New issue
Advanced search Search tips

Issue 869183 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
rockot@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

fastfail happening in Connector::ReadSingleMessage

Project Member Reported by wfh@chromium.org, Jul 30 
Chrome Version: 68.0.3440.75
OS: Windows 10

We have a few reports from WER of a fastfail happening at the end of Connector::ReadSingleMessage on 68.0.3440.75

The EIP at time of fail is chrome.dll+DC741 which resolves to

C:\b\c\b\win64_clang\src\mojo\public\cpp\bindings\lib\connector.cc(464)+0x7
(00007ffd`70eac5a0)   chrome_7ffd70dd0000!mojo::Connector::ReadSingleMessage

https://chromium.googlesource.com/chromium/src/+/68.0.3440.25/mojo/public/cpp/bindings/lib/connector.cc#464

This is end of Connector::ReadSingleMessage so the implication is that a cookie check is failing, perhaps a local buffer overrun is happening?

We have no way to get additional data from WER.

Comment 1 by roc...@chromium.org, Aug 7 

Unfortunately ReadSingleMessage delegates[1] to arbitrary user code, and it's unlikely that we can deduce the root of the problem from these reports. The code in Connector itself is pretty straightforward and I doubt it's to blame here.

[1] https://chromium.googlesource.com/chromium/src/+/68.0.3440.25/mojo/public/cpp/bindings/lib/connector.cc#464

Comment 2 by wfh@chromium.org, Aug 7 

yup I agree with #1, after looking it seems this goes down through Accept into anything, so without a dump to see what types of messages this is happening on, this isn't really actionable.

Comment 3 by roc...@chromium.org, Oct 17

Cc: -roc...@chromium.org rockot@google.com

Sign in to add a comment