Open
Bug 1701187
Opened 3 years ago
Updated 2 years ago
Intermittent SUMMARY: AddressSanitizer: access-violation /builds/worker/checkouts/gecko/dom/promise/Promise.cpp:385 in mozilla::dom::`anonymous namespace'::PromiseNativeHandlerShim::ResolvedCallback
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
NEW
People
(Reporter: aryx, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: intermittent-failure)
Log: https://treeherder.mozilla.org/logviewer?job_id=334514603&repo=mozilla-central
[task 2021-03-26T05:05:49.799Z] 05:05:49 INFO - TEST-START | dom/base/test/browser_bug1303838.js
[task 2021-03-26T05:05:56.470Z] 05:05:56 INFO - GECKO(10864) | =================================================================
[task 2021-03-26T05:05:56.470Z] 05:05:56 ERROR - GECKO(10864) | ==716==ERROR: AddressSanitizer: access-violation on unknown address 0x000000000000 (pc 0x7ffddebfb586 bp 0x00aa6a9fca50 sp 0x00aa6a9fc900 T0)
[task 2021-03-26T05:05:56.470Z] 05:05:56 INFO - GECKO(10864) | ==716==The signal is caused by a READ memory access.
[task 2021-03-26T05:05:56.470Z] 05:05:56 INFO - GECKO(10864) | ==716==Hint: address points to the zero page.
[task 2021-03-26T05:05:56.819Z] 05:05:56 INFO - GECKO(10864) | ==716==WARNING: Failed to use and restart external symbolizer!
[task 2021-03-26T05:05:57.046Z] 05:05:57 INFO - GECKO(10864) | #0 0x7ffddebfb585 in mozilla::dom::`anonymous namespace'::PromiseNativeHandlerShim::ResolvedCallback /builds/worker/checkouts/gecko/dom/promise/Promise.cpp:385
[task 2021-03-26T05:05:57.046Z] 05:05:57 INFO - GECKO(10864) | #1 0x7ffddebfbf99 in mozilla::dom::NativeHandlerCallback /builds/worker/checkouts/gecko/dom/promise/Promise.cpp:338
[task 2021-03-26T05:05:57.050Z] 05:05:57 INFO - GECKO(10864) | #2 0x7ffde37a3a68 in js::InternalCallOrConstruct /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:520
[task 2021-03-26T05:05:57.050Z] 05:05:57 INFO - GECKO(10864) | #3 0x7ffde37a6b0b in js::Call /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:597
[task 2021-03-26T05:05:57.060Z] 05:05:57 INFO - GECKO(10864) | #4 0x7ffde3b75190 in PromiseReactionJob /builds/worker/checkouts/gecko/js/src/builtin/Promise.cpp:1905
[task 2021-03-26T05:05:57.060Z] 05:05:57 INFO - GECKO(10864) | #5 0x7ffde37a3a68 in js::InternalCallOrConstruct /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:520
[task 2021-03-26T05:05:57.060Z] 05:05:57 INFO - GECKO(10864) | #6 0x7ffde37a6b0b in js::Call /builds/worker/checkouts/gecko/js/src/vm/Interpreter.cpp:597
[task 2021-03-26T05:05:57.070Z] 05:05:57 INFO - GECKO(10864) | #7 0x7ffde41e8b31 in JS::Call /builds/worker/checkouts/gecko/js/src/jsapi.cpp:2856
[task 2021-03-26T05:05:57.089Z] 05:05:57 INFO - GECKO(10864) | #8 0x7ffdda83f080 in mozilla::dom::PromiseJobCallback::Call /builds/worker/workspace/obj-build/dom/bindings/PromiseBinding.cpp:31
[task 2021-03-26T05:05:57.093Z] 05:05:57 INFO - GECKO(10864) | #9 0x7ffdd5ccb5be in mozilla::PromiseJobRunnable::Run /builds/worker/checkouts/gecko/xpcom/base/CycleCollectedJSContext.cpp:212
[task 2021-03-26T05:05:57.093Z] 05:05:57 INFO - GECKO(10864) | #10 0x7ffdd5c9e376 in mozilla::CycleCollectedJSContext::PerformMicroTaskCheckPoint /builds/worker/checkouts/gecko/xpcom/base/CycleCollectedJSContext.cpp:647
[task 2021-03-26T05:05:57.093Z] 05:05:57 INFO - GECKO(10864) | #11 0x7ffdd5c9f4fe in mozilla::CycleCollectedJSContext::AfterProcessTask /builds/worker/checkouts/gecko/xpcom/base/CycleCollectedJSContext.cpp:462
[task 2021-03-26T05:05:57.112Z] 05:05:57 INFO - GECKO(10864) | #12 0x7ffdd7fb326c in XPCJSContext::AfterProcessTask /builds/worker/checkouts/gecko/js/xpconnect/src/XPCJSContext.cpp:1462
[task 2021-03-26T05:05:57.122Z] 05:05:57 INFO - GECKO(10864) | #13 0x7ffdd5f4190a in nsThread::ProcessNextEvent /builds/worker/checkouts/gecko/xpcom/threads/nsThread.cpp:1192
[task 2021-03-26T05:05:57.122Z] 05:05:57 INFO - GECKO(10864) | #14 0x7ffdd5f5024c in NS_ProcessNextEvent /builds/worker/checkouts/gecko/xpcom/threads/nsThreadUtils.cpp:548
[task 2021-03-26T05:05:57.127Z] 05:05:57 INFO - GECKO(10864) | #15 0x7ffdd72d49ce in mozilla::ipc::MessagePump::Run /builds/worker/checkouts/gecko/ipc/glue/MessagePump.cpp:87
[task 2021-03-26T05:05:57.131Z] 05:05:57 INFO - GECKO(10864) | #16 0x7ffdd720d4e5 in MessageLoop::RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:328
[task 2021-03-26T05:05:57.131Z] 05:05:57 INFO - GECKO(10864) | #17 0x7ffdd720d2b5 in MessageLoop::Run /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:310
[task 2021-03-26T05:05:57.136Z] 05:05:57 INFO - GECKO(10864) | #18 0x7ffddf4324da in nsBaseAppShell::Run /builds/worker/checkouts/gecko/widget/nsBaseAppShell.cpp:137
[task 2021-03-26T05:05:57.146Z] 05:05:57 INFO - GECKO(10864) | #19 0x7ffddf617fab in nsAppShell::Run /builds/worker/checkouts/gecko/widget/windows/nsAppShell.cpp:602
[task 2021-03-26T05:05:57.146Z] 05:05:57 INFO - GECKO(10864) | #20 0x7ffde34df004 in XRE_RunAppShell /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:902
[task 2021-03-26T05:05:57.146Z] 05:05:57 INFO - GECKO(10864) | #21 0x7ffdd720d4e5 in MessageLoop::RunHandler /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:328
[task 2021-03-26T05:05:57.146Z] 05:05:57 INFO - GECKO(10864) | #22 0x7ffdd720d2b5 in MessageLoop::Run /builds/worker/checkouts/gecko/ipc/chromium/src/base/message_loop.cc:310
[task 2021-03-26T05:05:57.146Z] 05:05:57 INFO - GECKO(10864) | #23 0x7ffde34de3f4 in XRE_InitChildProcess /builds/worker/checkouts/gecko/toolkit/xre/nsEmbedFunctions.cpp:734
[task 2021-03-26T05:05:57.148Z] 05:05:57 INFO - GECKO(10864) | #24 0x7ff764d81edd in NS_internal_main /builds/worker/checkouts/gecko/browser/app/nsBrowserApp.cpp:309
[task 2021-03-26T05:05:57.150Z] 05:05:57 INFO - GECKO(10864) | #25 0x7ff764d8148e in wmain /builds/worker/checkouts/gecko/toolkit/xre/nsWindowsWMain.cpp:131
[task 2021-03-26T05:05:57.151Z] 05:05:57 INFO - GECKO(10864) | #26 0x7ff764e7c3d7 in __scrt_common_main_seh f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:288
[task 2021-03-26T05:05:57.151Z] 05:05:57 INFO - GECKO(10864) | #27 0x7ffe22b73033 in BaseThreadInitThunk+0x13 (C:\Windows\System32\KERNEL32.DLL+0x180013033)
[task 2021-03-26T05:05:57.151Z] 05:05:57 INFO - GECKO(10864) | #28 0x7ffe24791460 in RtlUserThreadStart+0x20 (C:\Windows\SYSTEM32\ntdll.dll+0x180071460)
[task 2021-03-26T05:05:57.151Z] 05:05:57 INFO - GECKO(10864) | AddressSanitizer can not provide additional info.
[task 2021-03-26T05:05:57.151Z] 05:05:57 INFO - GECKO(10864) | SUMMARY: AddressSanitizer: access-violation /builds/worker/checkouts/gecko/dom/promise/Promise.cpp:385 in mozilla::dom::`anonymous namespace'::PromiseNativeHandlerShim::ResolvedCallback
Comment 1•3 years ago
|
||
That doesn't really give hint which native promise handler we're dealing with.
mInner is strong. unknown address 0x000000000000
Someone is passing null to Promise::AppendNativeHandler ?
Comment 2•3 years ago
|
||
I appreciate the caution in filing this as a security bug, but a null deref doesn't need to be hidden.
Group: dom-core-security
Comment hidden (Intermittent Failures Robot) |
Updated•3 years ago
|
Severity: -- → S3
Comment hidden (Intermittent Failures Robot) |
Updated•2 years ago
|
Blocks: asan-maintenance
You need to log in
before you can comment on or make changes to this bug.
Description
•