Closed Bug 622381 Opened 15 years ago Closed 15 years ago

Crash [@ mozilla::dom::PBrowserChild::SendPContentPermissionRequestConstructor]

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
ARM
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: jdm, Unassigned)

Details

Attachments

(1 file)

Fail geolocation operations if we can't do cross-process operations.
4.12 KB, patch
dougt
: review+
jst
: approval2.0+
Details | Diff | Splinter Review
Signature mozilla::dom::PBrowserChild::SendPContentPermissionRequestConstructor UUID 66d778ca-4ed3-48d1-9b73-61ad12101230 Time 2010-12-30 15:13:25.161640 Uptime 0 Install Age 362624 seconds (4.2 days) since version was first installed. Product Fennec Version 4.0b3 Build ID 20101221205132 Branch 1.9 OS Linux OS Version 0.0.0 Linux 2.6.32.9-g700f0cf #1 PREEMPT Thu Oct 21 23:24:02 CDT 2010 armv7l CPU arm CPU Info Crash Reason SIGSEGV Crash Address 0x0 User Comments Processor Notes EMCheckCompatibility False Crashing Thread Frame Module Signature [Expand] Source 0 libxul.so mozilla::dom::PBrowserChild::SendPContentPermissionRequestConstructor PBrowserChild.cpp:631 1 libxul.so nsGeolocation::RegisterRequestWithPrompt nsCOMPtr.h:492 2 libxul.so nsGeolocation::WatchPosition dom/src/geolocation/nsGeolocation.cpp:1059 3 libxul.so NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/unix/xptcinvoke_arm.cpp:199 4 libxul.so XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:3064 5 libxul.so XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1588 6 libxul.so CallCompiler::generateNativeStub js/src/methodjit/MonoIC.cpp:691 7 libxul.so js::mjit::ic::NativeCall js/src/methodjit/MonoIC.cpp:898 8 libxul.so libxul.so@0xae0396 9 libxul.so js::mjit::ic::NativeCall js/src/methodjit/MonoIC.cpp:896 10 libxul.so js::mjit::JaegerShot js/src/jsinterp.h:576 11 libxul.so js::Invoke js/src/jsinterp.cpp:654 12 libxul.so js::ExternalInvoke js/src/jsinterp.cpp:858 13 libxul.so JS_CallFunctionValue js/src/jsinterp.h:962 14 libxul.so nsXPCWrappedJSClass::CallMethod js/src/xpconnect/src/xpcwrappedjsclass.cpp:1694 15 libxul.so nsXPCWrappedJS::CallMethod js/src/xpconnect/src/xpcwrappedjs.cpp:589 16 libxul.so PrepareAndDispatch xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp:134 17 libxul.so libxul.so@0x956ed4 18 libxul.so nsDOMEventListenerWrapper::HandleEvent content/events/src/nsDOMEventTargetHelper.cpp:66 19 @0x4605305f 20 libxul.so nsEventListenerManager::HandleEventSubType content/events/src/nsEventListenerManager.cpp:1114 21 libxul.so nsEventListenerManager::HandleEventInternal content/events/src/nsEventListenerManager.cpp:1211 22 libxul.so nsEventTargetChainItem::HandleEvent content/events/src/nsEventListenerManager.h:146 23 libxul.so nsEventTargetChainItem::HandleEventTargetChain content/events/src/nsEventDispatcher.cpp:343 24 libxul.so nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:630 25 libxul.so nsEventDispatcher::DispatchDOMEvent content/events/src/nsEventDispatcher.cpp:691 26 libxul.so nsDOMEventTargetHelper::DispatchDOMEvent content/events/src/nsDOMEventTargetHelper.cpp:230 27 libxul.so nsXMLHttpRequest::ChangeState nsCOMPtr.h:492 28 libxul.so nsXMLHttpRequest::RequestCompleted nsTSubstring.h:593 29 libxul.so nsXMLHttpRequest::OnStopRequest content/base/src/nsXMLHttpRequest.cpp:2161 30 libxul.so nsCrossSiteListenerProxy::OnStopRequest content/base/src/nsCrossSiteListenerProxy.cpp:335 31 libxul.so nsHTTPCompressConv::OnStopRequest netwerk/streamconv/converters/nsHTTPCompressConv.cpp:128 32 libxul.so mozilla::net::HttpChannelChild::OnStopRequest nsCOMPtr.h:663 33 libxul.so mozilla::net::HttpChannelChild::RecvOnStopRequest netwerk/protocol/http/HttpChannelChild.cpp:364 34 libxul.so mozilla::net::PHttpChannelChild::OnMessageReceived PHttpChannelChild.cpp:575 35 libxul.so mozilla::dom::PContentChild::OnMessageReceived PContentChild.cpp:949 36 libxul.so mozilla::ipc::AsyncChannel::OnDispatchMessage ipc/glue/AsyncChannel.cpp:262 37 libxul.so mozilla::ipc::RPCChannel::OnMaybeDequeueOne ipc/glue/RPCChannel.cpp:440 38 libxul.so RunnableMethod<mozilla::ipc::RPCChannel, bool , Tuple0>::Run ipc/chromium/src/base/task.h:308 39 libxul.so mozilla::ipc::RPCChannel::DequeueTask::Run RPCChannel.h:475 40 libxul.so MessageLoop::RunTask ipc/chromium/src/base/message_loop.cc:344 41 libxul.so MessageLoop::DeferOrRunPendingTask ipc/chromium/src/base/message_loop.cc:354 42 libxul.so MessageLoop::DoWork ipc/chromium/src/base/message_loop.cc:451 43 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:115 44 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:230 45 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:220 46 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:512 47 libxul.so nsBaseAppShell::Run widget/src/xpwidgets/nsBaseAppShell.cpp:198 48 libxul.so XRE_RunAppShell toolkit/xre/nsEmbedFunctions.cpp:631 49 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:222 50 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:220 51 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:512 52 libxul.so XRE_InitChildProcess toolkit/xre/nsEmbedFunctions.cpp:510 53 libmozutils.so ChildProcessInit other-licenses/android/APKOpen.cpp:691 54 plugin-container main ipc/app/MozillaRuntimeMainAndroid.cpp:69 55 libc.so libc.so@0xd412
1114 void 1115 nsGeolocation::RegisterRequestWithPrompt(nsGeolocationRequest* request) ... 1119 nsCOMPtr<nsPIDOMWindow> window = do_QueryReferent(mOwner); ... 1125 TabChild* child = GetTabChildFrom(window->GetDocShell()); ... 1132 child->SendPContentPermissionRequestConstructor(request, type, IPC::URI(mURI)); Presumably we're getting a null docshell here, since GetTabChildFrom just does a static_cast on a do_GetInterface.
tracking-fennec: --- → ?
Actually, this certainly doesn't need to block given the extremely low frequency, but it shouldn't be hard to put together a preventative patch.
tracking-fennec: ? → ---
If we give RegisterRequestWithPrompt the opportunity to report failure, we can report the failure and not end up in a weird state. I don't precisely know what it means when we're finishing up an XMLHttpRequest and don't have a docshell for the window, as the stack seems to show. I think this patch maintains all current behaviour while simply avoiding the crash.
Attachment #501720 - Flags: review?(doug.turner)
Comment on attachment 501720 [details] [diff] [review] Fail geolocation operations if we can't do cross-process operations. the patch is fine on its own. but I really want to understand why we are failing. Could you file a follow up and cc' jduell
Attachment #501720 - Flags: review?(doug.turner) → review+
Comment on attachment 501720 [details] [diff] [review] Fail geolocation operations if we can't do cross-process operations. This is a low-volume crash that continues to show up occasionally on b4. This band-aid should prevent it.
Attachment #501720 - Flags: approval2.0?
Attachment #501720 - Flags: approval2.0? → approval2.0+
http://hg.mozilla.org/mozilla-central/rev/d21aa818cd7b
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: