cross domain flash object crash under no_sandbox after 1750

[GoogleCodeExporter]

What steps will reproduce the problem?
1. compile cefclient from branch 1750 - 2171, with no_sandbox = true ( i am 
using vs2010 )
2. install NPAPI from 11 - 15
3. visit a website which have a cross domain flash object, then application 
crash.

What is the expected output? What do you see instead?
2171.1897 with flash 11

[1029/170331:FATAL:resource_dispatcher_host_impl.cc(369)] Check failed: 
blob_context. 
Backtrace:
    cef_trace_event_instant [0x10582011+1496465]
    cef_trace_event_instant [0x104B889F+671263]
    SetCrashKeyValueImpl [0x13238225+10641173]
    SetCrashKeyValueImpl [0x1323909F+10644879]
    SetCrashKeyValueImpl [0x1323EAC4+10667956]
    SetCrashKeyValueImpl [0x13218980+10511984]
    SetCrashKeyValueImpl [0x13218603+10511091]
    SetCrashKeyValueImpl [0x1323E2A6+10665878]
    SetCrashKeyValueImpl [0x13360B32+11855906]
    SetCrashKeyValueImpl [0x132ADEA6+11123606]
    SetCrashKeyValueImpl [0x132AE473+11125091]
    SetCrashKeyValueImpl [0x1299D000+1617136]
    cef_trace_event_instant [0x12805441+37685697]
    cef_trace_event_instant [0x12805121+37684897]
    cef_trace_event_instant [0x1280311B+37676699]
    cef_trace_event_instant [0x105C3853+1764819]
    cef_trace_event_instant [0x105C396D+1765101]
    cef_trace_event_instant [0x105C1CE2+1757794]
    cef_trace_event_instant [0x105C3212+1763218]
    cef_trace_event_instant [0x105C317C+1763068]
    cef_trace_event_instant [0x104E18B7+839223]
    cef_trace_event_instant [0x105503BE+1292606]
    cef_trace_event_instant [0x104E176B+838891]
    cef_trace_event_instant [0x10550C46+1294790]
    SetCrashKeyValueImpl [0x130EA674+9274212]
    SetCrashKeyValueImpl [0x130EB6EB+9278427]
    cef_trace_event_instant [0x105515C5+1297221]
    cef_trace_event_instant [0x104D8EFB+803963]
    BaseThreadInitThunk [0x75C4338A+18]
    RtlInitializeExceptionChain [0x77B99F72+99]
    RtlInitializeExceptionChain [0x77B99F45+54]

What version of the product are you using? On what operating system?
branch 1750 - 2171 , on Windows 7 64bit

Please provide any additional information below.
crash everytime while visiting the cross domain flash website.

Original issue reported on code.google.com by ssmaxsu...@gmail.com on 29 Oct 2014 at 9:28

[GoogleCodeExporter]

Can you provide a URL that demonstrates this problem?

Original comment by magreenb...@gmail.com on 29 Oct 2014 at 4:13

[GoogleCodeExporter]

http://tieba.baidu.com/p/3380111687

click play image and it loads a flash object of 
http://player.youku.com/player.php/sid/XODE0MjI5OTQ4/v.swf

once the swf is loaded, the cefclient crash.

anyway, baidu and youku are the most popular site in china, like google and 
youtube.

Original comment by ssmaxsu...@gmail.com on 30 Oct 2014 at 3:43

[GoogleCodeExporter]

The problem is that PluginProcessHost::Init is intentionally creating a 
ResourceMessageFilter with NULL blob storage:

https://code.google.com/p/chromium/codesearch#chromium/src/content/browser/plugi
n_process_host.cc&l=266

  // TODO(jam): right now we're passing NULL for appcache, blob storage, and
  // file system. If NPAPI plugins actually use this, we'll have to plumb them.
  ResourceMessageFilter* resource_message_filter = new ResourceMessageFilter(
      process_->GetData().id, PROCESS_TYPE_PLUGIN, NULL, NULL, NULL, NULL,
      get_contexts_callback);

This results in the following crash in ResourceDispatcherHostImpl::BeginRequest 
due to the NULL blob storage:

    libcef.dll!base::debug::BreakDebugger() Line 20 C++
    libcef.dll!logging::LogMessage::~LogMessage() Line 647  C++
    libcef.dll!content::`anonymous namespace'::AttachRequestBodyBlobDataHandles(content::ResourceRequestBody * body, storage::BlobStorageContext * blob_context) Line 316   C++
>   libcef.dll!content::ResourceDispatcherHostImpl::BeginRequest(int request_id, 
const ResourceHostMsg_Request & request_data, IPC::Message * sync_result, int 
route_id) Line 1092 C++
    libcef.dll!content::ResourceDispatcherHostImpl::OnRequestResource(int routing_id, int request_id, const ResourceHostMsg_Request & request_data) Line 892    C++

This has been fixed in https://crbug.com/419409. I've requested that the fix be 
merged to 2171 branch.

Original comment by magreenb...@gmail.com on 31 Oct 2014 at 6:46

• Changed state: Accepted

[GoogleCodeExporter]

Marking as WontFix since newer branches are available which include the 
Chromium change.

Original comment by magreenb...@gmail.com on 11 Feb 2015 at 7:16

• Changed state: WontFix