 will be a time-based release. Marking these all betaN+. Please move it back to beta9+ if you believe it MUST be in the next beta (ie: trunk is in an unshippable state without this)
blocking2.0: beta9+ → betaN+
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ nsCOMPtr_base::assign_from_qi | nsContentUtils::CanCallerAccess ]
You need to log in
before you can comment on or make changes to this bug.
Description
•