Closed Bug 749649 Opened 13 years ago Closed 13 years ago

crash in nsIOService::SpeculativeConnect

Categories

(Core :: Networking, defect)

15 Branch
defect
Not set
critical

Tracking

()

RESOLVED FIXED
mozilla15
Tracking Status
firefox15 - verified

People

(Reporter: scoobidiver, Assigned: mcmanus)

References

Details

(Keywords: crash, regression, topcrash)

Crash Data

Attachments

(1 file)

It first appeared in 15.0a1/20120426 and is #1 top crasher in today's build. The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=75c7378c87b6&tochange=cc5254f9825f It's likely a regression from bug 723628. One comment says it happens when clicking Search Bar. Signature nsIOService::SpeculativeConnect(nsIURI*, nsIInterfaceRequestor*, nsIEventTarget*) More Reports Search UUID 23bd1685-e2c8-4e33-9256-eeffe2120427 Date Processed 2012-04-27 15:29:54 Uptime 1251 Last Crash 20.9 minutes before submission Install Age 1.3 hours since version was first installed. Install Time 2012-04-27 14:10:09 Product Firefox Version 15.0a1 Build ID 20120427030500 Release Channel nightly OS Windows NT OS Version 6.1.7600 Build Architecture x86 Build Architecture Info GenuineIntel family 6 model 23 stepping 10 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x0 App Notes AdapterVendorID: 0x1002, AdapterDeviceID: 0x9552, AdapterSubsysID: 02801025, AdapterDriverVersion: 8.960.0.0 D2D? D2D+ DWrite? DWrite+ D3D10 Layers? D3D10 Layers+ EMCheckCompatibility True Total Virtual Memory 4294836224 Available Virtual Memory 3615428608 System Memory Use Percentage 73 Available Page File 1532522496 Available Physical Memory 575987712 Frame Module Signature Source 0 xul.dll nsIOService::SpeculativeConnect netwerk/base/src/nsIOService.cpp:1289 1 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102 2 xul.dll XPCWrappedNative::CallMethod js/xpconnect/src/XPCWrappedNative.cpp:2408 3 xul.dll XPC_WN_CallMethod js/xpconnect/src/XPCWrappedNativeJSOps.cpp:1549 4 mozjs.dll js::GetPropertyOperation js/src/jsinterpinlines.h:266 5 mozjs.dll js::Interpret js/src/jsinterp.cpp:2757 6 mozjs.dll js::RunScript js/src/jsinterp.cpp:467 7 mozjs.dll js::InvokeKernel js/src/jsinterp.cpp:535 8 mozjs.dll js::Invoke js/src/jsinterp.cpp:567 9 mozjs.dll JS_CallFunctionValue js/src/jsapi.cpp:5416 10 xul.dll nsJSContext::CallEventHandler dom/base/nsJSEnvironment.cpp:1889 11 xul.dll nsJSEventListener::HandleEvent dom/src/events/nsJSEventListener.cpp:225 12 nspr4.dll PR_Now nsprpub/pr/src/md/windows/ntmisc.c:357 13 xul.dll nsHTMLParagraphElement::AddRef content/html/content/src/nsHTMLScriptElement.cpp:154 14 xul.dll nsGenericElement::QueryInterface content/base/src/nsGenericElement.cpp:5093 15 xul.dll nsXULElement::QueryInterface content/xul/content/src/nsXULElement.cpp:395 16 mozjs.dll JS_DHashTableOperate js/src/jsdhash.cpp:654 17 xul.dll nsXPConnect::AddJSHolder js/xpconnect/src/nsXPConnect.cpp:2280 18 xul.dll nsContentUtils::HoldJSObjects content/base/src/nsContentUtils.cpp:4369 19 xul.dll NS_NewJSEventListener dom/src/events/nsJSEventListener.cpp:297 20 xul.dll nsXBLEventHandler::HandleEvent content/xbl/src/nsXBLEventHandler.cpp:84 21 xul.dll nsEventListenerManager::HandleEventInternal content/events/src/nsEventListenerManager.cpp:877 22 xul.dll nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventDispatcher.cpp:372 23 xul.dll nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:684 24 xul.dll nsGlobalChromeWindow::QueryInterface dom/base/nsGlobalWindow.cpp:10280 25 xul.dll nsGenericElement::SetAttrAndNotify content/base/src/nsGenericElement.cpp:5365 26 xul.dll PresShell::HandleEventInternal layout/base/nsPresShell.cpp:6606 27 xul.dll PresShell::HandleEvent layout/base/nsPresShell.cpp:6086 28 xul.dll nsViewManager::DispatchEvent view/src/nsViewManager.cpp:908 29 xul.dll AttachedHandleEvent view/src/nsView.cpp:190 30 xul.dll nsWindow::DispatchEvent widget/windows/nsWindow.cpp:3519 31 xul.dll nsWindow::DispatchWindowEvent widget/windows/nsWindow.cpp:3545 32 xul.dll nsWindow::DispatchMouseEvent widget/windows/nsWindow.cpp:3973 33 xul.dll nsWindow::ProcessMessage widget/windows/nsWindow.cpp:4869 34 xul.dll nsWindow::WindowProcInternal widget/windows/nsWindow.cpp:4373 35 xul.dll CallWindowProcCrashProtected xpcom/base/nsCrashOnException.cpp:65 36 xul.dll nsWindow::WindowProc widget/windows/nsWindow.cpp:4315 ... Here are correlations per extension: nsIOService::SpeculativeConnect(nsIURI*, nsIInterfaceRequestor*, nsIEventTarget*)|EXCEPTION_ACCESS_VIOLATION_READ (40 crashes) 57% (23/40) vs. 0% (23/5707) leethax@leethax.net 43% (17/40) vs. 0% (20/5707) firefox-support@vworldc.com More reports at: https://crash-stats.mozilla.com/report/list?signature=nsIOService%3A%3ASpeculativeConnect%28nsIURI*%2C+nsIInterfaceRequestor*%2C+nsIEventTarget*%29
The bug here is silly and mine - see below (!handler should be !speculativeHandler). It does raise an interesting question though. nsCOMPtr<nsIProtocolHandler> handler; rv = GetProtocolHandler(scheme.get(), getter_AddRefs(handler)); if (NS_FAILED(rv)) return rv; nsCOMPtr<nsISpeculativeConnect> speculativeHandler = do_QueryInterface(handler); if (!handler) return NS_OK; return speculativeHandler->SpeculativeConnect(aURI, aCallbacks, aTarget); --- how do so many people fail to QI the httphandler into speculative connect? Is httphandler commonly replaced by some addon? (I know it can be, but I wasn't aware it was common and this bug rocketed to the top immediately on checkin of nightly.) or is there something else going on?
Assignee: nobody → mcmanus
Target Milestone: --- → mozilla15
Status: NEW → ASSIGNED
Target Milestone: mozilla15 → ---
Attached patch patch 0Splinter Review
I added ms2ger's syntax nit from https://bugzilla.mozilla.org/show_bug.cgi?id=723628#c12 while I was in there.
Attachment #619081 - Flags: review?(honzab.moz)
Crash Signature: [@ nsIOService::SpeculativeConnect(nsIURI*, nsIInterfaceRequestor*, nsIEventTarget*)] → [@ nsIOService::SpeculativeConnect(nsIURI*, nsIInterfaceRequestor*, nsIEventTarget*)] [@ nsIOService::SpeculativeConnect ]
OS: Windows 7 → All
Attachment #619081 - Flags: review?(honzab.moz) → review+
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: