Closed Bug 1760274 Opened 2 years ago Closed 2 years ago

Crash in [@ xpc::NativeGlobal]

Categories

(Core :: WebRTC: Audio/Video, defect)

Product:
Core
Component:
WebRTC: Audio/Video
Version:
Firefox 100
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
100 Branch
Tracking Flags:
Tracking Status
thunderbird_esr91 --- unaffected
firefox-esr91 --- unaffected
firefox98 --- unaffected
firefox99 --- unaffected
firefox100 + fixed

People

(Reporter: calixte, Assigned: tjr, NeedInfo)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: crash, regression)

Crash Data

Attachments

(1 file)

Bug 1760274: Do not crash in RFP mode if GetWrapper is null
48 bytes, text/x-phabricator-request
Details | Review

Maybe Fission related. (DOMFissionEnabled=1)

Crash report: https://crash-stats.mozilla.org/report/index/491c4e36-b585-4b9e-b4c0-395640220317

Reason: SIGSEGV / SEGV_MAPERR

Top 10 frames of crashing thread:

0 libxul.so xpc::NativeGlobal js/xpconnect/wrappers/WrapperFactory.cpp:778
1 libxul.so mozilla::dom::MediaDevices::OnDeviceChange dom/media/MediaDevices.cpp:695
2 libxul.so std::enable_if<! dom/media/MediaEventSource.h:251
3 libxul.so mozilla::detail::ListenerImpl<nsIEventTarget, std::enable_if<! dom/media/MediaEventSource.h:266
4 libxul.so mozilla::detail::RunnableMethodImpl<mozilla::detail::Listener<bool>*, void  xpcom/threads/nsThreadUtils.h:1200
5 libxul.so mozilla::SchedulerGroup::Runnable::Run xpcom/threads/SchedulerGroup.cpp:140
6 libxul.so mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal xpcom/threads/TaskController.cpp:775
7 libxul.so NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:467
8 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:85
9 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:306

There are 9 crashes (from 5 installations) in nightly 100 starting with buildid 20220316214937. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1758367.

[1] https://hg.mozilla.org/mozilla-central/rev?node=88ca4bb1602f

Flags: needinfo?(blienhar)
Has Regression Range: --- → yes

Yeah; that crash has RFP enabled so it is almost certainly the case. Ben, can you put up a patch to add if (!GetWrapper()) { return; } right before line 695? (Make sure to run ./mach clang-format before you commit.)

Attachment #9268479 - Attachment description: WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Attachment #9268479 - Attachment description: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Attachment #9268479 - Attachment description: WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Assignee: nobody → tom
Status: NEW → ASSIGNED
Depends on: 1760641
Attachment #9268479 - Attachment description: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Attachment #9268479 - Attachment description: WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Attachment #9268479 - Attachment description: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Attachment #9268479 - Attachment description: WIP: Bug 1760274: Do not crash in RFP mode if GetWrapper is null → Bug 1760274: Do not crash in RFP mode if GetWrapper is null
Pushed by tritter@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/61e34bf4f9ce
Do not crash in RFP mode if GetWrapper is null r=padenot

https://hg.mozilla.org/mozilla-central/rev/61e34bf4f9ce

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox100: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 100 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: