Crash in mozilla::TIPMessageHandler::SendMessageTimeoutWHook
RESOLVED
FIXED
in Firefox 52
Status
()
People
(Reporter: philipp, Assigned: aklotz)
Tracking
({crash, regression})
Bug Flags:
Firefox Tracking Flags
(firefox51 unaffected, firefox52 fixed, firefox53 fixed, firefox54 fixed)
Details
(Whiteboard: aes?, crash signature)
Attachments
(1 attachment)
|
59 bytes,
text/x-review-board-request
|
jimm
:
review+
jcristau
:
approval-mozilla-aurora+
jcristau
:
approval-mozilla-beta+
|
Details |
This bug was filed from the Socorro interface and is report bp-52fabcd9-25d0-4529-a508-c85422170126. ============================================================= this seems to be a regression in firefox 52 in a codepath that was added in bug 1329616. so far it's rather low level while it was on aurora and there isn't much data from 52.0b yet...
|
(Assignee) | |
Comment 1•2 years ago
|
||
Oddly enough this looks kind of like the SendMessageTimeoutW hook was applied twice, thus causing SendMessageTimeoutWStub to point to SendMessageTimeoutWHook. I suppose this could happen if all nsWindow objects were destroyed and then another one was subsequently created. This is probably a rare occurrence but not impossible.
Whiteboard: aes?
| Comment hidden (mozreview-request) |
|
|
(Assignee) | |
Updated•2 years ago
|
status-firefox53: ? → affected
status-firefox54: ? → affected
|
||
Updated•2 years ago
|
Attachment #8830924 -
Flags: review?(jmathies) → review+
|
|
||
Comment 3•2 years ago
|
||
| mozreview-review | ||
Comment on attachment 8830924 [details] Bug 1334257: Assure that TIPMessageHandler hooks may not be instantiated more than once; https://reviewboard.mozilla.org/r/107592/#review109022
Pushed by aklotz@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/2a94f3b94970 Assure that TIPMessageHandler hooks may not be instantiated more than once; r=jimm
|
||
Comment 5•2 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/2a94f3b94970
Status: NEW → RESOLVED
Last Resolved: 2 years ago
status-firefox54: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
|
||
Comment 6•2 years ago
|
||
Given the current state of e10s+a11y, I'm not sure where if anywhere this needs backporting to. But please request it where needed :)
Assignee: nobody → aklotz
Flags: needinfo?(aklotz)
|
|
(Assignee) | |
Comment 7•2 years ago
|
||
Comment on attachment 8830924 [details] Bug 1334257: Assure that TIPMessageHandler hooks may not be instantiated more than once; Approval Request Comment [Feature/Bug causing the regression]: bug 1329616 [User impact if declined]: Possible crashes due to stack overflow [Is this code covered by automated tests?]: Yes [Has the fix been verified in Nightly?]: Yes [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: None [Is the change risky?]: No [Why is the change risky/not risky?]: Really simple patch, just added checks to ensure affected code isn't run more than once. [String changes made/needed]: None
Flags: needinfo?(aklotz)
Attachment #8830924 -
Flags: approval-mozilla-beta?
Attachment #8830924 -
Flags: approval-mozilla-aurora?
|
||
Comment 8•2 years ago
|
||
Comment on attachment 8830924 [details] Bug 1334257: Assure that TIPMessageHandler hooks may not be instantiated more than once; fix crash in beta52 and aurora53
Attachment #8830924 -
Flags: approval-mozilla-beta?
Attachment #8830924 -
Flags: approval-mozilla-beta+
Attachment #8830924 -
Flags: approval-mozilla-aurora?
Attachment #8830924 -
Flags: approval-mozilla-aurora+
|
||
Comment 9•2 years ago
|
||
| bugherderuplift | ||
https://hg.mozilla.org/releases/mozilla-aurora/rev/e0080533f0ef
status-firefox53: affected → fixed
|
|
||
Comment 10•2 years ago
|
||
| bugherderuplift | ||
https://hg.mozilla.org/releases/mozilla-beta/rev/716b06d07433
status-firefox52: affected → fixed
|
||
Updated•2 years ago
|
Flags: qe-verify-
You need to log in
before you can comment on or make changes to this bug.
Description
•