Closed
Bug 1370968
Opened 7 years ago
Closed 7 years ago
Crash in nsLayoutUtils::FindNearestCommonAncestorFrame
Categories
(Core :: Layout, defect)
Tracking
()
RESOLVED
FIXED
mozilla55
Tracking | Status | |
---|---|---|
firefox-esr52 | --- | unaffected |
firefox53 | --- | unaffected |
firefox54 | --- | unaffected |
firefox55 | --- | fixed |
People
(Reporter: calixte, Assigned: tschneider)
References
(Blocks 1 open bug)
Details
(Keywords: crash, regression, Whiteboard: [clouseau])
Crash Data
Attachments
(2 files, 3 obsolete files)
1.41 KB,
patch
|
mstange
:
review+
|
Details | Diff | Splinter Review |
1.98 KB,
patch
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-489abd7b-dce1-4fed-a01e-d1ca20170607. ============================================================= There is 2 crashes (from the same installation) in nightly 55 with buildid 20170607030206. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1359318. [1] https://hg.mozilla.org/mozilla-central/rev?node=279a08ffe577ec62a6b9d5ca76fe25bd117dd2b3
Flags: needinfo?(tschneider)
Assignee | ||
Comment 1•7 years ago
|
||
Flags: needinfo?(tschneider)
Assignee | ||
Comment 2•7 years ago
|
||
Assignee | ||
Comment 3•7 years ago
|
||
Attachment #8875436 -
Attachment is obsolete: true
Assignee | ||
Comment 4•7 years ago
|
||
Problem here was that a target within an XUL page, loaded via an iframe, was observed and the code to calculate the intersection expected the target having a root scroll frame. We should guard properly against any cases of NULL when using this API within a XUL context.
Assignee | ||
Updated•7 years ago
|
Attachment #8875477 -
Flags: review?(mstange)
Comment 5•7 years ago
|
||
Comment on attachment 8875477 [details] [diff] [review] Guard against possible NULL values when IntersecionObserver API is used in XUL pages Review of attachment 8875477 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/base/DOMIntersectionObserver.cpp @@ +417,5 @@ > + if (presContext) { > + nsCOMPtr<nsIPresShell> presShell = presContext->PresShell(); > + if (presShell) { > + nsIFrame* rootScrollFrame = presShell->GetRootScrollFrame(); > + if (rootScrollFrame) { The rootScrollFrame check should be the only one that's needed. A frame always has a PresContext and a PresContext always has a PresShell. (Except maybe during frame / prescontext destruction.) The general rule is: Getters that start with the word "Get" can return null, those that don't can not.
Assignee | ||
Comment 6•7 years ago
|
||
Addressed review comment.
Attachment #8875477 -
Attachment is obsolete: true
Attachment #8875477 -
Flags: review?(mstange)
Attachment #8875492 -
Flags: review?(mstange)
Updated•7 years ago
|
Attachment #8875492 -
Flags: review?(mstange) → review+
Assignee | ||
Comment 7•7 years ago
|
||
Attachment #8875435 -
Attachment is obsolete: true
Assignee | ||
Comment 8•7 years ago
|
||
Try run: https://treeherder.mozilla.org/#/jobs?repo=try&revision=9ee18f866530165799b9c2be93d744fe1eb96985
Assignee | ||
Updated•7 years ago
|
Keywords: checkin-needed
Updated•7 years ago
|
Assignee: nobody → tschneider
Flags: in-testsuite+
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/217c7653e6ec Guard against possible NULL values when IntersecionObserver API is used in XUL pages. r=mstange https://hg.mozilla.org/integration/mozilla-inbound/rev/5c606fafb195 Test for crash in nsLayoutUtils::FindNearestCommonAncestorFrame. r=mstange
Keywords: checkin-needed
Comment 10•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/217c7653e6ec https://hg.mozilla.org/mozilla-central/rev/5c606fafb195
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in
before you can comment on or make changes to this bug.
Description
•