Closed
Bug 1084513
Opened 10 years ago
Closed 10 years ago
crash in mozilla::dom::XMLDocument::Load(nsAString_internal const&, mozilla::ErrorResult&)
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
VERIFIED
FIXED
mozilla36
People
(Reporter: lizzard, Assigned: tanvi)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
|
1.11 KB,
patch
|
smaug
:
review+
lmandel
:
approval-mozilla-aurora+
lmandel
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-42e99446-492a-4599-9f64-99ae22141016. ============================================================= This crash is showing up in Firefox 34.0b1, 35.0a1, and 36.0a1, only on MacOSX 10.9. It feels too early & not enough data to call it a top crash, but it is #6 for crash signatures showing up for Beta 34 at the moment with 18/723 crashes. Crashing thread: 0 XUL mozilla::dom::XMLDocument::Load(nsAString_internal const&, mozilla::ErrorResult&) obj-firefox/x86_64/dist/include/nsAutoPtr.h 1 XUL mozilla::dom::XMLDocumentBinding::load obj-firefox/x86_64/dom/bindings/XMLDocumentBinding.cpp 2 XUL mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) dom/bindings/BindingUtils.cpp 3 XUL js::Invoke(JSContext*, JS::CallArgs, js::MaybeConstruct) js/src/jscntxtinlines.h 4 XUL Interpret js/src/vm/Interpreter.cpp 5 XUL js::RunScript(JSContext*, js::RunState&) js/src/vm/Interpreter.cpp 6 XUL js::Invoke(JSContext*, JS::CallArgs, js::MaybeConstruct) js/src/vm/Interpreter.cpp 7 XUL js_fun_apply(JSContext*, unsigned int, JS::Value*) js/src/jsfun.cpp 8 XUL js::Invoke(JSContext*, JS::CallArgs, js::MaybeConstruct) js/src/jscntxtinlines.h 9 XUL js::Invoke(JSContext*, JS::Value const&, JS::Value const&, unsigned int, JS::Value const*, JS::MutableHandle<JS::Value>) js/src/vm/Interpreter.cpp 10 XUL js::DirectProxyHandler::call(JSContext*, JS::Handle<JSObject*>, JS::CallArgs const&) const js/src/jsproxy.cpp
|
||
Comment 1•10 years ago
|
||
Looks like null+offset. https://crash-stats.mozilla.com/report/index/eebb5931-83a6-4754-b928-66d062141010 has better stack. This is a regression from bug 1057518.
Blocks: 1057518
|
Assignee | |
Comment 2•10 years ago
|
||
Attachment #8507224 -
Flags: review?(jonas)
|
||
Comment 4•10 years ago
|
||
[Tracking Requested - why for this release]: beta topcrash
|
Reporter | |
Comment 5•10 years ago
|
||
This is currently the #2 top crash for 34.0b1, with 2195/43672 crashes in the last 7 days with the signature [@ nsINode::NodePrincipal()], showing up as a startup crash on Windows.
Crash Signature: [@ mozilla::dom::XMLDocument::Load(nsAString_internal const&, mozilla::ErrorResult&)] → [@ mozilla::dom::XMLDocument::Load(nsAString_internal const&, mozilla::ErrorResult&)]
[@ nsINode::NodePrincipal()]
status-firefox34:
--- → affected
|
|
||
Updated•10 years ago
|
Attachment #8507224 -
Flags: review?(jonas) → review+
|
|
Assignee | |
Comment 6•10 years ago
|
||
Pushed: https://hg.mozilla.org/integration/mozilla-inbound/rev/9a425c40daae
Assignee: nobody → tanvi
Status: NEW → ASSIGNED
|
||
Updated•10 years ago
|
status-firefox33:
--- → unaffected
status-firefox35:
--- → affected
status-firefox36:
--- → affected
https://hg.mozilla.org/mozilla-central/rev/9a425c40daae
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
|
|
||
Comment 8•10 years ago
|
||
Although this only landed on m-c recently, the fix is really simple. I'd like to get this into beta3 to assess the impact on the status of this bug as the #2 top crash on beta1 (comment 5). Can you submit an uplift request for Beta and Aurora?
Flags: needinfo?(tanvi)
|
|
Assignee | |
Comment 9•10 years ago
|
||
Comment on attachment 8507224 [details] [diff] [review] Bug1084513.patch Approval Request Comment [Feature/regressing bug #]: 1057518 [User impact if declined]: Top crasher [Describe test coverage new/current, TBPL]: None [Risks and why]: None; this is just a null check [String/UUID change made/needed]: None
Flags: needinfo?(tanvi)
Attachment #8507224 -
Flags: approval-mozilla-aurora?
|
|
Assignee | |
Comment 10•10 years ago
|
||
Comment on attachment 8507224 [details] [diff] [review] Bug1084513.patch Approval Request Comment [Feature/regressing bug #]: 1057518 [User impact if declined]: Top crasher [Describe test coverage new/current, TBPL]: None [Risks and why]: None; this is jut a null check [String/UUID change made/needed]: None
Attachment #8507224 -
Flags: approval-mozilla-beta?
|
|
||
Comment 11•10 years ago
|
||
Comment on attachment 8507224 [details] [diff] [review] Bug1084513.patch Beta+ Aurora+
Attachment #8507224 -
Flags: approval-mozilla-beta?
Attachment #8507224 -
Flags: approval-mozilla-beta+
Attachment #8507224 -
Flags: approval-mozilla-aurora?
Attachment #8507224 -
Flags: approval-mozilla-aurora+
|
|
Assignee | |
Updated•10 years ago
|
Keywords: checkin-needed
|
||
Comment 12•10 years ago
|
||
No need for checkin-needed on uplifts :) https://hg.mozilla.org/releases/mozilla-aurora/rev/edf8cdca3a10 https://hg.mozilla.org/releases/mozilla-beta/rev/e84f980d638e
|
||
Updated•10 years ago
|
Flags: qe-verify+
|
||
Comment 13•10 years ago
|
||
No crashes in Socorro for both signatures after this fix, as it follows: for [@ mozilla::dom::XMLDocument::Load(nsAString_internal const&, mozilla::ErrorResult&)] signature: --- 35.0a2: https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Adom%3A%3AXMLDocument%3A%3ALoad%28nsAString_internal+const%26%2C+mozilla%3A%3AErrorResult%26%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A35.0a2&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports --- 36.0a1: https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Adom%3A%3AXMLDocument%3A%3ALoad%28nsAString_internal+const%26%2C+mozilla%3A%3AErrorResult%26%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A36.0a1&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports --- 34.0b: https://crash-stats.mozilla.com/report/list?signature=mozilla%3A%3Adom%3A%3AXMLDocument%3A%3ALoad%28nsAString_internal+const%26%2C+mozilla%3A%3AErrorResult%26%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A34.0b&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports for [@ nsINode::NodePrincipal()] signature: --- 35.0a2: https://crash-stats.mozilla.com/report/list?signature=nsINode%3A%3ANodePrincipal%28%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A35.0a2&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports --- 36.0a1: https://crash-stats.mozilla.com/report/list?signature=nsINode%3A%3ANodePrincipal%28%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A36.0a1&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports --- 34.0b: https://crash-stats.mozilla.com/report/list?signature=nsINode%3A%3ANodePrincipal%28%29&product=Firefox&query_type=contains&range_unit=weeks&process_type=any&version=Firefox%3A34.0b&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports - 18 crashes *still* present after this issue was fixed. Tanvi, any idea if those are related?
Status: RESOLVED → VERIFIED
Flags: needinfo?(tanvi)
|
|
Assignee | |
Comment 14•10 years ago
|
||
(In reply to Alexandra Lucinet, QA Mentor [:adalucinet] from comment #13) > --- 34.0b: > https://crash-stats.mozilla.com/report/ > list?signature=nsINode%3A%3ANodePrincipal%28%29&product=Firefox&query_type=co > ntains&range_unit=weeks&process_type=any&version=Firefox%3A34. > 0b&hang_type=any&date=2014-11-10+07%3A00%3A00&range_value=3#tab-reports - 18 > crashes *still* present after this issue was fixed. > > Tanvi, any idea if those are related? Looks like these are from HTMLMediaElement. Perhaps another null check was missed? https://crash-stats.mozilla.com/report/index/ca189039-a252-40c7-aa9a-43aac2141105
Flags: needinfo?(tanvi)
|
|
||
Comment 15•10 years ago
|
||
(In reply to Tanvi Vyas [:tanvi] from comment #14) > Looks like these are from HTMLMediaElement. Perhaps another null check was > missed? > https://crash-stats.mozilla.com/report/index/ca189039-a252-40c7-aa9a- > 43aac2141105 The latest reports still show the 18 crashes reported by Alexandra a week ago for Beta (3 and older). Does this warrant a new bug to track the remaining crashes, or should we consider this good enough for Beta?
|
|
||
Comment 16•10 years ago
|
||
(In reply to Florin Mezei, QA (:FlorinMezei) from comment #15) > The latest reports still show the 18 crashes reported by Alexandra a week > ago for Beta (3 and older). Does this warrant a new bug to track the > remaining crashes, or should we consider this good enough for Beta? Any thoughts on the above Tanvi?
Flags: needinfo?(tanvi)
|
|
Assignee | |
Comment 17•10 years ago
|
||
Hi Florin, Sorry, I was out last week and hence the delay in response. Sounds like this is a new and different bug. My patches didn't touch HTMLMediaElement. Thanks!
Flags: needinfo?(tanvi)
|
|
||
Comment 18•10 years ago
|
||
Thanks Tanvi! Another check today (for the past 4 weeks) shows a rise in crashes with [@ nsINode::NodePrincipal()], but they all seem to be in HTMLMediaElement as you mentioned: - 36.0a1 (Oct 21 builds and later) - 0 crashes - 35.0a2 (Oct 23 builds and later) - 6 crashes (all in HTMLMediaElement) - http://bit.ly/1tiSHQ2 - 34.0b - 432 crashes - http://bit.ly/15wJXAV * Beta 3 = 3 crashes * Beta 4 = 15 crashes * Beta 5 = 4 crashes * Beta 6 = 5 crashes * Beta 7 = 12 crashes * Beta 8 = 25 crashes * Beta 9 = 122 crashes * Beta 10 = 91 crashes * Beta 11 = 155 crashes (all in HTMLMediaElement) The remaining crashes are tracked in bug 761485. Marking this one as verified
|
||
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•