Open Bug 1516907 Opened 4 years ago Updated 6 days ago

Crash in SnowWhiteKiller::MaybeKillObject


(Core :: XPCOM, defect)




Tracking Status
firefox66 --- affected
firefox67 --- affected
firefox68 --- affected


(Reporter: jseward, Unassigned)



(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is
report bp-879edf05-c294-400c-88dc-b160b0181228.

This occurred in two different installations of 
the Android nightly 20181227092648.

Top 10 frames of crashing thread:

0 SnowWhiteKiller::MaybeKillObject xpcom/base/nsCycleCollector.cpp:2426
1 SnowWhiteKiller::Visit xpcom/base/nsCycleCollector.cpp:2457
2 void nsPurpleBuffer::VisitEntries<SnowWhiteKiller> xpcom/base/nsCycleCollector.cpp:956
3 nsCycleCollector::FreeSnowWhiteWithBudget xpcom/base/nsCycleCollector.cpp:2622
4 AsyncFreeSnowWhite::Run js/xpconnect/src/XPCJSRuntime.cpp:141
5 IdleRunnableWrapper::Run xpcom/threads/nsThreadUtils.cpp:317
6 nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1157
7 NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:468
8 mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:88
9 MessageLoop::Run ipc/chromium/src/base/

Flags: needinfo?(continuation)
I don't know what is happening here. I feel like we've had similar crashes before, so maybe this is a signature change, but I can't find any similar bugs. It looks like it might be a null deref crash in aObject.mParticipant.
Flags: needinfo?(continuation)

Maybe this is a variant of bug 1540166, which had a patch land recently.

Depends on: 1540166

Since the crash volume is low (less than 5 per week), the severity is downgraded to S3. Feel free to change it back if you think the bug is still critical.

For more information, please visit auto_nag documentation.

Severity: critical → S3
You need to log in before you can comment on or make changes to this bug.