Has there been any progress on this bug? It would be very helpful to have correct data on crash-stats for these platforms.

Sadly there hasn't. It requires some significant surgery on the Socorro side of crash analysis and none of us has had enough spare cycles to look into it.

BTW since we're rewriting most of this stuff in Rust we could implement this either by using capstone's Rust bindings or iced-x86.

I'm currently merging a PR for the majority of functionality needed to implement this. The rest of the implementation afterwards should be fairly straightforward.

PR is merged \o/. Chris do you want to handle the last few steps now that you've done all the disassembler integration? IIUC the only thing left to do is use get_instruction_memory_access() in the stack-walker and handle the case where the result doesn't match the address reported in the exception context. Maybe we should give some thought to the output. For example we could replace the address in case we think the one obtained via disassembly is better, but then we should probably leave a field in the output to mark the fact that we're reporting something different than what was in the exception. Alternatively we could add a new field in the JSON output with what we think is the probable crash address when it's different than the exception one and leave the latter untouched. This would require some changes in Socorro to pick up the new field but it's not a big deal either and I could handle the Socorro changes myself.

I gave this some thought and did a few experiments. I think that the fastest way to surface this functionality is to outright replace the crash address in rust-minidump's stackwalker JSON output when we're 100% certain it's wrong. This would apply to crashes with the following conditions:

• Processor is x86-64
• Address of accessed memory decoded via disassembly is between 0xffff800000000000 and 0x00007fffffffffff (exclusive)
• On Windows
  • Crash address is 0xffffffffffffffff
  • Crash reason is EXCEPTION_ACCESS_VIOLATION_READ
• On Linux
  • Crash address is 0x0000000000000000
  • Crash reason is SIGBUS / SI_KERNEL or SIGSEGV / SI_KERNEL
• on macOS
  • Crash address is 0x0000000000000000
  • Crash reason is EXC_BAD_ACCESS / EXC_I386_GPFLT

It would also be great to surface the data that gets pretty-printed into the Crashing instruction: and Memory accessed by instruction: fields. If we could put it somewhere in the JSON output we could surface it on Socorro which would be very useful during crash analysis.

Sounds like a good plan to me! I'll start working on it later today. Shouldn't take long :)

PR 665 should be able to close this bug

Yes, we can close it after your PR lands. I'll open a separate one in Socorro to deploy the change which might not happen immediately because AFAIK Will is still working on the schema.

And with the deploy to Socorro in bug 1801122 this bug is finally fixed! Thanks to everybody who helped implement this! Also know that Breakpad landed a similar fix to their stackwalker after we did but it's a bit clunky to use an euphemism. Let's say it involves calling spitting out the bytes to a temporary file, calling objdump on it and then parsing the text output (in C++). I'm VERY HAPPY we've moved on to Rust.