Closed
Bug 813945
Opened 13 years ago
Closed 7 years ago
OOM crash in XPCWrappedNative::GetAttribute with DataMngrHlpFF17.dll
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
INACTIVE
Tracking | Status | |
---|---|---|
firefox17 | - | --- |
People
(Reporter: scoobidiver, Unassigned)
References
Details
(Keywords: crash)
Crash Data
It's currently #10 top browser crasher in 17.0.
A manual check of crash reports shows a correlation to the DataMngr extension and DataMngrHlpFF17.dll.
It's similar to bug 812307.
Signature mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | XPCWrappedNative::GetAttribute(XPCCallContext&) More Reports Search
UUID 874ffef6-4e83-4fe9-83fa-471802121121
Date Processed 2012-11-21 08:44:22
Uptime 20
Last Crash 22 seconds before submission
Install Age 12.0 hours since version was first installed.
Install Time 2012-11-20 20:43:07
Product Firefox
Version 17.0
Build ID 20121119183901
Release Channel release
OS Windows NT
OS Version 5.1.2600 Service Pack 2
Build Architecture x86
Build Architecture Info GenuineIntel family 6 model 23 stepping 10
Crash Reason EXCEPTION_BREAKPOINT
Crash Address 0x11a1988
App Notes
AdapterVendorID: 0x1002, AdapterDeviceID: 0x954f, AdapterSubsysID: 24621682, AdapterDriverVersion: 8.582.0.0
D3D10 Layers? D3D10 Layers- D3D9 Layers? D3D9 Layers-
EMCheckCompatibility True
Adapter Vendor ID 0x1002
Adapter Device ID 0x954f
Total Virtual Memory 2147352576
Available Virtual Memory 1938837504
System Memory Use Percentage 57
Available Page File 2060955648
Available Physical Memory 450621440
OOMAllocationSize 12
Frame Module Signature Source
0 mozalloc.dll mozalloc_abort memory/mozalloc/mozalloc_abort.cpp:23
1 mozalloc.dll mozalloc_handle_oom memory/mozalloc/mozalloc_oom.cpp:27
2 mozalloc.dll moz_xmalloc memory/mozalloc/mozalloc.cpp:59
3 xul.dll XPCWrappedNative::GetAttribute js/xpconnect/src/xpcprivate.h:2823
4 xul.dll XPC_WN_GetterSetter js/xpconnect/src/XPCWrappedNativeJSOps.cpp:1526
5 xul.dll nsXPConnect::GetXPConnect js/xpconnect/src/nsXPConnect.cpp:139
6 xul.dll XPC_WN_NoHelper_Resolve js/xpconnect/src/XPCWrappedNativeJSOps.cpp:690
7 mozjs.dll js::mjit::ic::GetProp js/src/methodjit/PolyIC.cpp:2020
8 mozjs.dll js::InvokeKernel js/src/jsinterp.cpp:363
9 mozjs.dll js::Invoke js/src/jsinterp.cpp:396
10 mozjs.dll JS_CallFunctionValue js/src/jsapi.cpp:5846
11 xul.dll nsXPCWrappedJSClass::CallMethod js/xpconnect/src/XPCWrappedJSClass.cpp:1442
12 xul.dll nsXPCWrappedJS::CallMethod js/xpconnect/src/XPCWrappedJS.cpp:580
13 xul.dll PrepareAndDispatch xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:85
14 xul.dll SharedStub xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp:112
15 xul.dll nsObserverService::NotifyObservers xpcom/ds/nsObserverService.cpp:149
16 DataMngrHlpFF17.dll DataMngrHlpFF17.dll@0x9fa4
17 DataMngrHlpFF17.dll DataMngrHlpFF17.dll@0x5879
...
More reports at:
https://crash-stats.mozilla.com/report/list?signature=mozalloc_abort%28char+const*+const%29+|+mozalloc_handle_oom%28unsigned+int%29+|+moz_xmalloc+|+XPCWrappedNative%3A%3AGetAttribute%28XPCCallContext%26%29
Reporter | ||
Updated•13 years ago
|
Crash Signature: [@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | XPCWrappedNative::GetAttribute(XPCCallContext&)] → [@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | XPCWrappedNative::GetAttribute(XPCCallContext&)]
[@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | XPCWrappedNative::FindTearO…
Reporter | ||
Updated•13 years ago
|
Crash Signature: XPCWrappedNative::FindTearOff(XPCCallContext&, XPCNativeInterface*, int, unsigned int*)] → XPCWrappedNative::FindTearOff(XPCCallContext&, XPCNativeInterface*, int, unsigned int*)]
[@ mozalloc_abort(char const* const) | mozalloc_handle_oom(unsigned int) | moz_xmalloc | XPCConvert::JSData2Native(XPCCallContext&, void*, JS::Value nsXPTType const&…
Updated•13 years ago
|
Comment 1•13 years ago
|
||
We've reached out to Bandoo, are attempting to reproduce internally, and are exploring blocklisting the DataMngr add-on in bug 812456.
I've included some xpconnect experts to see if they can take a look at this stack and suggest any changes that we could make to Firefox to guard against this crash.
Comment 2•13 years ago
|
||
I've we're crashing in infallible malloc then either some prior operation is causing us to allocate way too much memory, or the heap is corrupted. Either way, not much we can do about it on the XPConnect end.
Comment 3•13 years ago
|
||
These are all small allocations (12 bytes?) and I looked at a few crash reports and they didn't seem to have a particularly huge amount of memory used, so it seems likely this is being caused by some kind of memory corruption.
Comment 4•13 years ago
|
||
This is almost certainly a dupe of 812307, which involves various crashes in jemalloc with this same addon.
Reporter | ||
Comment 5•13 years ago
|
||
It's #36 top browser crasher w/o hangs in 17.0 so no longer a top crasher.
Keywords: topcrash
Updated•13 years ago
|
Updated•10 years ago
|
Crash Signature: , nsXPTType const&, int, nsID const*, unsigned int*)] → , nsXPTType const&, int, nsID const*, unsigned int*)]
[@ mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | XPCWrappedNative::GetAttribute]
[@ mozalloc_abort | mozalloc_handle_oom | moz_xmalloc | XPCWrappedNative::FindTearOff]
[@ mozalloc_abort | moz…
Comment 6•7 years ago
|
||
Per policy at https://wiki.mozilla.org/Bug_Triage/Projects/Bug_Handling/Bug_Husbandry#Inactive_Bugs. If this bug is not an enhancement request or a bug not present in a supported release of Firefox, then it may be reopened.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INACTIVE
You need to log in
before you can comment on or make changes to this bug.
Description
•