Closed
Bug 1587604
Opened 6 years ago
Closed 6 years ago
crash at null in [@ mozilla::net::nsHttpChannel::ReportContentTypeTelemetryForCrossOriginStylesheets]
Categories
(Core :: Networking: HTTP, defect, P2)
Core
Networking: HTTP
Tracking
()
VERIFIED
FIXED
mozilla71
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox-esr68 | --- | unaffected |
| firefox67 | --- | unaffected |
| firefox68 | --- | unaffected |
| firefox69 | --- | unaffected |
| firefox70 | --- | unaffected |
| firefox71 | --- | verified |
People
(Reporter: tsmith, Assigned: valentin)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: crash, regression, testcase, Whiteboard: [necko-triaged])
Attachments
(2 files)
Reduced with m-c:
BuildID=20191009164235
SourceStamp=a43ad34ac8e3033d22c2ea30eebfa8c271130e48
==24947==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f23b2a62a1c bp 0x7ffed8365ab0 sp 0x7ffed83658a0 T0)
==24947==The signal is caused by a READ memory access.
==24947==Hint: address points to the zero page.
#0 0x7f23b2a62a1b in GetURI /src/obj-firefox/dist/include/nsIPrincipal.h:82:39
#1 0x7f23b2a62a1b in mozilla::net::nsHttpChannel::ReportContentTypeTelemetryForCrossOriginStylesheets() /src/netwerk/protocol/http/nsHttpChannel.cpp:8110
#2 0x7f23b2a6088e in mozilla::net::nsHttpChannel::CallOnStartRequest() /src/netwerk/protocol/http/nsHttpChannel.cpp:1770:3
#3 0x7f23b2a7d17e in mozilla::net::nsHttpChannel::ContinueProcessNormal(nsresult) /src/netwerk/protocol/http/nsHttpChannel.cpp:3035:8
#4 0x7f23b2a76654 in mozilla::net::nsHttpChannel::ProcessNormal() /src/netwerk/protocol/http/nsHttpChannel.cpp:2972:10
#5 0x7f23b2a7434a in mozilla::net::nsHttpChannel::ContinueProcessResponse3(nsresult) /src/netwerk/protocol/http/nsHttpChannel.cpp
#6 0x7f23b2a6d8cb in mozilla::net::nsHttpChannel::ContinueProcessResponse1() /src/netwerk/protocol/http/nsHttpChannel.cpp:2609:10
#7 0x7f23b2a6c8a1 in mozilla::net::nsHttpChannel::ProcessResponse() /src/netwerk/protocol/http/nsHttpChannel.cpp:2476:10
#8 0x7f23b2abce9c in mozilla::net::nsHttpChannel::OnStartRequest(nsIRequest*) /src/netwerk/protocol/http/nsHttpChannel.cpp:7678:31
#9 0x7f23b1fb56b5 in nsInputStreamPump::OnStateStart() /src/netwerk/base/nsInputStreamPump.cpp:487:21
#10 0x7f23b1fb4cb0 in nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) /src/netwerk/base/nsInputStreamPump.cpp:396:21
#11 0x7f23b1c9c066 in nsInputStreamReadyEvent::Run() /src/xpcom/io/nsStreamUtils.cpp:91:20
#12 0x7f23b1d2c339 in nsThread::ProcessNextEvent(bool, bool*) /src/xpcom/threads/nsThread.cpp:1225:14
#13 0x7f23b1d32fa8 in NS_ProcessNextEvent(nsIThread*, bool) /src/xpcom/threads/nsThreadUtils.cpp:486:10
#14 0x7f23b2f8022f in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) /src/ipc/glue/MessagePump.cpp:88:21
#15 0x7f23b2e78ef2 in RunInternal /src/ipc/chromium/src/base/message_loop.cc:315:10
#16 0x7f23b2e78ef2 in RunHandler /src/ipc/chromium/src/base/message_loop.cc:308
#17 0x7f23b2e78ef2 in MessageLoop::Run() /src/ipc/chromium/src/base/message_loop.cc:290
#18 0x7f23bb37f239 in nsBaseAppShell::Run() /src/widget/nsBaseAppShell.cpp:137:27
#19 0x7f23bf040b10 in nsAppStartup::Run() /src/toolkit/components/startup/nsAppStartup.cpp:276:30
#20 0x7f23bf2c0c63 in XREMain::XRE_mainRun() /src/toolkit/xre/nsAppRunner.cpp:4600:22
#21 0x7f23bf2c2d7f in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) /src/toolkit/xre/nsAppRunner.cpp:4735:8
#22 0x7f23bf2c4660 in XRE_main(int, char**, mozilla::BootstrapConfig const&) /src/toolkit/xre/nsAppRunner.cpp:4816:21
#23 0x5652161ee9d6 in do_main /src/browser/app/nsBrowserApp.cpp:218:22
#24 0x5652161ee9d6 in main /src/browser/app/nsBrowserApp.cpp:300
Flags: in-testsuite?
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → valentin.gosu
Flags: needinfo?(valentin.gosu)
Priority: -- → P2
Whiteboard: [necko-triaged]
|
|
Assignee | |
Comment 1•6 years ago
|
||
Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/fd78ca9c9e15
Check if loadingPrincipal is null before doing cross-origin check r=mayhemer
|
||
Updated•6 years ago
|
Keywords: regression
|
||
Comment 3•6 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla71
|
||
Updated•6 years ago
|
status-firefox67:
--- → unaffected
status-firefox68:
--- → unaffected
status-firefox69:
--- → unaffected
status-firefox70:
--- → unaffected
status-firefox-esr60:
--- → unaffected
status-firefox-esr68:
--- → unaffected
|
|
||
Updated•6 years ago
|
Flags: qe-verify+
|
||
Comment 4•6 years ago
|
||
Hello! Reproduced the issue with Firefox 71.0a1 (20191009095806) on Windows 10x64. After loading the test case from comment 0 Firefox crashed.
The issue is verified fixed with Firefox 71.0b11 (20191118154140) on Windows 10x64, macOS 10.14 and Ubuntu 18.04. No crashes encountered while using the test case.
|
|
||
Updated•3 years ago
|
Has Regression Range: --- → yes
You need to log in
before you can comment on or make changes to this bug.
Description
•