Closed Bug 944854 Opened 7 years ago Closed 7 years ago
"ASSERTION: You can't dereference a NULL ns
Ref Ptr with operator*()." with RTC, GC/CC
When I follow the steps in bug 928221, I get this assertion, but it is NOT followed by a crash. Maybe it's a bogus assertion!? I can only reproduce with a Tinderbox debug build, not with a local debug build. I'm not sure why. (Both are from mozilla-central.) ###!!! ASSERTION: You can't dereference a NULL nsRefPtr with operator*().: 'mRawPtr != 0', file ../../../../../media/webrtc/signaling/../../../xpcom/base/nsAutoPtr.h, line 1072 sipcc::PeerConnectionImpl::IceGatheringStateChange_m(mozilla::dom::PCImplIceGatheringState) [media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp:1777]
See bug 933447 comment 39 to 42.
I don't think this needs to be a sec bug, since the assert appears harmless. The code takes the address of a deference (&* operators used in conjunction), i.e. it takes the nullptr out of an nsRefPtr for casting purposes but doesn't use it for anything. Furthermore, the NS_PRECONDITION() macro used here to generate the assertion message doesn't appear to throw in debug builds AFAICT. So the remaining issue is the misleading log junk, which this patch fixes.
Attachment #8341705 - Flags: review?(adam)
Comment on attachment 8341705 [details] [diff] [review] Avoid triggering harmless assertion on PeerConnectionObserver weakref Review of attachment 8341705 [details] [diff] [review]: ----------------------------------------------------------------- Looks reasonable to me.
Attachment #8341705 - Flags: review?(adam) → review+
This is ready to land as soon as we agree it is not a security bug.
I agree this is not a sec issue (and even if it were an opt-build crash, it would be a null-deref). Let's land it.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla28
You need to log in before you can comment on or make changes to this bug.