crash [@ _ZN7android2spINS_13GraphicBufferEED1Ev] with Samsung Galaxy S2

NEW
Unassigned

Status

()

P1
critical
7 years ago
7 years ago

People

(Reporter: nhirata, Unassigned)

Tracking

({crash})

13 Branch
ARM
Android
crash
Points:
---

Firefox Tracking Flags

(firefox12 affected, firefox13 affected)

Details

(Whiteboard: [native-crash], mwc-demo, crash signature)

This bug was filed from the Socorro interface and is 
report bp-54672bb3-82d8-4df4-aa67-c88382120207 .
============================================================= 
0 		@0x150740 	
1 	libsurfaceflinger_client.so 	_ZN7android2spINS_13GraphicBufferEED1Ev 	
2 	libsurfaceflinger_client.so 	_ZN7android7Surface10lockBufferEP23android_native_buffer_t 	
3 	libsurfaceflinger_client.so 	_ZN7android7Surface10lockBufferEP13ANativeWindowP23android_native_buffer_t 	
4 	libEGL_mali.so 	libEGL_mali.so@0x6776 	
5 	libEGL_mali.so 	libEGL_mali.so@0x15eda 	
6 	libEGL_mali.so 	libEGL_mali.so@0xc97e 	
7 	libEGL_mali.so 	libEGL_mali.so@0xed6e 	
8 	libEGL_mali.so 	libEGL_mali.so@0x12f7a 	
9 	libEGL_mali.so 	libEGL_mali.so@0x12f26 	
10 	libEGL_mali.so 	libEGL_mali.so@0x12f26 	
11 	libc.so 	__thread_entry 	
12 	libc.so 	pthread_create


1. Ran into this after the phone had gone to sleep (after playing around with aurora a lot) and going to "about:"

I can't seem to repro.

Samsung Galaxy S2, 2.3.3 , 2012-02-06 build

Comment 1

7 years ago
There have been 7 crashes, all with Samsung Galaxy S2 (GT-I9100).
It first appeared in 12.0a1/20111223.

More reports at:
https://crash-stats.mozilla.com/report/list?signature=_ZN7android2spINS_13GraphicBufferEED1Ev
status-firefox12: --- → affected
status-firefox13: --- → affected
Summary: crash [@ _ZN7android2spINS_13GraphicBufferEED1Ev] → crash [@ _ZN7android2spINS_13GraphicBufferEED1Ev] with Samsung Galaxy S2
I wonder if this is related to bug 711751?
I also wonder if the cyanogen mod would be the reason for the munged data?
What do you mean by "munged data"?

The top frame here (that's not a bare address) is android::sp<android::GraphicBuffer>::~sp() when demangled. The top frame of bug 711751 is android::GraphicBuffer::~GraphicBuffer(). They're both destructors, but I don't know what the android::sp thing is. Some kind of RAII stack class?
"munged data" = mangled data.  I am not sure about the android::sp thing.

Updated

7 years ago
Crash Signature: [@ _ZN7android2spINS_13GraphicBufferEED1Ev] → [@ _ZN7android2spINS_13GraphicBufferEED1Ev] [@ @0x0 | _ZN7android2spINS_13GraphicBufferEED1Ev]

Comment 5

7 years ago
I see the mali driver in the stack, and as you say this is CM, I wonder if that's the reverse-engineered open one - if so, I hear that one is not completely stable yet, maybe it's the actual cause of what you are seeing.
tracking-fennec: --- → ?

Updated

7 years ago
Priority: -- → P1

Updated

7 years ago
tracking-fennec: ? → ---
Ran into this issue again on the Samsung Galaxy S II:
had 9 tabs open :
6 tabs open to all the links from http://www.paulrouget.com/mwc-demos/
1 to about: home
1 open to the http://www.paulrouget.com/mwc-demos/webapis
1 front page open to http://paulrouget.com/mwc-demos/maple.html

I had the phone asleep and then woke it; I was tilting the phone in various directions and eventually crashed.
Whiteboard: [native-crash] → [native-crash], mwc-demo
You need to log in before you can comment on or make changes to this bug.