Closed Bug 814329 Opened 12 years ago Closed 12 years ago

WebRTC crash [@fim_process_event]

Categories

(Core :: WebRTC, defect, P1)

Product:
Core
Component:
WebRTC
Platform:
x86_64
macOS
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla20

People

(Reporter: posidron, Assigned: ehugg)

References

Details

(Keywords: crash, Whiteboard: [WebRTC] [blocking-webrtc+] [qa-])

Crash Data

Attachments

(2 files, 1 obsolete file)

callstack
16.74 KB, text/plain
Details
Protect fim_process_event from NULL input
1.55 KB, patch
jesup
: review+
Details | Diff | Splinter Review 
I am not able to reproduce this with the same testcase but am getting this exact same crash constantly after some time. The callstack above includes the output of NSPR_LOG_MODULES.

Tested with m-c changeset: 113925:20ec9014f220
Attached file callstack 

    
  
Keywords: testcase
Keywords: crash

    
    

    
  
A space is required between @ and the signature for the connection to crash stats.
Crash Signature: [@ fim_process_event]

    
    

    
  
Christoph, which testcase are you referring to in comment 0?

    
    

    
  
Sorry, haven't mentioned that.
I am not able to reproduce the testcase with the same seed value during fuzzing.
Flags: in-testsuite-

    
    

    
  
Ethan: some sort of race condition or logic flaw - can you look into it?

Cristoph: any reasonably likely way to provoke this?

    
    

    
  
As it's a NULL-ptr deref, an assertion might help.  Or run a debug build under gdb and catch the failure
Priority: -- → P1
Whiteboard: [WebRTC] [blocking-webrtc+]

    
  
Assignee: nobody → ethanhugg

    
    

    
  
(In reply to Randell Jesup [:jesup] from comment #6)
> Ethan: some sort of race condition or logic flaw - can you look into it?
> 
> Cristoph: any reasonably likely way to provoke this?

It's one of the crashes which come up during SDP fuzzing but are not reproducible with the same testcase later on.

    
    

    
  


  

    
    

    
  
Comment on attachment 686145 [details] [diff] [review]
Protect fim_process_event from NULL input


Uploading this patch to do some testing to see if the symptom moves if we add these checks for NULL ptrs.

    
  

        Attachment #686145 -
        Attachment is obsolete: true

    
    

    
  
Comment on attachment 688348 [details] [diff] [review]
Protect fim_process_event from NULL input


Wallpaper patch with assertions.

        Attachment #688348 -
        Flags: review?(rjesup)

        Attachment #688348 -
        Flags: review?(rjesup) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/17278474949a
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla20
Whiteboard: [WebRTC] [blocking-webrtc+] → [WebRTC] [blocking-webrtc+] [qa-]

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: