1322786 - Crash in ThreadProfile::StreamJSON

Status: RESOLVED DUPLICATE of bug 1340161

(Core :: Gecko Profiler, defect)

Description

[Marcia Knous [:marcia]]

This bug was filed from the Socorro interface and is 
report bp-e5ee03e4-0755-4ae8-b4fe-69c1c2161208.
=============================================================

Seen while looking at Mac crash stats: http://bit.ly/2hdqgVr. Crashes started using 20161206030203 build.

ni on :shu in case he has ideas about what might have caused the new crash.

Comment 1

[Shu-yu Guo [:shu]]

Sorry, I don't know what's going on there.

It looks like a nullptr dereference but the offset 0x6030 is very large. The crash itself seems to be in Maybe::emplace, in [1], but mUniqueStacks is definitely not +0x6030 in ThreadProfile. That would most likely point to sRegisteredThreads->at(i) being nullptr in [2].

I can't say why that would be, and why only on Mac. The code that manages sRegisteredThreads, IIRC, is [3]. This file hasn't been modified lately, and the latest changes to it don't look like threads were touched at all.

[1] http://searchfox.org/mozilla-central/source/tools/profiler/core/ThreadProfile.cpp#51
[2] http://searchfox.org/mozilla-central/source/tools/profiler/core/GeckoSampler.cpp#564
[3] http://searchfox.org/mozilla-central/source/tools/profiler/core/platform-macos.cc

Comment 2

[Markus Stange [:mstange]]

I can reproduce this some of the time with a thread filter of "GeckoMain,Compositor,_". I think something is going wrong with sRegisteredThreads when a thread shuts down.

Comment 3

[Nicholas Nethercote [inactive]]

This code has been rewritten extensively (e.g. ThreadProfile no longer exists), so this crash signature will no longer appear. And I fixed a similar crash in bug 1340161. So I think we can close this bug.