1794356 - Crash in [@ mozilla::net::Http2Session::CloseStream]

Status: RESOLVED DUPLICATE of bug 1794061

(Core :: Networking: HTTP, defect, P2)

Description

[Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout)]

37 crashes with version 105 branch builds. Similar to bug 1794355, macOS 12 is the most affected.

Crash report: https://crash-stats.mozilla.org/report/index/a2d725c3-0a8e-4314-8ed4-80acc0221010

Reason: EXC_BAD_ACCESS / EXC_I386_GPFLT

Top 10 frames of crashing thread:

0 XUL mozilla::net::Http2Session::CloseStream netwerk/protocol/http/Http2Session.cpp:1359
1 XUL mozilla::net::Http2Session::Shutdown netwerk/protocol/http/Http2Session.cpp:210
2 XUL mozilla::net::Http2Session::Close netwerk/protocol/http/Http2Session.cpp:3775
3 XUL mozilla::net::ConnectionEntry::PruneDeadConnections netwerk/protocol/http/ConnectionEntry.cpp:455
4 XUL mozilla::net::nsHttpConnectionMgr::OnMsgPruneDeadConnections netwerk/protocol/http/nsHttpConnectionMgr.cpp:2223
5 XUL mozilla::net::ConnEvent::Run netwerk/protocol/http/nsHttpConnectionMgr.cpp:176
6 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1199
7 XUL NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:465
8 XUL mozilla::net::nsSocketTransportService::Run netwerk/base/nsSocketTransportService2.cpp:1220
9 XUL {virtual override thunk} 

Comment 1

[Kershaw Chang [:kershaw]]

Hide this bug since this report suggests this is a UAF.

Comment 2

[Kershaw Chang [:kershaw]]

This bug could be fixed by bug 1794061.
Put this in necko's priority review list, so we'll monitor this regularly.

Comment 3

[Kershaw Chang [:kershaw]]

The patch in bug 1794061 was landed in 107.0b3 and there is no crash since that patch landed.
Let's wait a bit before making this bug a duplicate.

Comment 4

[Greg Hess]

Necko will monitor for 2weeks, if no crashes observed at that point we will proceed and resolve this bug.

Comment 5

[Kershaw Chang [:kershaw]]

I think we can close this one, since there is no crash for 2 weeks.