The default bug view has changed. See this FAQ.

crash in mozilla::net::HttpBaseChannel::SetupReplacementChannel(nsIURI*, nsIChannel*, bool), Enhanced Steam add-on

VERIFIED FIXED in Firefox 35

Status

()

Core
Networking: HTTP
--
critical
VERIFIED FIXED
2 years ago
2 years ago

People

(Reporter: mayhemer, Assigned: mayhemer)

Tracking

({crash})

35 Branch
mozilla38
crash
Points:
---
Bug Flags:
qe-verify +

Firefox Tracking Flags

(firefox35 verified, firefox36 verified, firefox37 verified, firefox38 verified, relnote-firefox 35+)

Details

(crash signature)

Attachments

(1 attachment)

(Assignee)

Description

2 years ago
This bug was filed from the Socorro interface and is 
report bp-9d80d0be-f2ad-4e13-9060-3b7662150113.
=============================================================

Some DOM codepaths allow creation of requests having principals with null URLs.  The logging code doesn't check presence of the URL when listing redirects.  Redirects are combined from channel's principal URLs.
(Assignee)

Comment 1

2 years ago
Created attachment 8551851 [details] [diff] [review]
v1
Attachment #8551851 - Flags: review?(mcmanus)
Attachment #8551851 - Flags: review?(mcmanus) → review+
(Assignee)

Updated

2 years ago
Keywords: checkin-needed
Honza, thanks for the super fast answer in the other bug.
Could you fill the uplift request for aurora, beta & release? Thanks
Flags: needinfo?(honzab.moz)
https://hg.mozilla.org/integration/mozilla-inbound/rev/07dd454814b9
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/07dd454814b9
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
(Assignee)

Comment 5

2 years ago
Comment on attachment 8551851 [details] [diff] [review]
v1

Approval Request Comment
[Feature/regressing bug #]: 974018
[User impact if declined]: null deref crash
[Describe test coverage new/current, TreeHerder]: landed on m-c a day ago
[Risks and why]: zero, just bypasses nsAutoCString assignment when an object to call a method to fill it is found null
[String/UUID change made/needed]: none
Flags: needinfo?(honzab.moz)
Attachment #8551851 - Flags: approval-mozilla-release?
Attachment #8551851 - Flags: approval-mozilla-beta?
Attachment #8551851 - Flags: approval-mozilla-aurora?
Attachment #8551851 - Flags: approval-mozilla-release?
Attachment #8551851 - Flags: approval-mozilla-release+
Attachment #8551851 - Flags: approval-mozilla-beta?
Attachment #8551851 - Flags: approval-mozilla-beta+
Attachment #8551851 - Flags: approval-mozilla-aurora?
Attachment #8551851 - Flags: approval-mozilla-aurora+
(Assignee)

Comment 6

2 years ago
(In reply to Honza Bambas (:mayhemer) from comment #5)
> [Risks and why]: zero, just bypasses nsAutoCString assignment when an object
> to call a method to fill it is found null

And it's just for NSPR logging purposes!
https://hg.mozilla.org/releases/mozilla-aurora/rev/c9bfddb928fc
https://hg.mozilla.org/releases/mozilla-beta/rev/3096b7b44265
https://hg.mozilla.org/releases/mozilla-release/rev/f19bf2ab3d14
status-firefox35: --- → fixed
status-firefox36: --- → fixed
status-firefox37: --- → fixed
status-firefox38: --- → fixed
relnote-firefox: --- → 35+
Flags: qe-verify+
The crash rate decreased a lot.
In the last week there were:
- 0 crashes for Firefox 35.0.1 (down from 361 crashes in Firefox 35.0)
- On the beta channel, there were 2 crashes on 36.0b2 and none for 36.0b4 and 36.0b5
- 2 crashes on 37.0a2.
- No crashes on Nightly 38.

Based on these results, I consider it's safe to mark this issue verified.
Please reopen if you disagree. Thanks!
Status: RESOLVED → VERIFIED
status-firefox35: fixed → verified
status-firefox36: fixed → verified
status-firefox37: fixed → verified
status-firefox38: fixed → verified

Updated

2 years ago
Duplicate of this bug: 1117873

Comment 10

2 years ago
Crash on http://steamcommunity.com/market/ with Enhanced Steam 7.3
Crash Report https://crash-stats.mozilla.com/report/index/8a6dca85-a1ff-4cec-9a89-8ace72150316
You need to log in before you can comment on or make changes to this bug.