Closed
Bug 1338973
Opened 7 years ago
Closed 5 years ago
Crash in nsCOMArray_base::InsertObjectsAt
Categories
(Core :: XPCOM, defect, P3)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: n.nethercote, Unassigned)
Details
(Keywords: crash, stale-bug)
Crash Data
This bug was filed from the Socorro interface and is report bp-dc02da85-ab54-456b-82ee-bf21c2170212. ============================================================= We've had crashes with this signature in the past, but this feels like a new(ish) one. It's showing up on Nightly, Aurora, and Beta. It's a shutdown crash, and the crash address is always 0x0, which suggests that aObjects is null. Michal, any ideas?
Flags: needinfo?(michal.novotny)
Updated•7 years ago
|
Whiteboard: [necko-active]
Comment 1•7 years ago
|
||
AFAICS, we always pass a pointer to a valid nsCOMArray<nsIFile> to the timer. Also the access to nsDeleteDir::mTimers is protected by a lock, so it cannot happen that nsDeleteDir::Shutdown uses a pointer to an array freed by nsDeleteDir::TimerCallback. So I have no theory :-/
Flags: needinfo?(michal.novotny)
Comment 2•7 years ago
|
||
Curiously, 100% of these (55) InsertObjectsAt crashes are on Win64 Firefox.
Comment 3•7 years ago
|
||
Too late for firefox 52, mass-wontfix.
Comment 4•7 years ago
|
||
can getclosure() ever return null if it races against wanting to run the timer perhaps? This might be the only use of getclosure) in gecko :) maybe just "if (finishDeleting && *arg)" to protect against the timer class doing something unanticipated? might not be worth overthinking.
Assignee: nobody → michal.novotny
Comment 5•7 years ago
|
||
Bulk priority update: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Keywords: stale-bug
Comment 7•6 years ago
|
||
None of the reports this year has cache on the stack. Most of them are coming from nsThreadPool::Shutdown().
Assignee: michal.novotny → nobody
Component: Networking: Cache → XPCOM
Whiteboard: [necko-active]
Comment 8•5 years ago
|
||
Closing because no crashes reported for 12 weeks.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•