Open Bug 1541224 Opened 1 year ago Updated 11 months ago

crash near null in [@ mozilla::CrossProcessMutex::Lock]

Categories

(Testing :: Code Coverage, defect, P3)

Version 3
defect

Tracking

(Not tracked)

People

(Reporter: tsmith, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: crash)

The first available report I have of this crash is from: m-c 20190203-28c742617296

I am unable to reproduce with any of the reported test cases. At the time of logging we have 724 instances reported to FuzzManager.

Report from m-c: 20190331-339760ce8b1f

rax = 0x0000000000000000   rdx = 0x00007fa6cf4d5770
rcx = 0x0000000000000002   rbx = 0x0000000000001ec0
rsi = 0x000000000000002a   rdi = 0x0000000000000000
rbp = 0x0000000000000000   rsp = 0x00007ffc91a2ba10
r8 = 0x00007fa6d05c0740    r9 = 0x000000000000002a
r10 = 0x0000000000000000   r11 = 0x0000000000000000
r12 = 0x0000000000000001   r13 = 0x00007fa6cef66000
r14 = 0x00007fa6c1605630   r15 = 0x00007fa6c16093b0
rip = 0x00007fa6b8ee7814
OS|Linux|0.0.0 Linux 4.4.0-1067-aws #77-Ubuntu SMP Mon Aug 27 13:22:03 UTC 2018 x86_64
CPU|amd64|family 6 model 63 stepping 2|8
GPU|||
Crash|SIGSEGV|0x8|0
0|0|libxul.so|mozilla::CrossProcessMutex::Lock()|hg:hg.mozilla.org/mozilla-central:ipc/glue/CrossProcessMutex_posix.cpp:339760ce8b1f1683aee71f3e3cc1e7f3ba135b60|113|0x0
0|1|libxul.so|mozilla::CodeCoverageHandler::FlushCounters()|hg:hg.mozilla.org/mozilla-central:xpcom/threads/Mutex.h:339760ce8b1f1683aee71f3e3cc1e7f3ba135b60|165|0x8
0|2|libxul.so|mozilla::CodeCoverageHandler::FlushCountersSignalHandler(int)|hg:hg.mozilla.org/mozilla-central:tools/code-coverage/CodeCoverageHandler.cpp:339760ce8b1f1683aee71f3e3cc1e7f3ba135b60|99|0x5
0|3|libpthread-2.23.so||||0x11390
0|4|libxul.so|_fini|||0x257870c
0|5|libxul.so|_fini|||0x257c48c
0|6|||||0x7fa6b4820000
0|7|libc-2.23.so||||0x3c45f8
0|8|libpthread-2.23.so||||0x10bbd
0|9|libpthread-2.23.so||||0x10bbd
0|10|ld-2.23.so||||0x9e14
0|11|libc-2.23.so||||0x3d80
0|12|libc-2.23.so||||0x10ff8
0|13|firefox-bin|RedBlackTree<arena_chunk_map_t, ArenaAvailTreeTrait>::MoveRedLeft(RedBlackTree<arena_chunk_map_t, ArenaAvailTreeTrait>::TreeNode)|hg:hg.mozilla.org/mozilla-central:memory/build/rb.h:339760ce8b1f1683aee71f3e3cc1e7f3ba135b60|603|0xa
0|14|||||0xffff00001fa0

The priority flag is not set for this bug.
:ekyle, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(klahnakoski)
Flags: needinfo?(klahnakoski)
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.