Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CheckSchemeForReferrerPolicy crashes renderer #203

Closed
darkdh opened this issue May 15, 2018 · 3 comments
Closed

CheckSchemeForReferrerPolicy crashes renderer #203

darkdh opened this issue May 15, 2018 · 3 comments
Assignees
@bbondy
Labels
QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes
Milestone
0.55.x - Release ...

Comments

@darkdh
Copy link
Member

darkdh commented May 15, 2018
edited
Loading

Description

3rd party cookies blocking cause renderer crash

Steps to Reproduce

  1. Make sure Block 3rd party cookies is on
  2. Go to http://www.syntaxxx.com/html5-audio-autoplay-automatically-play-audio-on-your-website/
  3. Renderer crashed

Actual result:

Shouldn't crash renderer no matter 3rd party cookies is blocked or not

[80913:775:0515/152653.280935:FATAL:resource_dispatcher.cc(66)] Trying to send secure referrer for insecure request without an appropriate referrer policy.
URL = http://staticxx.facebook.com/connect/xd_arbiter/r/RQ7NiRXMcYA.js?version=42#channel=f1988fc815d836c&origin=http%3A%2F%2Fwww.syntaxxx.com
Referrer = https://staticxx.facebook.com/
0   Brave Framework                     0x0000000125baaa8c base::debug::StackTrace::StackTrace(unsigned long) + 28
1   Brave Framework                     0x0000000125bc7f00 logging::LogMessage::~LogMessage() + 224
2   Brave Framework                     0x000000013231b430 content::(anonymous namespace)::CheckSchemeForReferrerPolicy(network::ResourceRequest const&) + 352
3   Brave Framework                     0x000000013231b706 content::ResourceDispatcher::StartAsync(std::__1::unique_ptr<network::ResourceRequest, std::__1::default_delete<network::ResourceRequest> >, int, scoped_refptr<base::SingleThreadTaskRunner>, url::Origin const&, net::NetworkTrafficAnnotationTag const&, bool, std::__1::unique_ptr<content::RequestPeer, std::__1::default_delete<content::RequestPeer> >, scoped_refptr<content::SharedURLLoaderFactory>, std::__1::vector<std::__1::unique_ptr<content::URLLoaderThrottle, std::__1::default_delete<content::URLLoaderThrottle> >, std::__1::allocator<std::__1::unique_ptr<content::URLLoaderThrottle, std::__1::default_delete<content::URLLoaderThrottle> > > >, mojo::StructPtr<network::mojom::URLLoaderClientEndpoints>, base::OnceCallback<void ()>*) + 198
4   Brave Framework                     0x00000001323487ac content::WebURLLoaderImpl::Context::Start(blink::WebURLRequest const&, content::SyncLoadResponse*) + 11836
5   Brave Framework                     0x000000013235178b content::WebURLLoaderImpl::LoadAsynchronously(blink::WebURLRequest const&, blink::WebURLLoaderClient*) + 395
6   Brave Framework                     0x000000012428bda4 blink::ResourceLoader::StartWith(blink::ResourceRequest const&) + 596
7   Brave Framework                     0x000000012428bb47 blink::ResourceLoader::Run() + 55
8   Brave Framework                     0x0000000124281366 blink::ResourceLoadScheduler::Run(unsigned long long, blink::ResourceLoadSchedulerClient*, bool) + 166
9   Brave Framework                     0x0000000124280c0f blink::ResourceLoadScheduler::MaybeRun() + 1807
10  Brave Framework                     0x0000000124281153 blink::ResourceLoadScheduler::Request(blink::ResourceLoadSchedulerClient*, blink::ResourceLoadScheduler::ThrottleOption, blink::WebURLRequest::Priority, int, unsigned long long*) + 803
11  Brave Framework                     0x000000012428ba0a blink::ResourceLoader::Start() + 1082
12  Brave Framework                     0x0000000124261fb4 blink::ResourceFetcher::StartLoad(blink::Resource*) + 1220
13  Brave Framework                     0x00000001242609ba blink::ResourceFetcher::RequestResourceInternal(blink::FetchParameters&, blink::ResourceFactory const&, blink::SubstituteData const&) + 2602
14  Brave Framework                     0x000000012425ff13 blink::ResourceFetcher::RequestResource(blink::FetchParameters&, blink::ResourceFactory const&, blink::ResourceClient*, blink::SubstituteData const&) + 67
15  Brave Framework                     0x000000012423fd66 blink::RawResource::FetchMainResource(blink::FetchParameters&, blink::ResourceFetcher*, blink::RawResourceClient*, blink::SubstituteData const&) + 86
16  Brave Framework                     0x0000000130cdc194 blink::DocumentLoader::StartLoading() + 276
17  Brave Framework                     0x0000000130cfe7aa blink::FrameLoader::StartLoad(blink::FrameLoadRequest&, blink::FrameLoadType, blink::NavigationPolicy, blink::HistoryItem*) + 1034
18  Brave Framework                     0x0000000130cfdc93 blink::FrameLoader::Load(blink::FrameLoadRequest const&, blink::FrameLoadType, blink::HistoryItem*, blink::HistoryLoadType) + 1827
19  Brave Framework                     0x00000001304decae blink::WebLocalFrameImpl::Load(blink::WebURLRequest const&, blink::WebFrameLoadType, blink::WebHistoryItem const&, blink::WebHistoryLoadType, bool, base::UnguessableToken const&) + 334
20  Brave Framework                     0x0000000132444280 content::RenderFrameImpl::CommitNavigation(network::ResourceResponseHead const&, GURL const&, content::CommonNavigationParams const&, content::RequestNavigationParams const&, mojo::StructPtr<network::mojom::URLLoaderClientEndpoints>, std::__1::unique_ptr<content::URLLoaderFactoryBundleInfo, std::__1::default_delete<content::URLLoaderFactoryBundleInfo> >, mojo::StructPtr<content::mojom::ControllerServiceWorkerInfo>, base::UnguessableToken const&) + 2720
21  Brave Framework                     0x0000000132446769 non-virtual thunk to content::RenderFrameImpl::CommitNavigation(network::ResourceResponseHead const&, GURL const&, content::CommonNavigationParams const&, content::RequestNavigationParams const&, mojo::StructPtr<network::mojom::URLLoaderClientEndpoints>, std::__1::unique_ptr<content::URLLoaderFactoryBundleInfo, std::__1::default_delete<content::URLLoaderFactoryBundleInfo> >, mojo::StructPtr<content::mojom::ControllerServiceWorkerInfo>, base::UnguessableToken const&) + 105
22  Brave Framework                     0x000000011ebd304e content::mojom::FrameNavigationControlStubDispatch::Accept(content::mojom::FrameNavigationControl*, mojo::Message*) + 1790
23  Brave Framework                     0x0000000132476ce3 content::mojom::FrameNavigationControlStub<mojo::RawPtrImplRefTraits<content::mojom::FrameNavigationControl> >::Accept(mojo::Message*) + 83
24  Brave Framework                     0x00000001267bc6a8 mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message*) + 5656
25  Brave Framework                     0x00000001267bb081 mojo::InterfaceEndpointClient::HandleIncomingMessageThunk::Accept(mojo::Message*) + 33
26  Brave Framework                     0x00000001267b9523 mojo::FilterChain::Accept(mojo::Message*) + 547
27  Brave Framework                     0x00000001267beb9c mojo::InterfaceEndpointClient::HandleIncomingMessage(mojo::Message*) + 44
28  Brave Framework                     0x00000001266251c9 IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnProxyThread(mojo::Message) + 169
29  Brave Framework                     0x000000012661cf3e void base::internal::FunctorTraits<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::*)(mojo::Message), void>::Invoke<scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController> const&, mojo::Message>(void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::*)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController> const&&&, mojo::Message&&) + 206
30  Brave Framework                     0x000000012661ce2f void base::internal::InvokeHelper<false, void>::MakeItSo<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::* const&)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController> const&, mojo::Message>(void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::* const&&&)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController> const&&&, mojo::Message&&) + 95
31  Brave Framework                     0x000000012661cdb7 void base::internal::Invoker<base::internal::BindState<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::*)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController>, base::internal::PassedWrapper<mojo::Message> >, void ()>::RunImpl<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::* const&)(mojo::Message), std::__1::tuple<scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController>, base::internal::PassedWrapper<mojo::Message> > const&, 0ul, 1ul>(void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::* const&&&)(mojo::Message), std::__1::tuple<scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController>, base::internal::PassedWrapper<mojo::Message> > const&&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul>) + 151
32  Brave Framework                     0x000000012661ccac base::internal::Invoker<base::internal::BindState<void (IPC::(anonymous namespace)::ChannelAssociatedGroupController::*)(mojo::Message), scoped_refptr<IPC::(anonymous namespace)::ChannelAssociatedGroupController>, base::internal::PassedWrapper<mojo::Message> >, void ()>::Run(base::internal::BindStateBase*) + 44
33  Brave Framework                     0x0000000125bab3b8 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 184
34  Brave Framework                     0x00000001242fd3b9 blink::scheduler::internal::ThreadControllerImpl::DoWork(blink::scheduler::internal::Sequence::WorkType) + 793
35  Brave Framework                     0x00000001242ff321 void base::internal::FunctorTraits<void (blink::scheduler::internal::ThreadControllerImpl::*)(blink::scheduler::internal::Sequence::WorkType), void>::Invoke<base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl> const&, blink::scheduler::internal::Sequence::WorkType const&>(void (blink::scheduler::internal::ThreadControllerImpl::*)(blink::scheduler::internal::Sequence::WorkType), base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl> const&&&, blink::scheduler::internal::Sequence::WorkType const&&&) + 145
36  Brave Framework                     0x00000001242ff225 void base::internal::InvokeHelper<true, void>::MakeItSo<void (blink::scheduler::internal::ThreadControllerImpl::* const&)(blink::scheduler::internal::Sequence::WorkType), base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl> const&, blink::scheduler::internal::Sequence::WorkType const&>(void (blink::scheduler::internal::ThreadControllerImpl::* const&&&)(blink::scheduler::internal::Sequence::WorkType), base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl> const&&&, blink::scheduler::internal::Sequence::WorkType const&&&) + 117
37  Brave Framework                     0x00000001242ff19d void base::internal::Invoker<base::internal::BindState<void (blink::scheduler::internal::ThreadControllerImpl::*)(blink::scheduler::internal::Sequence::WorkType), base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl>, blink::scheduler::internal::Sequence::WorkType>, void ()>::RunImpl<void (blink::scheduler::internal::ThreadControllerImpl::* const&)(blink::scheduler::internal::Sequence::WorkType), std::__1::tuple<base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl>, blink::scheduler::internal::Sequence::WorkType> const&, 0ul, 1ul>(void (blink::scheduler::internal::ThreadControllerImpl::* const&&&)(blink::scheduler::internal::Sequence::WorkType), std::__1::tuple<base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl>, blink::scheduler::internal::Sequence::WorkType> const&&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul>) + 125
38  Brave Framework                     0x00000001242ff0ac base::internal::Invoker<base::internal::BindState<void (blink::scheduler::internal::ThreadControllerImpl::*)(blink::scheduler::internal::Sequence::WorkType), base::WeakPtr<blink::scheduler::internal::ThreadControllerImpl>, blink::scheduler::internal::Sequence::WorkType>, void ()>::Run(base::internal::BindStateBase*) + 44
39  Brave Framework                     0x0000000125bab3b8 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 184
40  Brave Framework                     0x0000000125bd7fd4 base::MessageLoop::RunTask(base::PendingTask*) + 468
41  Brave Framework                     0x0000000125bd8528 base::MessageLoop::DoWork() + 424
42  Brave Framework                     0x0000000125bda96a base::MessagePumpCFRunLoopBase::RunWork() + 42
43  Brave Framework                     0x0000000125bc9b4a base::mac::CallWithEHFrame(void () block_pointer) + 10
44  Brave Framework                     0x0000000125bda24f base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 63
45  CoreFoundation                      0x00007fff55c8fa61 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
46  CoreFoundation                      0x00007fff55d4947c __CFRunLoopDoSource0 + 108
47  CoreFoundation                      0x00007fff55c724c0 __CFRunLoopDoSources0 + 208
48  CoreFoundation                      0x00007fff55c7193d __CFRunLoopRun + 1293
49  CoreFoundation                      0x00007fff55c711a3 CFRunLoopRunSpecific + 483
50  Foundation                          0x00007fff57d60f26 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277
51  Brave Framework                     0x0000000125bdb1ce base::MessagePumpNSRunLoop::DoRun(base::MessagePump::Delegate*) + 142
52  Brave Framework                     0x0000000125bd9c9e base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 110
53  Brave Framework                     0x0000000125c086b5 base::RunLoop::Run() + 53
54  Brave Framework                     0x0000000132588767 content::RendererMain(content::MainFunctionParams const&) + 4503
55  Brave Framework                     0x0000000124a7673e content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) + 478
56  Brave Framework                     0x0000000124a77ca1 content::ContentMainRunnerImpl::Run() + 929
57  Brave Framework                     0x0000000124a6f2c5 content::ContentServiceManagerMainDelegate::RunEmbedderProcess() + 53
58  Brave Framework                     0x0000000128fff046 service_manager::Main(service_manager::MainParams const&) + 1894
59  Brave Framework                     0x0000000124a7653b content::ContentMain(content::ContentMainParams const&) + 75
60  Brave Framework                     0x000000011e2fea78 ChromeMain + 264
61  Brave Helper                        0x000000010fd8b95d main + 1597

Expected result:

Reproduces how often:

Brave version (about:brave info)

brave/brave-core@88525af
chromium 66.0.3359.170

Reproducible on current release:

Website problems only:

  • Does the issue gets fixed with Brave Shields disabled?
  • Does the issue reproduces on Chrome?

Additional Information
@bbondy
Copy link
Member

bbondy commented May 16, 2018

No crash for me, I know the unit tests were failing for you before because a chromium patch wasn't updated. Can you confirm you applied it and then found this issue still?

@darkdh
Copy link
Member Author

darkdh commented May 16, 2018

my profile was tainted by the bad state of build. using fresh profile doesn't reproduce the issue

@darkdh darkdh closed this as completed May 16, 2018
@bbondy bbondy added this to the Releasable builds milestone Jun 14, 2018
@bbondy bbondy added the QA/Yes label Aug 18, 2018
@btlechowski
Copy link

btlechowski commented Sep 21, 2018
edited by LaurenWags
Loading

Verification passed on

Brave 0.55.5 Chromium: 70.0.3538.16 (Official Build) dev (64-bit)
Revision 16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306}
OS Windows 7

No crash

Verification Passed on

Brave 0.55.6 Chromium: 70.0.3538.16 (Official Build) dev (64-bit)
Revision 16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306}
OS Linux
  • No webview crash when visiting the site with shields set to Block 3rd Party Cookies

Verified passed with

Brave 0.55.10 Chromium: 70.0.3538.22 (Official Build) beta(64-bit)
Revision ac9418ba9c3bd7f6baaffa0b055dfe147e0f8364-refs/branch-heads/3538@{#468}
OS Mac OS X
  • No webview crash when visiting the site with shields set to Block 3rd Party Cookies

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bbondy bbondy

Labels
QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes
Projects
None yet
Milestone
0.55.x - Release (Release Channel)
Development

No branches or pull requests
5 participants
@bbondy @darkdh @srirambv @LaurenWags @btlechowski