[tor-bugs] #17761 [Tor Browser]: OS X Crash on opening link from fullscreen application

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 7 09:01:09 UTC 2015 

#17761: OS X Crash on opening link from fullscreen application
---------------------------------------------+--------------------------
 Reporter:  teor                             |          Owner:  tbb-team
     Type:  defect                           |         Status:  assigned
 Priority:  Very High                        |      Milestone:
Component:  Tor Browser                      |        Version:
 Severity:  Critical                         |     Resolution:
 Keywords:  tbb-crash, TorBrowserTeam201512  |  Actual Points:
Parent ID:                                   |         Points:
  Sponsor:                                   |
---------------------------------------------+--------------------------
Changes (by gk):

 * status:  needs_information => assigned
 * priority:  High => Very High
 * severity:  Major => Critical


Comment:

 Okay, I can see this on a 5.5a4-hardened build as well. Here is the
 stacktrace:
 {{{
 #0  0x00007fffeba6405b in mozilla::OffTheBooksMutex::Lock
 (this=this at entry=0x8)
     at ../../dist/include/mozilla/Mutex.h:69
 #1  0x00007fffec94d8f0 in mozilla::Monitor::Lock (this=0x8)
     at ../../dist/include/mozilla/Monitor.h:35
 #2  mozilla::MonitorAutoLock::MonitorAutoLock (aMonitor=...,
 this=0x7fffc9daf110)
     at ../../dist/include/mozilla/Monitor.h:78
 #3  mozilla::image::imgFrame::ImageUpdated (this=0x0, aUpdateRect=...)
     at /home/ubuntu/build/tor-browser/image/src/imgFrame.cpp:667
 #4  0x00007fffec938bc4 in mozilla::image::Decoder::PostInvalidation (
     this=this at entry=0x6160004aaf80, aRect=..., aRectAtTargetSize=...)
     at /home/ubuntu/build/tor-browser/image/src/Decoder.cpp:645
 #5  0x00007fffec96371a in mozilla::image::nsBMPDecoder::WriteInternal (
     this=0x6160004aaf80, aBuffer=<optimized out>, aCount=<optimized out>)
     at /home/ubuntu/build/tor-browser/image/decoders/nsBMPDecoder.cpp:891
 #6  0x00007fffec933a1a in mozilla::image::Decoder::Write
 (this=0x6160004aaf80,
     aBuffer=<optimized out>, aCount=1152)
     at /home/ubuntu/build/tor-browser/image/src/Decoder.cpp:227
 #7  0x00007fffec97323a in
 mozilla::image::nsICODecoder::WriteToContainedDecoder (
     this=this at entry=0x6140002e8040, aBuffer=aBuffer at entry=0x6210010b1d4e
 "",
     aCount=aCount at entry=1152)
     at /home/ubuntu/build/tor-browser/image/decoders/nsICODecoder.cpp:599
 #8  0x00007fffec97493c in mozilla::image::nsICODecoder::WriteInternal (
     this=0x6140002e8040, aBuffer=<optimized out>, aCount=<optimized out>)
     at /home/ubuntu/build/tor-browser/image/decoders/nsICODecoder.cpp:508
 #9  0x00007fffec933a1a in mozilla::image::Decoder::Write (
     this=this at entry=0x6140002e8040, aBuffer=<optimized out>, aCount=2238)
     at /home/ubuntu/build/tor-browser/image/src/Decoder.cpp:227
 #10 0x00007fffec9391e2 in mozilla::image::Decoder::Decode (
     this=this at entry=0x6140002e8040)
     at /home/ubuntu/build/tor-browser/image/src/Decoder.cpp:157
 #11 0x00007fffec945962 in mozilla::image::DecodePool::Decode
 (this=0x60400011bc90,
     aDecoder=0x6140002e8040)
     at /home/ubuntu/build/tor-browser/image/src/DecodePool.cpp:331
 #12 0x00007fffec947d9a in mozilla::image::DecodeWorker::Run
 (this=<optimized out>)
     at /home/ubuntu/build/tor-browser/image/src/DecodePool.cpp:122
 #13 0x00007fffebadc312 in nsThreadPool::Run (this=0x60c0000d2b80)
     at /home/ubuntu/build/tor-browser/xpcom/threads/nsThreadPool.cpp:225
 #14 0x00007fffebaddcf2 in nsThread::ProcessNextEvent (this=0x60f00012b6e0,
     aMayWait=<optimized out>, aResult=0x7fffc9dafbd0)
     at /home/ubuntu/build/tor-browser/xpcom/threads/nsThread.cpp:855
 #15 0x00007fffebb13336 in NS_ProcessNextEvent (aThread=0x60f00012b6e0,
     aMayWait=aMayWait at entry=false)
     at /home/ubuntu/build/tor-browser/xpcom/glue/nsThreadUtils.cpp:265
 #16 0x00007fffebf2a1f5 in mozilla::ipc::MessagePumpForNonMainThreads::Run
 (
     this=0x6060001e8d80, aDelegate=0x61400010fe40)
     at /home/ubuntu/build/tor-browser/ipc/glue/MessagePump.cpp:339
 #17 0x00007fffebef0924 in MessageLoop::RunHandler (this=0x61400010fe40)
     at /home/ubuntu/build/tor-
 browser/ipc/chromium/src/base/message_loop.cc:226
 #18 MessageLoop::Run (this=this at entry=0x61400010fe40)
     at /home/ubuntu/build/tor-
 browser/ipc/chromium/src/base/message_loop.cc:200
 #19 0x00007fffebae2a69 in nsThread::ThreadFunc (aArg=0x60f00012b6e0)
     at /home/ubuntu/build/tor-browser/xpcom/threads/nsThread.cpp:356
 #20 0x00007ffff7f6d369 in _pt_root (arg=0x6120001204c0)
     at /home/ubuntu/build/tor-
 browser/nsprpub/pr/src/pthreads/ptthread.c:212
 #21 0x00007ffff6c5d0a4 in start_thread (arg=0x7fffc9db0700) at
 pthread_create.c:309
 #22 0x00007ffff5efd06d in clone () at
 ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
 }}}
 And this seems to be caused by one of our patches as I can't get it to
 crash on a vanilla ESR 38.4.0.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17761#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list