Closed Bug 905818 Opened 11 years ago Closed 7 years ago

crash in mozilla::dom::sms::SmsMessageData::Assign

Categories

(Core :: DOM: Device Interfaces, defect)

Product:
Core
Component:
DOM: Device Interfaces
Version:
18 Branch
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: marcia, Unassigned)

Details

(Keywords: crash, topcrash-b2g, Whiteboard: [b2g-crash])

Crash Data

This bug was filed from the Socorro interface and is 
report bp-e84956e8-ca64-49e9-8e0b-6fd9f2130815 .
 ============================================================= 

Seen while looking at crash stats. https://crash-stats.mozilla.com/report/list?product=B2G&signature=mozilla::dom::sms::SmsMessageData::Assign

On ZTE device crashes happen on Build ID: 20130621133927

Frame 	Module 	Signature 	Source
0 	libxul.so 	mozilla::dom::sms::SmsMessageData::Assign 	/home/zhangchun/P752D04_MOVISTAR/PRE/android/out/target/product/roamer2/obj/objdir-gecko/ipc/ipdl/SmsTypes.cpp
1 	libxul.so 	mozilla::dom::sms::SmsMessageData::SmsMessageData 	../../../ipc/ipdl/_ipdlheaders/mozilla/dom/sms/SmsTypes.h
2 	libxul.so 	mozilla::dom::sms::SmsRequest::NotifyMessageSent 	/home/zhangchun/P752D04_MOVISTAR/PRE/android/gecko/dom/sms/src/SmsRequest.cpp
3 	libxul.so 	mozilla::dom::indexedDB::IDBIndex::GetStoreName 	/home/zhangchun/P752D04_MOVISTAR/PRE/android/gecko/dom/indexedDB/IDBIndex.cpp
4 	libqc_b2g_ril.so 	libqc_b2g_ril.so@0x3c791 	
5 	libxul.so 	nsAString_internal::Assign 	/home/zhangchun/P752D04_MOVISTAR/PRE/android/gecko/xpcom/string/src/nsSubstring.cpp
Component: General → DOM: Device Interfaces
Product: Boot2Gecko → Core
Version: unspecified → 18 Branch
blocking-b2g: --- → leo?
topcrash is being replaced by more precise keywords per https://bugzilla.mozilla.org/show_bug.cgi?id=927557#c3
Keywords: topcrashtopcrash-b2g
NI on :naoki to help understand if this happens only on ZTE devices or are we seeing this on any releases/phones. Also any information on if this is reproducible or if you are seeing the same signature on 1.2 as well ?

Also passing this onto :overholt to see if we can help get some eyes on the stacktrace here to get some investigation going.
Jan and I took a look at this just now.  He thinks there's some JS involved that isn't in the stack trace.  It looks like maybe there's a stale reference to an IndexedDB object.

The stack frames appear to be inverted.  Is that expected?

Is the presence of libqc_b2g_ril.so between IDBIndex::GetStoreName and nsAString_internal::Assign expected?

Gregor, any thoughts here?
Flags: needinfo?(anygregor)
Oops, looking here the stack frames are correct and libqc_b2g_ril.so isn't where I wouldn't expect it:

  https://crash-stats.mozilla.com/report/index/8ffc334d-76c0-465d-bbc5-818412131112
FWIW I spent a bit of time looking at the stacks, and I don't think anything in the call stack beyond the top three frames makes any sense.
Off-bugzilla emails have made me aware that there are difficulties with stack traces on the ZTE v1.0.1 builds.

Have we seen this on other devices?  Newer releases?  Anything other than the initial ZTE 1.0.1 release?
Flags: needinfo?(mozillamarcia.knous)
From what I can see in crash stats this signature is only seen using the ZTE device, and Build 20130621133927. There are also a fair number of dupes in the mix, so filtering those out the crash may not be as bad as the overall number indicates.
Flags: needinfo?(mozillamarcia.knous)
The problem of optimize builds :(
I assume we are somewhere around here when something bad happens:
https://hg.mozilla.org/releases/mozilla-b2g18/annotate/3d28e6cbacce/dom/system/gonk/RadioInterfaceLayer.js#l1600
Flags: needinfo?(anygregor)
Mass-modify - removal of no longer relevant blocking flags.
blocking-b2g: leo? → ---
This crash remains significant for B2G-18 as I'm seeing 176 reports over the last week, ranked at #5 overall or 7.46% of all B2G-18 crashes. That said, nearly half of the reports are dupes so that likely puts this down to the #7 crash. 100% of the reports are against Android 0.0.0 Linux 3.0.8-perf-00008-g03ba58e #1 PREEMPT Fri Jun 21 13:30:16 CST 2013 armv7l ZTE/roamer2/roa using build 20130621133927. 

Crashes per Install rates this at 176 crashes per 13 installs so this might be restricted to a very small set of users. If that's true these users are crashing roughly two times a day every day.

What is needed to move this bug forward?
Kevin, are we still maintaining b2g-18 releases?
Flags: needinfo?(khu)
b2g-18 was 2 years ago. I don't think we need to maintain this, but needinfo Vance here, just in case. Thanks.
Flags: needinfo?(khu) → needinfo?(vchen)
Agree with Kevin that this one is no longer relevant
Flags: needinfo?(vchen)
I'm marking this bug as WORKSFORME as bug crashlog signature didn't appear from a long time (over half year) in B2G (except some obsolete B2G <19).
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.