QuotaManager::UnregisterStorage crash during b2g-desktop startup

NEW
Assigned to

Status

()

Core
DOM: IndexedDB
4 years ago
4 years ago

People

(Reporter: gwagner, Assigned: janv)

Tracking

unspecified
x86
Mac OS X
Points:
---

Firefox Tracking Flags

(blocking-b2g:-)

Details

(Reporter)

Description

4 years ago
Seen during b2g-desktop --enable-debug startup.
Jan, any idea?


Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x000000010220b48a in mozilla::dom::quota::QuotaManager::UnregisterStorage (this=0x10053f300, aStorage=0x117eb8a58) at /Volumes/mac/code/src/dom/quota/QuotaManager.cpp:1431
1431	      (*cluster)[aStorage->GetClient()->GetType()].RemoveElement(aStorage)) {
(gdb) bt
#0  0x000000010220b48a in mozilla::dom::quota::QuotaManager::UnregisterStorage (this=0x10053f300, aStorage=0x117eb8a58) at /Volumes/mac/code/src/dom/quota/QuotaManager.cpp:1431
#1  0x00000001022ea3d1 in mozilla::dom::indexedDB::IDBDatabase::OnUnlink () at /Volumes/mac/code/src/dom/indexedDB/IDBDatabase.h:399
#2  0x00000001022ea3d1 in mozilla::dom::indexedDB::IDBDatabase::cycleCollection::Unlink (this=<value temporarily unavailable, due to optimizations>, p=0x117eb8a00) at /Volumes/mac/code/src/dom/indexedDB/IDBDatabase.cpp:473
#3  0x0000000103163daa in nsCycleCollector::CollectWhite (this=0x107e02000) at /Volumes/mac/code/src/xpcom/base/nsCycleCollector.cpp:2370
#4  0x000000010316499d in nsCycleCollector::Collect (this=0x107e02000, aCCType=ScheduledCC, aWhiteNodes=0x7fff5fbf5488, aResults=0x7fff5fbfd2f8, aManualListener=0x0) at /Volumes/mac/code/src/xpcom/base/nsCycleCollector.cpp:2699
#5  0x000000010316619b in nsTArray_base<nsTArrayInfallibleAllocator, nsTArray_CopyElements<PtrInfo*> >::Length () at /Volumes/mac/code/build/dist/include/nsTArray.h:3162
#6  0x000000010316619b in nsTArray_Impl<PtrInfo*, nsTArrayInfallibleAllocator>::Clear () at /Volumes/mac/code/build/dist/include/nsTArray.h:1297
#7  0x000000010316619b in nsAutoTArray<PtrInfo*, 4000u>::~nsAutoTArray () at /Volumes/mac/code/build/dist/include/nsTArray.h:748
#8  0x000000010316619b in nsTArray<PtrInfo*>::~nsTArray () at /Volumes/mac/code/build/dist/include/nsTArray.h:1752
#9  0x000000010316619b in nsTArray_Impl<PtrInfo*, nsTArrayInfallibleAllocator>::~nsTArray_Impl () at /Volumes/mac/code/build/dist/include/nsTArray.h:1681
#10 0x000000010316619b in nsAutoTArray<PtrInfo*, 4000u>::~nsAutoTArray () at /Volumes/mac/code/build/dist/include/nsTArray.h:1642
#11 0x000000010316619b in nsCycleCollector_collect (aManuallyTriggered=<value temporarily unavailable, due to optimizations>, aResults=0x7fff5fbfd2f8, aManualListener=0x0) at /Volumes/mac/code/src/xpcom/base/nsCycleCollector.cpp:3164
#12 0x0000000102193435 in nsJSContext::CycleCollectNow (aListener=0x0, aExtraForgetSkippableCalls=<value temporarily unavailable, due to optimizations>, aManuallyTriggered=false) at /Volumes/mac/code/src/dom/base/nsJSEnvironment.cpp:2079
#13 0x00000001021990f2 in CCTimerFired (aTimer=0x0, aClosure=0x7fff5fbfd2f8) at /Volumes/mac/code/src/dom/base/nsJSEnvironment.cpp:2292
#14 0x000000010315c5c8 in nsTimerImpl::Fire (this=0x1082bd4c0) at /Volumes/mac/code/src/xpcom/threads/nsTimerImpl.cpp:546
#15 0x000000010315c880 in nsTimerEvent::Run (this=<value temporarily unavailable, due to optimizations>) at /Volumes/mac/code/src/xpcom/threads/nsTimerImpl.cpp:630
#16 0x0000000103156e9f in nsThread::ProcessNextEvent (this=0x100523760, mayWait=<value temporarily unavailable, due to optimizations>, result=0x7fff5fbfd507) at /Volumes/mac/code/src/xpcom/threads/nsThread.cpp:622
#17 0x00000001030f393b in NS_ProcessPendingEvents (thread=<value temporarily unavailable, due to optimizations>, timeout=20) at nsThreadUtils.cpp:188
#18 0x00000001029ad70a in nsBaseAppShell::NativeEventCallback (this=0x107fd6340) at /Volumes/mac/code/src/widget/xpwidgets/nsBaseAppShell.cpp:95
#19 0x00000001029436bf in nsAppShell::ProcessGeckoEvents (aInfo=0x107fd6340) at /Volumes/mac/code/src/widget/cocoa/nsAppShell.mm:388
#20 0x00007fff83dddb31 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#21 0x00007fff83ddd455 in __CFRunLoopDoSources0 ()
#22 0x00007fff83e007f5 in __CFRunLoopRun ()
#23 0x00007fff83e000e2 in CFRunLoopRunSpecific ()
#24 0x00007fff840aceb4 in RunCurrentEventLoopInMode ()
#25 0x00007fff840acc52 in ReceiveNextEventCommon ()
#26 0x00007fff840acae3 in BlockUntilNextEventMatchingListInMode ()
#27 0x00007fff8a4c0533 in _DPSNextEvent ()
#28 0x00007fff8a4bfdf2 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#29 0x0000000102942736 in -[GeckoNSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] (self=0x1082da1a0, _cmd=<value temporarily unavailable, due to optimizations>, mask=18446744073709551615, expiration=0x422d63c37f00000d, mode=0x7fff71e7c1c0, flag=1 '\001') at /Volumes/mac/code/src/widget/cocoa/nsAppShell.mm:165
#30 0x00007fff8a4b71a3 in -[NSApplication run] ()
#31 0x0000000102943cfe in nsAppShell::Run (this=<value temporarily unavailable, due to optimizations>) at /Volumes/mac/code/src/widget/cocoa/nsAppShell.mm:742
#32 0x0000000102797972 in nsAppStartup::Run (this=0x107f905b0) at /Volumes/mac/code/src/toolkit/components/startup/nsAppStartup.cpp:269
#33 0x00000001014e785e in XREMain::XRE_mainRun (this=<value temporarily unavailable, due to optimizations>) at /Volumes/mac/code/src/toolkit/xre/nsAppRunner.cpp:3868
#34 0x00000001014e7e75 in XREMain::XRE_main (this=0x7fff5fbff000, argc=<value temporarily unavailable, due to optimizations>, argv=<value temporarily unavailable, due to optimizations>, aAppData=<value temporarily unavailable, due to optimizations>) at /Volumes/mac/code/src/toolkit/xre/nsAppRunner.cpp:3936
#35 0x00000001014e8216 in XRE_main (argc=0, argv=0xffffffffffffffff, aAppData=0x422d63c37f00000d, aFlags=<value temporarily unavailable, due to optimizations>) at /Volumes/mac/code/src/toolkit/xre/nsAppRunner.cpp:4138
(Reporter)

Updated

4 years ago
blocking-b2g: --- → koi?
Ben said "this seems bad" so koi+ and to Jan.
Assignee: nobody → Jan.Varga
blocking-b2g: koi? → koi+
Jan's working on something else but hopes to have it finished next week at which point he'll move on to this.
If this crash is only happening on debug b2g-desktop builds, then this likely isn't a blocker.
blocking-b2g: koi+ → koi?
(In reply to Jason Smith [:jsmith] from comment #3)
> If this crash is only happening on debug b2g-desktop builds, then this
> likely isn't a blocker.

I tend to agree but I'll leave it to Gregor.

Meta (and somewhat unrelated) point:  some time in the near future we need to prioritize debug, desktop oop, etc. and treat issues there the same as we'd treat any other test failures.  I don't know when this time will be, but the sooner the better :)
(In reply to Andrew Overholt [:overholt] from comment #4)
> (In reply to Jason Smith [:jsmith] from comment #3)
> > If this crash is only happening on debug b2g-desktop builds, then this
> > likely isn't a blocker.
> 
> I tend to agree but I'll leave it to Gregor.
> 
> Meta (and somewhat unrelated) point:  some time in the near future we need
> to prioritize debug, desktop oop, etc. and treat issues there the same as
> we'd treat any other test failures.  I don't know when this time will be,
> but the sooner the better :)

We should ask product to prioritize this as tech debt we need to get done in a target release. Let me send an email over product about this.
(Reporter)

Comment 6

4 years ago
I would ship a phone without it but the bigger discussion we need to have is if we should ship with known assertions. This could also cause a crash with a high volume that might be a koi+ bug where we have no idea what's going on.
Probably not true for this bug but it's much easier to fix crashes with known stacks rather than bisecting regressions and try to debug intermittent crashes where we don't have stack traces.
Product we are minusing for 1.2, please prioritize for the upcoming releases.
blocking-b2g: koi? → -
You need to log in before you can comment on or make changes to this bug.