Closed
Bug 1793405
Opened 2 years ago
Closed 2 years ago
Crash in [@ RefPtr<T>::operator bool | mozilla::dom::workerinternals::loader::CacheCreator::DeleteCache]
Categories
(Core :: DOM: Workers, defect)
Tracking
()
RESOLVED
FIXED
107 Branch
| Tracking | Status | |
|---|---|---|
| firefox-esr102 | --- | unaffected |
| firefox105 | --- | wontfix |
| firefox106 | --- | wontfix |
| firefox107 | --- | fixed |
People
(Reporter: gsvelto, Assigned: yulia)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
Crash report: https://crash-stats.mozilla.org/report/index/b11fffad-29d0-4db0-88f1-91bdb0221001
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 10 frames of crashing thread:
0 xul.dll RefPtr<mozilla::dom::cache::CacheStorage>::operator bool const mfbt/RefPtr.h:310
0 xul.dll mozilla::dom::workerinternals::loader::CacheCreator::DeleteCache dom/workers/loader/CacheLoadHandler.cpp:212
1 xul.dll mozilla::dom::workerinternals::loader::CachePromiseHandler::RejectedCallback dom/workers/loader/CacheLoadHandler.cpp:82
2 xul.dll mozilla::dom:: dom/promise/Promise.cpp:453
3 xul.dll mozilla::dom::NativeHandlerCallback dom/promise/Promise.cpp:365
4 xul.dll CallJSNative js/src/vm/Interpreter.cpp:459
4 xul.dll js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:547
4 xul.dll InternalCall js/src/vm/Interpreter.cpp:614
4 xul.dll js::Call js/src/vm/Interpreter.cpp:646
5 xul.dll js::Call js/src/vm/Interpreter.h:116
This looks like a NULL pointer access, the call to mLoadContext->GetCacheCreator() here seems to return a NULL pointer.
|
||
Comment 1•2 years ago
|
||
Hi Yulia, it seems WorkerScriptLoader::MaybeExecuteFinishedScripts cleared the cache creator before a promise gets rejected during CC. We might just want to have a null check always when using GetCacheCreator ?
Flags: needinfo?(ystartsev)
|
Assignee | |
Comment 2•2 years ago
•
|
||
This looks like it may be independent. We have null checks elsewhere for this, and it may be missing here.
Flags: needinfo?(ystartsev)
|
|
Assignee | |
Updated•2 years ago
|
Assignee: nobody → ystartsev
|
|
Assignee | |
Comment 3•2 years ago
|
||
|
||
Updated•2 years ago
|
Attachment #9297268 -
Attachment description: WIP: Bug 1793405 - Add missing check for cacheCreator; → Bug 1793405 - Add missing check for cacheCreator;
Pushed by ystartsev@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/ebb575338c40 Add missing check for cacheCreator; r=dom-worker-reviewers,smaug
|
||
Comment 5•2 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox107:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 107 Branch
|
||
Updated•2 years ago
|
status-firefox105:
--- → wontfix
status-firefox106:
--- → wontfix
status-firefox-esr102:
--- → unaffected
|
||
Comment 7•2 years ago
|
||
Copying crash signatures from duplicate bugs.
Crash Signature: [@ RefPtr<T>::operator bool | mozilla::dom::workerinternals::loader::CacheCreator::DeleteCache] → [@ RefPtr<T>::operator bool | mozilla::dom::workerinternals::loader::CacheCreator::DeleteCache]
[@ RefPtr<mozilla::dom::cache::CacheStorage>::operator bool() const]
You need to log in
before you can comment on or make changes to this bug.
Description
•