Crash in [@ sctp_setopt]
Categories
(Core :: WebRTC, defect)
Tracking
()
People
(Reporter: jesup, Assigned: bwc)
References
Details
(Keywords: crash, csectype-wildptr, sec-high, Whiteboard: [post-critsmash-triage][adv-main108+r][adv-esr102.7+r])
Crash Data
Wildptr crashes on sctp creation.
Crash report: https://crash-stats.mozilla.org/report/index/7cbbcbc2-51f7-4e3b-a919-3af660210920
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 10 frames of crashing thread:
0 xul.dll sctp_setopt netwerk/sctp/src/netinet/sctp_usrreq.c:4532
1 xul.dll usrsctp_setsockopt netwerk/sctp/src/user_socket.c:2166
2 xul.dll mozilla::DataChannelConnection::Init netwerk/sctp/datachannel/DataChannel.cpp:537
3 xul.dll static mozilla::DataChannelConnection::Create netwerk/sctp/datachannel/DataChannel.cpp:435
4 xul.dll mozilla::PeerConnectionImpl::EnsureDataConnection dom/media/webrtc/jsapi/PeerConnectionImpl.cpp:856
5 xul.dll mozilla::PeerConnectionImpl::CreateDataChannel dom/media/webrtc/jsapi/PeerConnectionImpl.cpp:1086
6 xul.dll mozilla::PeerConnectionImpl::CreateDataChannel dom/media/webrtc/jsapi/PeerConnectionImpl.cpp:1069
7 xul.dll mozilla::dom::PeerConnectionImpl_Binding::createDataChannel dom/bindings/PeerConnectionImplBinding.cpp:1610
8 xul.dll mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions> dom/bindings/BindingUtils.cpp:3299
9 xul.dll js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:489
Updated•3 years ago
|
Comment 1•3 years ago
|
||
Do you have a way to reproduce the problem?
Reporter | ||
Comment 2•3 years ago
|
||
No - this is from crash reports from the field. I have URLs from the one user who caused the spike; most are variations on https://levsha.livejournal.com/feed/ , but others are from a series of randomish sites (which may be using datachannels for content delivery, etc)
Updated•3 years ago
|
Comment 4•2 years ago
|
||
Hey Jim, I'd like to assign this to you to track the library update in bug 1795697 and mark this bug resolved when the lib update has landed.
Updated•2 years ago
|
Comment 5•2 years ago
|
||
Hey Byron, I'd like to assign this to you since you landed the sctp library update in Fx 108 (ref: bug 1795697); I think this is one of 2 bugs that we believe (fingers crossed) will be fixed when the library finishes rolling out Release. If you can keep an eye on this and verify that we don't see new crashes for a while so that we can close it, I'd really appreciate it. And if we do see crashes, please ping Michael Tüxen for debugging help. (I'm going to cross-post this message to the other bug.) Thanks!
Comment 6•2 years ago
|
||
Haven't seen this since September, and we've recently updated this library. Closing this out.
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Updated•2 years ago
|
Description
•