Closed
Bug 1417730
Opened 8 years ago
Closed 7 years ago
BroadcastChannel related Crash in mozilla::ipc::FatalError | mozilla::ipc::IProtocol::HandleFatalError | mozilla::net::PWebSocketChild::Write
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
RESOLVED
WONTFIX
| Tracking | Status | |
|---|---|---|
| firefox57 | --- | affected |
People
(Reporter: bkelly, Unassigned)
Details
(Keywords: crash)
Crash Data
I got this crash in FF57 today. AFAICT it crashes while I was away from my machine, so not sure what caused. Definitely seems BroadcastChannel related
This bug was filed from the Socorro interface and is
report bp-4e500113-64dd-4dbf-b2b8-e87c60171115.
=============================================================
Top 10 frames of crashing thread:
0 mozglue.dll MOZ_CrashOOL mfbt/Assertions.cpp:33
1 xul.dll mozilla::ipc::FatalError ipc/glue/ProtocolUtils.cpp:306
2 xul.dll mozilla::ipc::IProtocol::HandleFatalError ipc/glue/ProtocolUtils.cpp:481
3 xul.dll mozilla::net::PWebSocketChild::Write ipc/ipdl/PWebSocketChild.cpp:4066
4 xul.dll mozilla::dom::PBroadcastChannelChild::Write ipc/ipdl/PBroadcastChannelChild.cpp:1194
5 xul.dll mozilla::dom::cache::PCacheChild::Write ipc/ipdl/PBroadcastChannelChild.cpp:453
6 xul.dll mozilla::dom::PContentChild::Write ipc/ipdl/PContentChild.cpp:18065
7 xul.dll mozilla::dom::PContentChild::Write ipc/ipdl/PContentChild.cpp:14734
8 xul.dll mozilla::dom::PContentChild::Write ipc/ipdl/PContentChild.cpp:11199
9 xul.dll mozilla::dom::PContentChild::SendStoreAndBroadcastBlobURLRegistration ipc/ipdl/PContentChild.cpp:4207
=============================================================
Flags: needinfo?(amarchesini)
|
Reporter | |
Comment 1•8 years ago
|
||
IPDL error [PContentChild]: "NULL actor value passed to non-nullable param". abort()ing as a result.
|
||
Comment 2•8 years ago
|
||
This is not related to BroadcastChannel API. Here we are propagating the creation of a Blob URL.
All looks fine until these lines:
3 xul.dll mozilla::net::PWebSocketChild::Write ipc/ipdl/PWebSocketChild.cpp:4066
4 xul.dll mozilla::dom::PBroadcastChannelChild::Write ipc/ipdl/PBroadcastChannelChild.cpp:1194
5 xul.dll mozilla::dom::cache::PCacheChild::Write ipc/ipdl/PBroadcastChannelChild.cpp:453
I don't see why from a PContentChild we end up writing using PCacheChild, and then PBroadcatsChannelChild and then PWebSocketChild. Memory corruption?
Flags: needinfo?(amarchesini) → needinfo?(wmccloskey)
|
|
Reporter | |
Comment 3•8 years ago
|
||
I think that part of the stack is bogus. The ipdl stacks seem to confuse our crash reporter regularly.
Also, after filing this bug I realized other applications on my computer were gone as well. Its possible this was more an OS level "shutdown down everything" type event and it just caught it in the middle of the broadcast channel operation.
I'm having trouble tracing through all the IPC stream code, but this probably is a real bug. If you just follow the argument types of the functions on the crash stack, and ignore the classes they belong to, you get a stack that makes sense. I don't know what's going wrong exactly, but it looks like this field is not being filled in:
https://searchfox.org/mozilla-central/rev/919dce54f43356c22d6ff6b81c07ef412b1bf933/ipc/glue/IPCStream.ipdlh#24
Flags: needinfo?(wmccloskey)
|
||
Updated•8 years ago
|
Priority: -- → P2
|
||
Comment 5•7 years ago
|
||
Closing because no crash reported since 12 weeks.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
|
|
||
Comment 6•7 years ago
|
||
Closing because no crash reported since 12 weeks.
|
Assignee | |
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•