Closed
Bug 944854
Opened 11 years ago
Closed 11 years ago
"ASSERTION: You can't dereference a NULL nsRefPtr with operator*()." with RTC, GC/CC
Categories
(Core :: WebRTC, defect)
Tracking
()
RESOLVED
FIXED
mozilla28
People
(Reporter: jruderman, Assigned: jib)
Details
(Keywords: assertion, testcase, Whiteboard: [qa-])
Attachments
(1 file)
|
1.68 KB,
patch
|
abr
:
review+
|
Details | Diff | Splinter Review |
When I follow the steps in bug 928221, I get this assertion, but it is NOT followed by a crash. Maybe it's a bogus assertion!? I can only reproduce with a Tinderbox debug build, not with a local debug build. I'm not sure why. (Both are from mozilla-central.) ###!!! ASSERTION: You can't dereference a NULL nsRefPtr with operator*().: 'mRawPtr != 0', file ../../../../../media/webrtc/signaling/../../../xpcom/base/nsAutoPtr.h, line 1072 sipcc::PeerConnectionImpl::IceGatheringStateChange_m(mozilla::dom::PCImplIceGatheringState) [media/webrtc/signaling/src/peerconnection/PeerConnectionImpl.cpp:1777]
|
Reporter | |
Comment 1•11 years ago
|
||
See bug 933447 comment 39 to 42.
|
Assignee | |
Updated•11 years ago
|
Assignee: nobody → jib
|
|
Assignee | |
Comment 2•11 years ago
|
||
I don't think this needs to be a sec bug, since the assert appears harmless. The code takes the address of a deference (&* operators used in conjunction), i.e. it takes the nullptr out of an nsRefPtr for casting purposes but doesn't use it for anything. Furthermore, the NS_PRECONDITION() macro used here to generate the assertion message doesn't appear to throw in debug builds AFAICT. So the remaining issue is the misleading log junk, which this patch fixes.
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8341705 -
Flags: review?(adam)
|
||
Comment 3•11 years ago
|
||
Comment on attachment 8341705 [details] [diff] [review] Avoid triggering harmless assertion on PeerConnectionObserver weakref Review of attachment 8341705 [details] [diff] [review]: ----------------------------------------------------------------- Looks reasonable to me.
Attachment #8341705 -
Flags: review?(adam) → review+
|
|
Assignee | |
Comment 4•11 years ago
|
||
This is ready to land as soon as we agree it is not a security bug.
Flags: needinfo?(rjesup)
|
||
Comment 5•11 years ago
|
||
I agree this is not a sec issue (and even if it were an opt-build crash, it would be a null-deref). Let's land it.
Flags: needinfo?(rjesup)
|
||
Updated•11 years ago
|
Group: core-security
|
|
Assignee | |
Updated•11 years ago
|
Keywords: checkin-needed
|
||
Comment 6•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/aa4d322d811f
Keywords: checkin-needed
|
||
Comment 7•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/aa4d322d811f
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla28
|
||
Updated•10 years ago
|
Whiteboard: [qa-]
You need to log in
before you can comment on or make changes to this bug.
Description
•