Closed Bug 1432798 Opened 6 years ago Closed 5 years ago

Crash in nsTSubstring<T>::SetIsVoid

Categories

(Core :: Preferences: Backend, defect)

Product:
Core
Component:
Preferences: Backend
Version:
58 Branch
Platform:
Unspecified
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WORKSFORME
Tracking Flags:
Tracking Status
firefox58 --- wontfix

People

(Reporter: marcia, Unassigned)

Details

(Keywords: crash, regression)

Crash Data

This bug was filed from the Socorro interface and is
report bp-52fcf323-51be-4bbd-8aab-b473a0180124.
=============================================================

Seen while looking at 58 crash stats: http://bit.ly/2DBwxJr. Crashes are only seen in 58 release. Not sure if this is the right bucket but I looked at the top of ths stack.

One comment "occurred when trying to install update"

Top 10 frames of crashing thread:

0 XUL nsTSubstring<char>::SetIsVoid clang/include/c++/v1/atomic:987
1 XUL nsPrefBranch::GetCharPref modules/libpref/Preferences.cpp:643
2 XUL nsPrefBranch::GetCharPrefWithDefault modules/libpref/Preferences.cpp:2273
3 XUL NS_InvokeByIndex 
4 XUL XPCWrappedNative::CallMethod js/xpconnect/src/XPCWrappedNative.cpp:1996
5 XUL XPC_WN_CallMethod js/xpconnect/src/XPCWrappedNativeJSOps.cpp:929
6 XUL js::InternalCallOrConstruct js/src/jscntxtinlines.h:291
7 XUL Interpret js/src/vm/Interpreter.cpp:528
8 XUL js::RunScript js/src/vm/Interpreter.cpp:423
9 XUL js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:495

=============================================================
Several more comments about updating - it seems that every version of Mac is affected from 10.9 up:

*it just crashed after I started the computer and the updates were installed 
*computer crashed almost immediately after starting
Volume is pretty low, between 5 and 15 reports a day so far.
Startup crash that seems to be Mac only. Low volume, but we should try to understand what's happening here.

Nicholas, can you find someone to investigate?
status-firefox58: affectedwontfix
Flags: needinfo?(n.nethercote)
This is a strange one. For one, it's Mac-only, despite this code being platform-independent.

The crashing line is this:

> aValueOut.SetIsVoid(true);

The crashing line is in clang/include/c++/v1/atomic; I'm not sure why atomics are involved.

The crashing address is always 0xfffffffffffffff8, which is obviously bad. I don't know where it might have come from.

Presumably `aValueOut` is bad. It ultimately comes from xpconnect. So that's a strange thing to be bad.

I'm not sure what to make of this.
Flags: needinfo?(n.nethercote)

Only 2 crashes from 64.0.2. I think we can close this one as WFM based on crash volume.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.