Closed
Bug 1601166
Opened 5 years ago
Closed 2 years ago
crash at null in [@ mozilla::dom::MediaKeySystemAccessManager::CheckDoesWindowSupportProtectedMedia]
Categories
(Core :: Audio/Video: Playback, defect, P2)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: crash, testcase)
Attachments
(2 files)
Reduced with m-c:
BuildID=20191203180713
SourceStamp=d1001fea6e4c66b98bb4983df49c6e47d2db5ceb
NOTE: The attached test case needs to be served via a web server to trigger the issue and popups need to be allowed when prompted.
==2424==ERROR: AddressSanitizer: breakpoint on unknown address 0x000000000000 (pc 0x7ffc88f54b4e bp 0x001d065f78e0 sp 0x001d065f76c0 T0)
==2424==The signal is caused by a READ memory access.
==2424==Hint: address points to the zero page.
#0 0x7ffc88f54b4d in mozilla::dom::MediaKeySystemAccessManager::CheckDoesWindowSupportProtectedMedia src\dom\media\eme\MediaKeySystemAccessManager.cpp:137
#1 0x7ffc88f5366a in mozilla::dom::MediaKeySystemAccessManager::Request src\dom\media\eme\MediaKeySystemAccessManager.cpp:119
#2 0x7ffc853eb39d in mozilla::dom::Navigator::RequestMediaKeySystemAccess src\dom\base\Navigator.cpp:1968
#3 0x7ffc85ff022c in mozilla::dom::Navigator_Binding::requestMediaKeySystemAccess_promiseWrapper src\obj-firefox\dom\bindings\NavigatorBinding.cpp:2065
#4 0x7ffc87ccd4c1 in mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy,mozilla::dom::binding_detail::ConvertExceptionsToPromises> src\dom\bindings\BindingUtils.cpp:3153
#5 0x7ffc8f0de3fe in js::InternalCallOrConstruct src\js\src\vm\Interpreter.cpp:549
#6 0x7ffc8f0e163a in InternalCall src\js\src\vm\Interpreter.cpp:618
#7 0x7ffc8f0c2832 in Interpret src\js\src\vm\Interpreter.cpp:3118
#8 0x7ffc8f0a510a in js::RunScript src\js\src\vm\Interpreter.cpp:424
#9 0x7ffc8f0ded15 in js::InternalCallOrConstruct src\js\src\vm\Interpreter.cpp:590
#10 0x7ffc8f0e163a in InternalCall src\js\src\vm\Interpreter.cpp:618
#11 0x7ffc8f0e1872 in js::Call src\js\src\vm\Interpreter.cpp:635
#12 0x7ffc8f2c0b42 in JS::Call src\js\src\jsapi.cpp:2752
#13 0x7ffc874855fb in mozilla::dom::EventListener::HandleEvent src\obj-firefox\dom\bindings\EventListenerBinding.cpp:52
#14 0x7ffc885cbce4 in mozilla::EventListenerManager::HandleEventSubType src\dom\events\EventListenerManager.cpp:1072
#15 0x7ffc885cdce0 in mozilla::EventListenerManager::HandleEventInternal src\dom\events\EventListenerManager.cpp:1269
#16 0x7ffc885af811 in mozilla::EventTargetChainItem::HandleEvent src\dom\events\EventDispatcher.cpp:355
#17 0x7ffc885ad7d2 in mozilla::EventTargetChainItem::HandleEventTargetChain src\dom\events\EventDispatcher.cpp:557
#18 0x7ffc885b4021 in mozilla::EventDispatcher::Dispatch src\dom\events\EventDispatcher.cpp:1055
#19 0x7ffc885bd72d in mozilla::EventDispatcher::DispatchDOMEvent src\dom\events\EventDispatcher.cpp
#20 0x7ffc8560d16e in nsINode::DispatchEvent src\dom\base\nsINode.cpp:1128
#21 0x7ffc84ee4bd9 in nsContentUtils::DispatchEvent src\dom\base\nsContentUtils.cpp:4015
#22 0x7ffc84ee49a9 in nsContentUtils::DispatchTrustedEvent src\dom\base\nsContentUtils.cpp:3985
#23 0x7ffc85290157 in mozilla::dom::Document::DispatchContentLoadedEvents src\dom\base\Document.cpp:7004
#24 0x7ffc8104ab93 in mozilla::detail::RunnableMethodImpl<nsMemoryReporterManager *,nsresult (nsMemoryReporterManager::*)(),1,mozilla::RunnableKind::Standard>::Run src\obj-firefox\dist\include\nsThreadUtils.h:1176
#25 0x7ffc811fdb05 in mozilla::SchedulerGroup::Runnable::Run src\xpcom\threads\SchedulerGroup.cpp:295
#26 0x7ffc81229a27 in nsThread::ProcessNextEvent src\xpcom\threads\nsThread.cpp:1250
#27 0x7ffc81233958 in NS_ProcessNextEvent src\xpcom\threads\nsThreadUtils.cpp:486
#28 0x7ffc82498d3f in mozilla::ipc::MessagePump::Run src\ipc\glue\MessagePump.cpp:88
#29 0x7ffc823daafe in MessageLoop::RunHandler src\ipc\chromium\src\base\message_loop.cc:308
#30 0x7ffc823da895 in MessageLoop::Run src\ipc\chromium\src\base\message_loop.cc:290
#31 0x7ffc8aa835da in nsBaseAppShell::Run src\widget\nsBaseAppShell.cpp:137
#32 0x7ffc8ac1fa98 in nsAppShell::Run src\widget\windows\nsAppShell.cpp:406
#33 0x7ffc8ede1a88 in XRE_RunAppShell src\toolkit\xre\nsEmbedFunctions.cpp:932
#34 0x7ffc823daafe in MessageLoop::RunHandler src\ipc\chromium\src\base\message_loop.cc:308
#35 0x7ffc823da895 in MessageLoop::Run src\ipc\chromium\src\base\message_loop.cc:290
#36 0x7ffc8ede0c75 in XRE_InitChildProcess src\toolkit\xre\nsEmbedFunctions.cpp:767
#37 0x7ff68626213e in NS_internal_main src\browser\app\nsBrowserApp.cpp:272
#38 0x7ff686261501 in wmain src\toolkit\xre\nsWindowsWMain.cpp:131
Flags: in-testsuite?
Reporter | ||
Comment 1•5 years ago
|
||
Assignee: nobody → bvandyk
Priority: -- → P2
Comment 2•2 years ago
|
||
Unassigning bugs assigned to Bryce because he no longer works at Mozilla.
Assignee: brycebugemail → nobody
Reporter | ||
Comment 3•2 years ago
|
||
The attached test case no longer reproduces the issue and the fuzzers last reported it when fuzzing m-c 20200121-f74adc43b654.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•