Closed
Bug 856653
Opened 11 years ago
Closed 6 years ago
crash in mozilla::dom::PBrowserParent::SendSetAppType
Categories
(Core :: DOM: Core & HTML, defect, P5)
Tracking
()
RESOLVED
INVALID
People
(Reporter: nhirata, Unassigned)
Details
(Keywords: crash, Whiteboard: [b2g-crash])
Crash Data
Attachments
(1 file)
|
526.04 KB,
application/octet-stream
|
Details |
This bug was filed from the Socorro interface and is report bp-ead717c2-1280-4f54-a3c2-daee12130326 . ============================================================= Frame Module Signature Source 0 libxul.so mozilla::dom::PBrowserParent::SendSetAppType ipc_message.h:148 1 libxul.so mozilla::dom::ContentParent::CreateBrowserOrApp ContentParent.cpp:521 2 libxul.so nsFrameLoader::TryRemoteBrowser nsFrameLoader.cpp:2049 3 libxul.so nsFrameLoader::ShowRemoteFrame nsFrameLoader.cpp:922 4 libxul.so nsFrameLoader::Show nsFrameLoader.cpp:822 5 libxul.so nsSubDocumentFrame::ShowViewer nsSubDocumentFrame.cpp:222 6 libxul.so AsyncFrameInit::Run nsSubDocumentFrame.cpp:111 7 libxul.so nsContentUtils::RemoveScriptBlocker nsContentUtils.cpp:5021 8 libxul.so nsAutoScriptBlocker::~nsAutoScriptBlocker nsContentUtils.h:2293 9 libxul.so PresShell::FlushPendingNotifications nsPresShell.cpp:3872 10 libxul.so PresShell::FlushPendingNotifications nsPresShell.cpp:3757 11 libxul.so nsDocument::FlushPendingNotifications nsDocument.cpp:6547 12 libxul.so nsFocusManager::CheckIfFocusable nsFocusManager.cpp:1452 13 libxul.so nsFocusManager::SetFocusInner nsFocusManager.cpp:1094 14 libxul.so nsFocusManager::SetFocus nsFocusManager.cpp:458 15 libxul.so nsGenericHTMLElement::Focus nsGenericHTMLElement.cpp:3813 16 libxul.so nsIDOMHTMLElement_DOMFocus dom_quickstubs.cpp:14451 17 libxul.so js::InvokeKernel jscntxtinlines.h:364 18 libxul.so js::Interpret jsinterp.cpp:2475 19 libxul.so js::RunScript jsinterp.cpp:324 20 libxul.so js::Invoke jsinterp.cpp:378 21 libxul.so JS_CallFunctionValue jsapi.cpp:5893 22 libxul.so nsXPCWrappedJSClass::CallMethod XPCWrappedJSClass.cpp:1432 23 libxul.so nsXPCWrappedJS::CallMethod XPCWrappedJS.cpp:580 24 libxul.so PrepareAndDispatch xptcstubs_arm.cpp:105 25 libxul.so libxul.so@0xa8a4b7 26 libxul.so nsEventListenerManager::HandleEventSubType nsEventListenerManager.cpp:889 27 libxul.so nsEventListenerManager::HandleEventInternal nsEventListenerManager.cpp:962 28 libxul.so nsEventTargetChainItem::HandleEvent nsEventListenerManager.h:144 29 libxul.so nsEventTargetChainItem::HandleEventTargetChain nsEventDispatcher.cpp:339 30 libxul.so nsEventDispatcher::Dispatch nsEventDispatcher.cpp:634 31 libxul.so nsEventDispatcher::DispatchDOMEvent nsEventDispatcher.cpp:694 32 libxul.so nsINode::DispatchEvent nsINode.cpp:1078 33 libxul.so NS_InvokeByIndex_P xptcinvoke_arm.cpp:160 34 libxul.so XPCWrappedNative::CallMethod XPCWrappedNative.cpp:3084 35 libxul.so XPC_WN_CallMethod XPCWrappedNativeJSOps.cpp:1469 36 libxul.so js::InvokeKernel jscntxtinlines.h:364 37 libxul.so js::Interpret jsinterp.cpp:2475 38 libxul.so js::RunScript jsinterp.cpp:324 39 libxul.so js::Invoke jsinterp.cpp:378 40 libxul.so JS_CallFunctionValue jsapi.cpp:5893 41 libxul.so nsXPCWrappedJSClass::CallMethod XPCWrappedJSClass.cpp:1432 42 libxul.so nsXPCWrappedJS::CallMethod XPCWrappedJS.cpp:580 43 libxul.so PrepareAndDispatch xptcstubs_arm.cpp:105 44 libxul.so libxul.so@0xa8a4b7 45 libxul.so nsObserverList::NotifyObservers nsObserverList.cpp:99 46 libxul.so nsObserverService::NotifyObservers nsObserverService.cpp:149 47 libxul.so mozilla::dom::TabParent::ActorDestroy TabParent.cpp:163 48 libxul.so mozilla::dom::PBrowserParent::DestroySubtree PBrowserParent.cpp:2150 49 libxul.so mozilla::dom::PContentParent::DestroySubtree PContentParent.cpp:3401 50 libxul.so mozilla::dom::PContentParent::OnChannelError PContentParent.cpp:3236 51 libxul.so mozilla::ipc::AsyncChannel::NotifyMaybeChannelError AsyncChannel.cpp:549 52 libxul.so mozilla::ipc::AsyncChannel::OnNotifyMaybeChannelError AsyncChannel.cpp:514 53 libxul.so RunnableMethod<IPC::ChannelProxy::Context, void , Tuple0>::Run tuple.h:383 54 libxul.so MessageLoop::RunTask message_loop.cc:334 55 libxul.so MessageLoop::DeferOrRunPendingTask message_loop.cc:342 56 libxul.so MessageLoop::DoWork message_loop.cc:442 57 libxul.so mozilla::ipc::DoWorkRunnable::Run MessagePump.cpp:42 58 libxul.so nsThread::ProcessNextEvent nsThread.cpp:620 59 libxul.so NS_ProcessNextEvent_P nsThreadUtils.cpp:237 60 libxul.so mozilla::ipc::MessagePump::Run MessagePump.cpp:117 61 libxul.so MessageLoop::RunInternal message_loop.cc:216 62 libxul.so MessageLoop::Run message_loop.cc:209 63 libxul.so nsBaseAppShell::Run nsBaseAppShell.cpp:163 64 libxul.so nsAppStartup::Run nsAppStartup.cpp:290 65 libxul.so XREMain::XRE_mainRun nsAppRunner.cpp:3794 66 libxul.so XREMain::XRE_main nsAppRunner.cpp:3860 67 libxul.so XRE_main nsAppRunner.cpp:3935 68 b2g main nsBrowserApp.cpp:164 69 libc.so __libc_init libc_init_dynamic.c:114 70 libc.so __cxa_atexit atexit.c:99 71 @0xbeae3d45
|
Reporter | |
Comment 1•11 years ago
|
||
Looks like one person hit this over and over again.
OS: Android → Gonk (Firefox OS)
Hardware: All → ARM
|
|
Reporter | |
Updated•11 years ago
|
Crash Signature: [@ mozilla::dom::PBrowserParent::SendSetAppType] → [@ mozilla::dom::PBrowserParent::SendSetAppType]
[@ mozilla::dom::PBrowserParent::SendSetAppType ]
|
||
Updated•11 years ago
|
Component: Gaia → DOM
Product: Boot2Gecko → Core
Version: unspecified → Trunk
|
|
Reporter | |
Updated•11 years ago
|
Version: Trunk → 18 Branch
|
|
Reporter | |
Comment 2•11 years ago
|
||
Looking at this, I think this might have been from automation?
I don't understand, why do you think this is automation related?
Flags: needinfo?(nhirata.bugzilla)
|
|
Reporter | |
Comment 4•11 years ago
|
||
Oops. relooked at the crash, I misinterpreted the number of crashes/dups... the stack was reprocessed 15 times, instead of getting 15 crashes from the same device. My mistake. https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Adom%3A%3APBrowserParent%3A%3ASendSetAppType
Flags: needinfo?(nhirata.bugzilla)
|
||
Updated•11 years ago
|
Whiteboard: [b2g-crash]
|
||
Comment 5•11 years ago
|
||
|
|
||
Comment 6•11 years ago
|
||
tara base on unagi weekly build 13.04.10, also has the same crash report.
|
|
||
Comment 7•11 years ago
|
||
Operating system: Android
0.0.0 Linux 3.0.8 #1 PREEMPT Thu Apr 18 14:39:12 CST 2013 armv7l
CPU: arm
0 CPUs
Crash reason: SIGSEGV
Crash address: 0x10
Thread 0 (crashed)
0 libxul.so!mozilla::dom::PBrowserParent::SendSetAppType [ipc_message.h : 148 + 0x2]
r4 = 0x48be0fa0 r5 = 0x00000000 r6 = 0x0005003f r7 = 0x00000000
r8 = 0xbe963168 r9 = 0x00000003 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963138 lr = 0x413fbc7f pc = 0x412f32fa
Found by: given as instruction pointer in context
1 libxul.so!mozilla::dom::ContentParent::CreateBrowserOrApp [ContentParent.cpp : 518 + 0x7]
r4 = 0xbe963168 r5 = 0x473b38d0 r6 = 0x00000000 r7 = 0x40e22279
r8 = 0x00000000 r9 = 0x00000003 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963160 pc = 0x412b6d45
Found by: call frame info
2 libxul.so!nsFrameLoader::TryRemoteBrowser [nsFrameLoader.cpp : 2049 + 0x7]
r4 = 0x473a35b0 r5 = 0x41c886c4 r6 = 0x00000000 r7 = 0x00000000
r8 = 0x00000000 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe9632f0 pc = 0x40e1cbb5
Found by: call frame info
3 libxul.so!nsFrameLoader::ReallyStartLoadingInternal [nsFrameLoader.cpp : 424 + 0x3]
r4 = 0x473a35b0 r5 = 0x473a35b0 r6 = 0x40449ea8 r7 = 0x80004005
r8 = 0x00000001 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963428 pc = 0x40e1e6f9
Found by: call frame info
4 libxul.so!nsFrameLoader::ReallyStartLoading [nsFrameLoader.cpp : 404 + 0x3]
r4 = 0x40449c00 r5 = 0x473a35b0 r6 = 0x40449ea8 r7 = 0x00000000
r8 = 0x40449ea8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe9634f0 pc = 0x40e1e881
Found by: call frame info
5 libxul.so!nsDocument::MaybeInitializeFinalizeFrameLoaders [nsDocument.cpp : 5657 + 0x5]
r4 = 0x40449c00 r5 = 0x473a35b0 r6 = 0x40449ea8 r7 = 0x00000000
r8 = 0x40449ea8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963500 pc = 0x40e1882f
Found by: call frame info
6 libxul.so!nsRunnableMethodImpl<nsrefcnt (mozilla::dom::workers::DOMBindingBase::*)(), false>::Run [nsThreadUtils.h : 366 + 0x5]
r4 = 0xbe96352c r5 = 0x00000000 r6 = 0xbe963544 r7 = 0x00000000
r8 = 0x40449ea8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963520 pc = 0x40c08a7d
Found by: call frame info
7 libxul.so!nsContentUtils::AddScriptRunner [nsContentUtils.cpp : 5056 + 0x5]
r4 = 0xbe96352c r5 = 0x00000000 r6 = 0xbe963544 r7 = 0x00000000
r8 = 0x40449ea8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963528 pc = 0x40df8c5f
Found by: call frame info
8 libxul.so!nsDocument::InitializeFrameLoader [nsDocument.cpp : 5603 + 0x3]
r4 = 0x40449c00 r5 = 0x00000000 r6 = 0xbe963544 r7 = 0x00000000
r8 = 0x40449ea8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963540 pc = 0x40e0e219
Found by: call frame info
9 libxul.so!nsFrameLoader::LoadURI [nsFrameLoader.cpp : 394 + 0x9]
r4 = 0x00000000 r5 = 0x473a35b0 r6 = 0x48d36c90 r7 = 0x00000000
r8 = 0x473a35c8 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963568 pc = 0x40e1e35d
Found by: call frame info
10 libxul.so!nsFrameLoader::LoadFrame [nsFrameLoader.cpp : 358 + 0x9]
r4 = 0x473a35b0 r5 = 0xbe963630 r6 = 0x4377edc8 r7 = 0x00000000
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963588 pc = 0x40e1d5ff
Found by: call frame info
11 libxul.so!nsGenericHTMLFrameElement::LoadSrc [nsGenericHTMLFrameElement.cpp : 159 + 0x5]
r4 = 0x473b3880 r5 = 0x473b3880 r6 = 0x40490a40 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963650 pc = 0x40e9baa3
Found by: call frame info
12 libxul.so!nsGenericHTMLFrameElement::SetAttr [nsGenericHTMLFrameElement.cpp : 222 + 0x5]
r4 = 0x00000000 r5 = 0x473b3880 r6 = 0x40490a40 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963658 pc = 0x40e9bb43
Found by: call frame info
13 libxul.so!nsGenericElement::SetAttr [nsGenericElement.h : 80 + 0x13]
r4 = 0x40e9bb11 r5 = 0x00000000 r6 = 0xbe9636b8 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963670 pc = 0x40e9ae25
Found by: call frame info
14 libxul.so!nsGenericHTMLElement::SetAttrHelper [nsGenericHTMLElement.cpp : 2851 + 0x3]
r4 = 0x47d36cd0 r5 = 0x00000000 r6 = 0xbe9636b8 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963680 pc = 0x40e9b0d3
Found by: call frame info
15 libxul.so!nsHTMLFrameElement::SetSrc [nsHTMLFrameElement.cpp : 92 + 0x9]
r4 = 0x47d36cd0 r5 = 0x00000000 r6 = 0xbe9636b8 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963688 pc = 0x40eab175
Found by: call frame info
16 libxul.so!nsIDOMHTMLIFrameElement_SetSrc [dom_quickstubs.cpp : 15294 + 0xb]
r4 = 0x47d36cd0 r5 = 0x00000000 r6 = 0xbe9636b8 r7 = 0xbe963950
r8 = 0xbe963760 r9 = 0xbe9636a0 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe963690 pc = 0x411468c7
Found by: call frame info
17 libxul.so!js::baseops::SetPropertyHelper [jscntxtinlines.h : 450 + 0xd]
r4 = 0x41146865 r5 = 0xbe963b88 r6 = 0x47d36cd0 r7 = 0x00000001
r8 = 0x473f3c64 r9 = 0xbe963b88 r10 = 0x00000040 fp = 0x415df891
sp = 0xbe9636f0 pc = 0x4165bb4d
Found by: call frame info
18 libxul.so!js::Interpret [jsinterpinlines.h : 360 + 0x11]
r4 = 0xbe9638a0 r5 = 0x47d36cd0 r6 = 0x43e36840 r7 = 0x43800270
r8 = 0xbe9638c8 r9 = 0x41aa2398 r10 = 0x41c80b40 fp = 0x40480d20
sp = 0xbe9637c0 pc = 0x41641497
Found by: call frame info
19 libxul.so!js::RunScript [jsinterp.cpp : 324 + 0x9]
r4 = 0x47d36cd0 r5 = 0x438001d0 r6 = 0xbe963c1c r7 = 0x00000000
r8 = 0xbe963c88 r9 = 0x47d36d34 r10 = 0xbe963cf0 fp = 0x80004005
sp = 0xbe963c10 pc = 0x4164598f
Found by: call frame info
20 libxul.so!js::Invoke [jsinterp.cpp : 378 + 0x7]
r4 = 0x440a97c0 r5 = 0xbe963c54 r6 = 0x47d36cd0 r7 = 0x00000001
r8 = 0xbe963c88 r9 = 0x47d36d34 r10 = 0xbe963cf0 fp = 0x80004005
sp = 0xbe963c40 pc = 0x4164734d
Found by: call frame info
21 libxul.so!JS_CallFunctionValue [jsapi.cpp : 5893 + 0x13]
r4 = 0x47d36cd0 r5 = 0x44156d90 r6 = 0x432af408 r7 = 0x00000000
r8 = 0x00146308 r9 = 0xbe964128 r10 = 0xbe963f28 fp = 0x80004005
sp = 0xbe963ce0 pc = 0x415e407b
Found by: call frame info
22 libxul.so!nsXPCWrappedJSClass::CallMethod [XPCWrappedJSClass.cpp : 1432 + 0x17]
r4 = 0x47d36cd0 r5 = 0x44156d90 r6 = 0x432af408 r7 = 0x00000000
r8 = 0x00146308 r9 = 0xbe964128 r10 = 0xbe963f28 fp = 0x80004005
sp = 0xbe963d08 pc = 0x4111e08f
Found by: call frame info
23 libxul.so!nsXPCWrappedJS::CallMethod [XPCWrappedJS.cpp : 580 + 0xd]
r4 = 0x48db4d80 r5 = 0x432af408 r6 = 0x4111d93d r7 = 0x00000003
r8 = 0xbe9641ac r9 = 0x00000008 r10 = 0x48c9b670 fp = 0x00000003
sp = 0xbe9640f0 pc = 0x4111b823
Found by: call frame info
24 libxul.so!PrepareAndDispatch [xptcstubs_arm.cpp : 105 + 0xd]
r4 = 0xbe964128 r5 = 0x4111b79d r6 = 0xbe9641e4 r7 = 0xbe964130
r8 = 0xbe9641ac r9 = 0x00000008 r10 = 0x48c9b670 fp = 0x00000003
sp = 0xbe964120 pc = 0x413e43b1
Found by: call frame info
25 libxul.so + 0xa93b17
r4 = 0x48c9b670 r5 = 0x4934c7c0 r6 = 0x48ca08d0 r7 = 0xbe964318
r8 = 0x437d3f68 r9 = 0xbe964328 r10 = 0x00000006 fp = 0x00000001
sp = 0xbe9641e0 pc = 0x413e3b19
Found by: call frame info
26 libxul.so!nsEventListenerManager::HandleEventSubType [nsEventListenerManager.cpp : 889 + 0x5]
r4 = 0x48c9b670 r5 = 0x4934c7c0 r6 = 0x48ca08d0 r7 = 0xbe964318
r8 = 0x437d3f68 r9 = 0xbe964328 r10 = 0x00000006 fp = 0x00000001
sp = 0xbe9641f0 pc = 0x40e7adcb
Found by: call frame info
27 libxul.so!nsEventListenerManager::HandleEventInternal [nsEventListenerManager.cpp : 962 + 0x17]
r4 = 0x4ab65f00 r5 = 0x437286d8 r6 = 0x48ca08d0 r7 = 0xbe964318
r8 = 0x437d3f68 r9 = 0xbe964328 r10 = 0x00000006 fp = 0x00000001
sp = 0xbe964200 pc = 0x40e7af05
Found by: call frame info
28 libxul.so!nsEventTargetChainItem::HandleEvent [nsEventListenerManager.h : 144 + 0x13]
r4 = 0xbe964328 r5 = 0xbe96431c r6 = 0x00000006 r7 = 0x437d3f68
r8 = 0x00000006 r9 = 0x00000000 r10 = 0x000006bc fp = 0x00000000
sp = 0xbe964268 pc = 0x40e8b0e9
Found by: call frame info
29 libxul.so!nsEventTargetChainItem::HandleEventTargetChain [nsEventDispatcher.cpp : 316 + 0xb]
r4 = 0xbe964310 r5 = 0x4735b4a0 r6 = 0x41c886c4 r7 = 0xbe964328
r8 = 0x00000006 r9 = 0x00000000 r10 = 0x000006bc fp = 0x00000000
sp = 0xbe964290 pc = 0x40e8b1d5
Found by: call frame info
30 libxul.so!nsEventDispatcher::Dispatch [nsEventDispatcher.cpp : 634 + 0x11]
r4 = 0x4ab65f00 r5 = 0x00000000 r6 = 0x486c6c00 r7 = 0x4735b4a0
r8 = 0xbe964328 r9 = 0x4735b440 r10 = 0x41c91a04 fp = 0x4735b440
sp = 0xbe9642d8 pc = 0x40e8b757
Found by: call frame info
31 libxul.so!nsEventDispatcher::DispatchDOMEvent [nsEventDispatcher.cpp : 694 + 0x13]
r4 = 0x4934c7c0 r5 = 0x4ab65f00 r6 = 0x437d3b70 r7 = 0x40e85165
r8 = 0x486c6c00 r9 = 0xbe9643a8 r10 = 0x41c80b40 fp = 0xbe964858
sp = 0xbe964368 pc = 0x40e8b94d
Found by: call frame info
32 libxul.so!nsGlobalWindow::DispatchEvent [nsGlobalWindow.cpp : 7523 + 0xd]
r4 = 0xbe9643ef r5 = 0x437d3f10 r6 = 0x4934c7c0 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x41aa2398 r10 = 0x41c80b40 fp = 0xbe964858
sp = 0xbe9643a0 pc = 0x40f38b67
Found by: call frame info
33 libxul.so!nsIDOMEventTarget_DispatchEvent [dom_quickstubs.cpp : 10399 + 0xd]
r4 = 0x43800190 r5 = 0x47d36cd0 r6 = 0x00000000 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x41aa2398 r10 = 0x41c80b40 fp = 0xbe964858
sp = 0xbe9643c0 pc = 0x4113f679
Found by: call frame info
34 libxul.so!js::InvokeKernel [jscntxtinlines.h : 364 + 0x5]
r4 = 0xbe964418 r5 = 0x00000000 r6 = 0x47d36cd0 r7 = 0x4402c720
r8 = 0x00000000 r9 = 0x41aa2398 r10 = 0x41c80b40 fp = 0xbe964858
sp = 0xbe964408 pc = 0x416460d1
Found by: call frame info
35 libxul.so!js::Interpret [jsinterp.cpp : 2475 + 0xd]
r4 = 0xbe964568 r5 = 0x47d36cd0 r6 = 0x00000000 r7 = 0x438001a0
r8 = 0x41b2767c r9 = 0x41aa2398 r10 = 0x41c80b40 fp = 0xbe964858
sp = 0xbe964488 pc = 0x416438cb
Found by: call frame info
36 libxul.so!js::RunScript [jsinterp.cpp : 324 + 0x9]
r4 = 0x47d36cd0 r5 = 0x43800088 r6 = 0xbe9648e4 r7 = 0x00000000
r8 = 0x440665b0 r9 = 0xbe965640 r10 = 0x43800088 fp = 0xbe964928
sp = 0xbe9648d8 pc = 0x4164598f
Found by: call frame info
37 libxul.so!UncachedInlineCall [InvokeHelpers.cpp : 363 + 0x3]
r4 = 0xbe965630 r5 = 0x41c886c4 r6 = 0x47d36cd0 r7 = 0x08000000
r8 = 0x440665b0 r9 = 0xbe965640 r10 = 0x43800088 fp = 0xbe964928
sp = 0xbe964908 pc = 0x417af663
Found by: call frame info
38 libxul.so!js::mjit::stubs::UncachedCallHelper [InvokeHelpers.cpp : 451 + 0xb]
r4 = 0xbe965630 r5 = 0x41c886c4 r6 = 0x00000000 r7 = 0x43800070
r8 = 0x41b2767c r9 = 0x000001a4 r10 = 0x43800028 fp = 0xbe965630
sp = 0xbe964980 pc = 0x417b051f
Found by: call frame info
39 libxul.so!js::mjit::CallCompiler::update [MonoIC.cpp : 1220 + 0xb]
r4 = 0xbe965610 r5 = 0x41c886c4 r6 = 0x47d36cd0 r7 = 0x0000029b
r8 = 0x00000000 r9 = 0x000001a4 r10 = 0x43800028 fp = 0xbe965630
sp = 0xbe9649c8 pc = 0x4179f64b
Found by: call frame info
40 libxul.so!js::mjit::ic::Call [MonoIC.cpp : 1298 + 0x3]
r4 = 0xffffff85 r5 = 0x44058280 r6 = 0x4a2e05e0 r7 = 0x44079400
r8 = 0x41746425 r9 = 0x00004008 r10 = 0x43800028 fp = 0x80004005
sp = 0xbe965610 pc = 0x4179fb09
Found by: call frame info
41 libxul.so + 0xdf6429
r4 = 0xffffff85 r5 = 0x44058280 r6 = 0x4a2e05e0 r7 = 0x44079400
r8 = 0x41746425 r9 = 0x00004008 r10 = 0x43800028 fp = 0x80004005
sp = 0xbe965628 pc = 0x4174642b
Found by: call frame info
42 libxul.so!js::mjit::ic::New [MonoIC.cpp : 1306 + 0x3]
sp = 0xbe96562c pc = 0x4179faf1
Found by: stack scanning
43 0x43800086
sp = 0xbe965644 pc = 0x43800088
Found by: call frame info
44 libxul.so!js::mjit::JaegerShot [MethodJIT.cpp : 1045 + 0x7]
sp = 0xbe965688 pc = 0x41747a27
Found by: stack scanning
45 libxul.so!js::RunScript [jsinterp.cpp : 321 + 0x5]
r4 = 0x47d36cd0 r5 = 0x43800028 r6 = 0xbe9656bc r7 = 0x00000000
r8 = 0xbe965728 sp = 0xbe9656b0 pc = 0x41645969
Found by: call frame info
46 libxul.so!js::Invoke [jsinterp.cpp : 378 + 0x7]
r4 = 0x440795a0 r5 = 0xbe9656f4 r6 = 0x47d36cd0 r7 = 0x00000001
r8 = 0xbe965728 sp = 0xbe9656e0 pc = 0x4164734d
Found by: call frame info
47 libxul.so!JS_CallFunctionValue [jsapi.cpp : 5893 + 0x13]
r4 = 0x47d36cd0 r5 = 0x44156d90 r6 = 0x432af408 r7 = 0x00000000
r8 = 0x00146208 r9 = 0xbe965bc8 r10 = 0xbe9659c8 sp = 0xbe965780
pc = 0x415e407b
Found by: call frame info
48 libxul.so!nsXPCWrappedJSClass::CallMethod [XPCWrappedJSClass.cpp : 1432 + 0x17]
r4 = 0x47d36cd0 r5 = 0x44156d90 r6 = 0x432af408 r7 = 0x00000000
r8 = 0x00146208 r9 = 0xbe965bc8 r10 = 0xbe9659c8 sp = 0xbe9657a8
pc = 0x4111e08f
Found by: call frame info
49 libxul.so!nsXPCWrappedJS::CallMethod [XPCWrappedJS.cpp : 580 + 0xd]
r4 = 0x485dacc0 r5 = 0x432af408 r6 = 0x4111d93d r7 = 0x00000003
r8 = 0xbe965c4c r9 = 0x00000008 r10 = 0x486f59d0 fp = 0x00000003
sp = 0xbe965b90 pc = 0x4111b823
Found by: call frame info
50 libxul.so!PrepareAndDispatch [xptcstubs_arm.cpp : 105 + 0xd]
r4 = 0xbe965bc8 r5 = 0x4111b79d r6 = 0xbe965c84 r7 = 0xbe965bd0
r8 = 0xbe965c4c r9 = 0x00000008 r10 = 0x486f59d0 fp = 0x00000003
sp = 0xbe965bc0 pc = 0x413e43b1
Found by: call frame info
51 libxul.so + 0xa93b17
r4 = 0x486f59d0 r5 = 0x486de0b0 r6 = 0x48ca08d0 r7 = 0xbe965db8
r8 = 0x437d3f68 r9 = 0xbe965dc8 r10 = 0x00000004 fp = 0x00000001
sp = 0xbe965c80 pc = 0x413e3b19
Found by: call frame info
52 libxul.so!nsEventListenerManager::HandleEventSubType [nsEventListenerManager.cpp : 889 + 0x5]
r4 = 0x486f59d0 r5 = 0x486de0b0 r6 = 0x48ca08d0 r7 = 0xbe965db8
r8 = 0x437d3f68 r9 = 0xbe965dc8 r10 = 0x00000004 fp = 0x00000001
sp = 0xbe965c90 pc = 0x40e7adcb
Found by: call frame info
53 libxul.so!nsEventListenerManager::HandleEventInternal [nsEventListenerManager.cpp : 962 + 0x17]
r4 = 0xbe966600 r5 = 0x43728258 r6 = 0x48ca08d0 r7 = 0xbe965db8
r8 = 0x437d3f68 r9 = 0xbe965dc8 r10 = 0x00000004 fp = 0x00000001
sp = 0xbe965ca0 pc = 0x40e7af05
Found by: call frame info
54 libxul.so!nsEventTargetChainItem::HandleEvent [nsEventListenerManager.h : 144 + 0x13]
r4 = 0xbe965dc8 r5 = 0xbe965dbc r6 = 0x00000004 r7 = 0x437d3f68
r8 = 0x00000006 r9 = 0xbe965e48 r10 = 0x000006bc fp = 0x00000000
sp = 0xbe965d08 pc = 0x40e8b0e9
Found by: call frame info
55 libxul.so!nsEventTargetChainItem::HandleEventTargetChain [nsEventDispatcher.cpp : 286 + 0xb]
r4 = 0xbe965db0 r5 = 0x4735b600 r6 = 0x41c886c4 r7 = 0xbe965dc8
r8 = 0x00000006 r9 = 0xbe965e48 r10 = 0x000006bc fp = 0x00000000
sp = 0xbe965d30 pc = 0x40e8b171
Found by: call frame info
56 libxul.so!nsEventDispatcher::Dispatch [nsEventDispatcher.cpp : 634 + 0x11]
r4 = 0xbe966600 r5 = 0x00000000 r6 = 0x486c6c00 r7 = 0x4735b3c0
r8 = 0xbe965dc8 r9 = 0x4735b240 r10 = 0x41c91a04 fp = 0x4735b240
sp = 0xbe965d78 pc = 0x40e8b757
Found by: call frame info
57 libxul.so!PresShell::HandleEventInternal [nsPresShell.cpp : 6625 + 0x17]
r4 = 0xbe966600 r5 = 0x486b7b00 r6 = 0x41c886c4 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000000 r10 = 0xbe96610c fp = 0xbe965e48
sp = 0xbe965e08 pc = 0x40d0ea61
Found by: call frame info
58 libxul.so!PresShell::HandlePositionedEvent [nsPresShell.cpp : 6345 + 0x9]
r4 = 0x486b7b00 r5 = 0x486e19c0 r6 = 0xbe966600 r7 = 0xbe965e9c
r8 = 0xbe96610c r9 = 0x40d33ef1 r10 = 0x0000000a fp = 0x00000000
sp = 0xbe965e98 pc = 0x40d0ec89
Found by: call frame info
59 libxul.so!PresShell::HandleEvent [nsPresShell.cpp : 6147 + 0xb]
r4 = 0xbe966600 r5 = 0x486b7b00 r6 = 0x499a50c0 r7 = 0x486b7b00
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x0000000a fp = 0x00000000
sp = 0xbe965ec0 pc = 0x40d0f83b
Found by: call frame info
60 libxul.so!PresShell::HandleEvent [nsPresShell.cpp : 5801 + 0x11]
r4 = 0xbe966600 r5 = 0xbe966090 r6 = 0x40d0eca1 r7 = 0x486f9800
r8 = 0xbe96608c r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe965fd0 pc = 0x40d0eed5
Found by: call frame info
61 libxul.so!nsViewManager::DispatchEvent [nsViewManager.cpp : 779 + 0xf]
r4 = 0xbe966600 r5 = 0xbe9660e8 r6 = 0x40d0eca1 r7 = 0x4795f800
r8 = 0x40430000 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9660e0 pc = 0x40f20a39
Found by: call frame info
62 libxul.so!nsView::HandleEvent [nsView.cpp : 1062 + 0xd]
r4 = 0x473e9a00 r5 = 0x40f207dd r6 = 0x473b30a0 r7 = 0xbe966600
r8 = 0x00000001 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966108 pc = 0x40f1f26d
Found by: call frame info
63 libxul.so!nsWindow::DispatchEvent [nsWindow.cpp : 481 + 0x9]
r4 = 0xbe96613c r5 = 0x41bb5890 r6 = 0x41c97ba4 r7 = 0x00000000
r8 = 0x00000001 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966128 pc = 0x4123bae9
Found by: call frame info
64 libxul.so!nsWindow::DispatchInputEvent [nsWindow.cpp : 286 + 0x11]
r4 = 0x00000000 r5 = 0xbe966600 r6 = 0x41c97ba4 r7 = 0x00000000
r8 = 0x00000001 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966138 pc = 0x4123c32f
Found by: call frame info
65 libxul.so!GeckoInputDispatcher::dispatchOnce [nsAppShell.cpp : 151 + 0x5]
r4 = 0x0000003f r5 = 0x000000f2 r6 = 0xbe966600 r7 = 0x00000000
r8 = 0x00000001 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966150 pc = 0x4123b5f1
Found by: call frame info
66 libxul.so!nsAppShell::ProcessNextNativeEvent [nsAppShell.cpp : 736 + 0x5]
r4 = 0x432ff8e0 r5 = 0x00000001 r6 = 0xbe966698 r7 = 0x00000001
r8 = 0x00000048 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966688 pc = 0x4123a6a1
Found by: call frame info
67 libxul.so!nsBaseAppShell::DoProcessNextNativeEvent [nsBaseAppShell.cpp : 139 + 0x5]
r4 = 0x432ff8e0 r5 = 0x40409940 r6 = 0x00000000 r7 = 0x00000000
r8 = 0x00000014 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9667a8 pc = 0x41257337
Found by: call frame info
68 libxul.so!nsBaseAppShell::OnProcessNextEvent [nsBaseAppShell.cpp : 286 + 0x9]
r4 = 0x432ff8e0 r5 = 0x40409940 r6 = 0x0040afb1 r7 = 0x00000000
r8 = 0x00000014 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9667c0 pc = 0x412573fd
Found by: call frame info
69 libxul.so!nsThread::ProcessNextEvent [nsThread.cpp : 593 + 0x5]
r4 = 0x40409940 r5 = 0x00000000 r6 = 0x41257359 r7 = 0x00000001
r8 = 0xbe96682f r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9667e8 pc = 0x413d71af
Found by: call frame info
70 libxul.so!NS_ProcessNextEvent_P [nsThreadUtils.cpp : 237 + 0xb]
r4 = 0x00000000 r5 = 0x4044f0c0 r6 = 0x40402500 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966828 pc = 0x413b7687
Found by: call frame info
71 libxul.so!mozilla::ipc::MessagePump::Run [MessagePump.cpp : 82 + 0x7]
r4 = 0x404024f0 r5 = 0x4044f0c0 r6 = 0x40402500 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966838 pc = 0x412d0bf9
Found by: call frame info
72 libxul.so!MessageLoop::RunInternal [message_loop.cc : 216 + 0x5]
r4 = 0x4044f0c0 r5 = 0x432ff8e0 r6 = 0x40409940 r7 = 0xbe966add
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966860 pc = 0x413f9121
Found by: call frame info
73 libxul.so!MessageLoop::Run [message_loop.cc : 209 + 0x5]
r4 = 0x4044f0c0 r5 = 0x432ff8e0 r6 = 0x40409940 r7 = 0xbe966add
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966868 pc = 0x413f91d7
Found by: call frame info
74 libxul.so!nsBaseAppShell::Run [nsBaseAppShell.cpp : 163 + 0x7]
r4 = 0x00000000 r5 = 0x432ff8e0 r6 = 0x40409940 r7 = 0xbe966add
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966880 pc = 0x41256efd
Found by: call frame info
75 libxul.so!nsAppStartup::Run [nsAppStartup.cpp : 290 + 0x5]
r4 = 0x437a2e80 r5 = 0x413c1fdd r6 = 0x00000000 r7 = 0xbe966add
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966890 pc = 0x411ba70d
Found by: call frame info
76 libxul.so!XREMain::XRE_mainRun [nsAppRunner.cpp : 3795 + 0x5]
r4 = 0xbe9669ec r5 = 0x413c1fdd r6 = 0x00000000 r7 = 0xbe966add
r8 = 0x00000000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966898 pc = 0x40beae7b
Found by: call frame info
77 libxul.so!XREMain::XRE_main [nsAppRunner.cpp : 3861 + 0x5]
r4 = 0xbe9669ec r5 = 0xbe9669c7 r6 = 0x00000000 r7 = 0xbe968bd4
r8 = 0x4042b000 r9 = 0x40430000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9669c0 pc = 0x40bed4f5
Found by: call frame info
78 libxul.so!XRE_main [nsAppRunner.cpp : 3936 + 0x3]
r4 = 0x00020680 r5 = 0xbe968bd4 r6 = 0x00000001 r7 = 0x00000000
r8 = 0xbe9669ec r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe9669e8 pc = 0x40bed641
Found by: call frame info
79 b2g!main [nsBrowserApp.cpp : 168 + 0xf]
r4 = 0x40bed5f5 r5 = 0x00000000 r6 = 0x00000001 r7 = 0xbe968bd4
r8 = 0x00000000 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe966af8 pc = 0x000099ff
Found by: call frame info
80 libc.so!__libc_init [libc_init_dynamic.c : 114 + 0x7]
r4 = 0x00009774 r5 = 0xbe968bd4 r6 = 0x00000001 r7 = 0xbe968bdc
r8 = 0x00000000 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe968bb8 pc = 0x400fb937
Found by: call frame info
81 libc.so!__cxa_atexit [atexit.c : 99 + 0x3]
r4 = 0x00000000 r5 = 0x00000000 r6 = 0x00000000 r7 = 0x00000000
r8 = 0x00000000 r9 = 0x00000000 r10 = 0x00000000 fp = 0x00000000
sp = 0xbe968bd0 pc = 0x40103f1f
Found by: call frame info
82 0xbe968d70
r4 = 0x00000000 r5 = 0xbe968ce1 r6 = 0xbe968cf3 r7 = 0xbe968d06
r8 = 0xbe968d29 r9 = 0xbe968d42 r10 = 0xbe968d5f fp = 0x00000000
sp = 0xbe968bf8 pc = 0xbe968d72
Found by: call frame info
83 b2g!MOZ_PNG_build_gamma_tab [png.c : 2648 + 0xf]
sp = 0xbe968c30 pc = 0x0000b8d7
Found by: stack scanning
|
||
Comment 8•11 years ago
|
||
SendPBrowserConstructor (http://hg.mozilla.org/mozilla-central/annotate/acf388eaf9e9/dom/ipc/ContentParent.cpp#l525) can return null if there's an error sending the message, which would explain the crash here. We should be checking for that, not just blindly using the result.
|
||
Comment 9•11 years ago
|
||
Yeah. This is a null pointer + offset crash.
|
|
||
Comment 10•11 years ago
|
||
Tara still has the crash , why 'browser' is null ?
PBrowserParent* browser = p->SendPBrowserConstructor(
tp.forget().get(), // DeallocPBrowserParent() releases this ref.
aContext.AsIPCTabContext(),
|
||
Comment 11•11 years ago
|
||
> why 'browser' is null ? See comment 8.
|
|
||
Comment 12•11 years ago
|
||
(In reply to Justin Lebar [:jlebar] from comment #11) > > why 'browser' is null ? > > See comment 8. Can we add defense code to prevent this crash? if ( !brower ) { NS_ERROR("Failed to get brower"); return nullptr; }
|
|
||
Comment 13•11 years ago
|
||
Maybe the child crashed soon after it started, and that's how we're getting into this position?
|
|
||
Comment 14•11 years ago
|
||
(In reply to James Zhang from comment #12) > (In reply to Justin Lebar [:jlebar] from comment #11) > > > why 'browser' is null ? > > > > See comment 8. > > Can we add defense code to prevent this crash? > > if ( !brower ) > { > NS_ERROR("Failed to get brower"); > return nullptr; > } Yes, this is the only way I know to solve this crash.
|
|
||
Comment 15•11 years ago
|
||
This bug may be fixed in bug 844323.
|
||
Comment 16•6 years ago
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046 Move all DOM bugs that haven't been updated in more than 3 years and has no one currently assigned to P5. If you have questions, please contact :mdaly.
Priority: -- → P5
|
||
Comment 17•6 years ago
|
||
SetAppType no longer in PBrowser protocol.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
|
Assignee | |
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•