Closed Bug 1066718 Opened 5 years ago Closed 5 years ago

crash in nsScriptSecurityManager::AddSitesToFileURIWhitelist(nsCString const&)

Categories

(Core :: Security: CAPS, defect, critical)

x86
Windows NT
defect
Not set
critical

Tracking

()

VERIFIED FIXED
mozilla35
Tracking Status
e10s ? ---
firefox32 --- unaffected
firefox33 --- verified
firefox34 --- verified
firefox35 --- verified
firefox-esr31 33+ fixed

People

(Reporter: kairo, Assigned: bholley)

References

Details

(Keywords: crash, regression)

Crash Data

Attachments

(1 file)

This bug was filed from the Socorro interface and is 
report bp-dbe0ca2c-53cc-4f07-82a9-a8def2140910.
=============================================================

This is a startup crash of the main process with e10s enabled that is rising significantly now that we nudge people to try e10s.

Find stats and more reports at https://crash-stats.mozilla.com/report/list?product=Firefox&signature=nsScriptSecurityManager%3A%3AAddSitesToFileURIWhitelist%28nsCString+const%26%29
Sorry, this is actually mostly happening in the *content* process, but some of those are also in the main "browser" process.
We're calling ExtractScheme on a null sIOService.
Blocks: 1061136
Flags: needinfo?(bobbyholley)
Yeah, this basically crashes for everyone who has the caps fileURI prefs set up. The problem is that the test sets the prefs dynamically long after startup, and so we don't hit this crash.

We'll need to take this on all the branches where we uplifted bug 1061136.
Assignee: nobody → bobbyholley
Flags: needinfo?(bobbyholley)
Keywords: regression
Comment on attachment 8489992 [details] [diff] [review]
Get sIOService before invoking ReadPrefs. v1

This is regression from bug 1061136 that will cause it to crash for pretty much everyone who uses this machinery. This fix needs to follow  that one.
Attachment #8489992 - Flags: approval-mozilla-esr31?
Attachment #8489992 - Flags: approval-mozilla-beta?
Attachment #8489992 - Flags: approval-mozilla-aurora?
Comment 0 says that this crash only occurs when e10s is enabled. e10s is currently disabled by default everywhere. This is a trivial fix but still should only be uplifted where necessary. I'm happy to uplift to aurora and will accept on beta if we're asking people to enable e10s there. I don't think we need to uplift to esr31, on which we will never enable e10s and on which the user base has no expectation of bleeding edge features.
(In reply to Lawrence Mandel [:lmandel] from comment #7)
> Comment 0 says that this crash only occurs when e10s is enabled. e10s is
> currently disabled by default everywhere. This is a trivial fix but still
> should only be uplifted where necessary. I'm happy to uplift to aurora and
> will accept on beta if we're asking people to enable e10s there. I don't
> think we need to uplift to esr31, on which we will never enable e10s and on
> which the user base has no expectation of bleeding edge features.

I don't understand why this would be e10s-only. By my reading of the code, it should be happening to anyone that has the CAPS prefs set. I can investigate this if you like, but the fix is super-safe (just grabbing a pointer to the global IOService one line earlier), so I think we could also just uplift it and move on.
(In reply to Lawrence Mandel [:lmandel] from comment #7)
> Comment 0 says that this crash only occurs when e10s is enabled.

So, I thought this would be related due to when it started spiking but I took the wrong conclusions to the data I was seeing. This also happens where e10s is disabled, the way our queries work did confuse me.

As Bobby says that it's caused by using what bug 1061136 introduces, we should see to land this everywhere we land(ed) that other patch as well.
Summary: e10s crash in nsScriptSecurityManager::AddSitesToFileURIWhitelist(nsCString const&) → crash in nsScriptSecurityManager::AddSitesToFileURIWhitelist(nsCString const&)
Comment on attachment 8489992 [details] [diff] [review]
Get sIOService before invoking ReadPrefs. v1

r=me
Attachment #8489992 - Flags: review?(bzbarsky) → review+
https://hg.mozilla.org/mozilla-central/rev/82824b25afee
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
Attachment #8489992 - Flags: approval-mozilla-esr31?
Attachment #8489992 - Flags: approval-mozilla-esr31+
Attachment #8489992 - Flags: approval-mozilla-beta?
Attachment #8489992 - Flags: approval-mozilla-beta+
Attachment #8489992 - Flags: approval-mozilla-aurora?
Attachment #8489992 - Flags: approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.