This bug was filed from the Socorro interface and is report bp-abcf9c93-c350-4408-bfc2-56d0e0180906. ============================================================= Seen while looking at release crash stats (not sure if this is the correct component). There is an old bug associated with this signature - Bug 500105, but while looking at reports I see some in 62 that are possible UAFs: https://bit.ly/2oU6XFK facebook and youtube.com are the most common URLs in 62.0. Top 10 frames of crashing thread: 0 xul.dll GraphWalker<ScanBlackVisitor>::DoWalk xpcom/base/nsCycleCollector.cpp:1518 1 xul.dll GraphWalker<ScanBlackVisitor>::Walk xpcom/base/nsCycleCollector.cpp:1489 2 xul.dll nsCycleCollector::ScanBlackNodes xpcom/base/nsCycleCollector.cpp:3256 3 xul.dll nsCycleCollector::ScanRoots xpcom/base/nsCycleCollector.cpp:3286 4 xul.dll nsCycleCollector::Collect xpcom/base/nsCycleCollector.cpp:3776 5 xul.dll nsCycleCollector_collectSlice xpcom/base/nsCycleCollector.cpp:4343 6 xul.dll nsJSContext::RunCycleCollectorSlice dom/base/nsJSEnvironment.cpp:1546 7 xul.dll static bool ICCRunnerFired dom/base/nsJSEnvironment.cpp:1605 8 xul.dll std::_Func_impl_no_alloc<bool vs2017_15.6.6/VC/include/functional:16707566 9 xul.dll mozilla::IdleTaskRunner::Run xpcom/threads/IdleTaskRunner.cpp:63 =============================================================
Yeah, any GC or CC crash can result in a UAF. I don't think anything in gained by having a separate hidden bug for this signature.
Status: NEW → RESOLVED
Closed: 11 months ago
Resolution: --- → DUPLICATE
Duplicate of bug: 500105
You need to log in before you can comment on or make changes to this bug.