Closed Bug 659904 Opened 13 years ago Closed 13 years ago

Crash [@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage**) ] mainly with AVG Safe Search, AVG Security Toolbar or Webmynd's Search Tabs

Categories

(Core :: DOM: Core & HTML, defect)

x86
Windows 7
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 646184

People

(Reporter: scoobidiver, Unassigned)

Details

(Keywords: crash, regression)

Crash Data

It is #17 top crasher in 5.0b2 and beyond #300 top crasher in 4.0.1.

Signature	nsGlobalWindow::GetLocalStorage(nsIDOMStorage**)
UUID	4e20f677-caf7-448c-8768-fb1042110525
Uptime	
Last Crash	2577786 seconds (4.3 weeks) before submission
Install Age	78632 seconds (21.8 hours) since version was first installed.
Install Time	2011-05-24 20:03:39
Product	Firefox
Version	5.0
Build ID	20110517192056
Release Channel	beta
Branch	2.2
OS	Windows NT
OS Version	6.1.7229
CPU	x86
CPU Info	GenuineIntel family 6 model 15 stepping 13
Crash Reason	EXCEPTION_ACCESS_VIOLATION_READ
Crash Address	0x0
App Notes 	AdapterVendorID: 10de, AdapterDeviceID: 01d1, AdapterDriverVersion: 8.17.12.5896
D2D? D2D-
D3D10 Layers? D3D10 Layers-
D3D9 Layers? D3D9 Layers+

Frame 	Module 	Signature [Expand] 	Source
0 	xul.dll 	nsGlobalWindow::GetLocalStorage 	dom/base/nsGlobalWindow.cpp:7987
1 	xul.dll 	NS_InvokeByIndex_P 	xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102
2 	xul.dll 	XPC_WN_GetterSetter 	js/src/xpconnect/src/xpcwrappednativejsops.cpp:1660
3 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:679
4 	mozjs.dll 	js::ExternalInvoke 	js/src/jsinterp.cpp:839
5 	mozjs.dll 	js::JSProxyHandler::get 	js/src/jsproxy.cpp:131
6 	xul.dll 	xpc::XrayWrapper<JSCrossCompartmentWrapper>::get 	js/src/xpconnect/wrappers/XrayWrapper.cpp:781
7 	mozjs.dll 	js::proxy_GetProperty 	js/src/jsproxy.cpp:921
8 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:4147
9 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:716
10 	mozjs.dll 	js_fun_apply 	js/src/jsfun.cpp:2201
11 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:4727
12 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:716
13 	mozjs.dll 	js_fun_apply 	js/src/jsfun.cpp:2201
14 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:4727
15 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:716
16 	mozjs.dll 	js_fun_apply 	js/src/jsfun.cpp:2201
17 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:4727
18 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:716
19 	mozjs.dll 	js_fun_apply 	js/src/jsfun.cpp:2201
20 	mozjs.dll 	js::Interpret 	js/src/jsinterp.cpp:4727
21 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:716
22 	mozjs.dll 	JS_CallFunctionValue 	js/src/jsapi.cpp:5153
23 	xul.dll 	nsXPCWrappedJSClass::CallMethod 	js/src/xpconnect/src/xpcwrappedjsclass.cpp:1667
24 	xul.dll 	nsXPCWrappedJS::CallMethod 	js/src/xpconnect/src/xpcwrappedjs.cpp:586
25 	xul.dll 	PrepareAndDispatch 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:114
26 	xul.dll 	SharedStub 	xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:141
27 	xul.dll 	nsDOMEventListenerWrapper::HandleEvent 	content/events/src/nsDOMEventTargetHelper.cpp:65
28 	xul.dll 	nsEventListenerManager::HandleEventSubType 	content/events/src/nsEventListenerManager.cpp:1136 

Correlations by add-on give:
     94% (29/31) vs.   1% (89/14275) webmynd@yourentirelife.com (WebMynd - A better way to search, https://addons.mozilla.org/addon/6416) (1.4)
This extension is marked as compatible for Firefox 5.0.

More reports at:
https://crash-stats.mozilla.com/report/list?signature=nsGlobalWindow%3A%3AGetLocalStorage%28nsIDOMStorage**%29
Crash Signature: [@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage**) ]
https://addons.mozilla.org/de/firefox/addon/the-search-sidebar-by-webmynd/ says this is compatible with 6.* which smells a lot like it was automatically marked as compatible. (No good way to detect this, right?)
As all those crashes are with 5.0 so far, but it's significant frequency there, I think it would be best to scale this back to only being compatible with 4.0.* maximum and perhaps notify the author so he can work on making a compatible version?
Adding Webmynd contacts on Bugzilla. Amir, James, are you aware of this problem? Any fixes coming up?
We weren't, thanks Jorge. We're working on a fix along with some other changes and will push an update in the next couple of weeks.
This is the #15 topcrash in 5.0 on yesterday's data, with Webmynd only being installed in 20% of the cases. Do we need another bug for the other cases? Could there be a common source, perhaps a real bug on our side, behind this?
I wish we had working crash-stat, which would link from
source line to hg/mxr. That would tell immediately what is crashing and
where.
Top 5.0 correlations per extension are now:
59% (339/575) vs.   7% (7286/107977) {1E73965B-8B48-48be-9C8D-68B920ABC1C4}
21% (121/575) vs.   0% (233/107977) webmynd@yourentirelife.com (WebMynd - A better way to search, https://addons.mozilla.org/addon/6416)
22% (129/575) vs.   4% (4363/107977) avg@igeared
Summary: Crash [@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage**) ] mainly with Webmynd's Search Tabs → Crash [@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage**) ] mainly with AVG Safe Search, AVG Security Toolbar or Webmynd's Search Tabs
Seen only on 5.0/5.0.1.

Looks like it is here:
http://hg.mozilla.org/releases/mozilla-release/file/799b500d0cc4/dom/base/nsGlobalWindow.cpp#l7987 (found though this report: https://crash-stats.mozilla.com/report/index/f668bf2f-86f3-45d0-a66e-7fcd12110719)

It seems like mDocument is null.  Isn't this another regression or more likely a dup of bug 646184 that has been fixed on mozilla6 ?
(In reply to comment #5)
> I wish we had working crash-stat, which would link from
> source line to hg/mxr. That would tell immediately what is crashing and
> where.

FYI, bug 665986 will fix that when the next release goes into production, I think that's still planned to be later this week.
> Isn't this another regression or more likely a dup of bug 646184

Based on the crash address (0x0) and the line there, looks like a duplicate of bug 646184 to me.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.