Closed
Bug 1453567
Opened 5 years ago
Closed 5 years ago
Crash in mozilla::dom::ChildSHistory::LegacySHistory
Categories
(Core :: DOM: Navigation, defect, P1)
Tracking
()
VERIFIED
FIXED
mozilla61
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox59 | --- | unaffected |
| firefox60 | --- | unaffected |
| firefox61 | blocking | verified |
People
(Reporter: calixte, Assigned: nika)
References
(Blocks 1 open bug)
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
|
1.23 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-bd03514e-3a05-476c-806b-548560180412. ============================================================= Top 10 frames of crashing thread: 0 libxul.so mozilla::dom::ChildSHistory::LegacySHistory docshell/shistory/ChildSHistory.cpp:87 1 libxul.so nsHistory::PushOrReplaceState dom/base/nsHistory.cpp:292 2 libxul.so nsHistory::ReplaceState dom/base/nsHistory.cpp:258 3 libxul.so mozilla::dom::HistoryBinding::replaceState dom/bindings/HistoryBinding.cpp:384 4 libxul.so mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions> dom/bindings/BindingUtils.cpp:3195 5 libxul.so libxul.so@0x2f2d3fd 6 libxul.so libxul.so@0x2f64d74 7 @0x1e32983dc3c7 8 @0x7f128d223d7f 9 @0x1e32983d64e1 ============================================================= There are 3 crashes (from 3 installations) in nightly 61 with buildid 20180412001050. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1434768. [1] https://hg.mozilla.org/mozilla-central/rev?node=47c477fefd3b
Flags: needinfo?(nika)
|
||
Comment 1•5 years ago
|
||
I just hit this https://crash-stats.mozilla.com/report/index/b4096876-e749-498f-89aa-eceda0180413 When clicking a link on a google search result page pointing to an ietf draft.
|
||
Comment 2•5 years ago
|
||
Approaching 200 crashes since this was filed. Nils - Is the crash reproducible? If so please paste the link. Thanks.
Flags: needinfo?(drno)
|
|
||
Comment 3•5 years ago
|
||
(In reply to Marcia Knous [:marcia - needinfo? me] from comment #2) > Nils - Is the crash > reproducible? If so please paste the link. Thanks. I tried a couple of time with the same search terms and clicking new links as well as links I had clicked before, but was not able to reproduce it any more.
Flags: needinfo?(drno)
|
||
Updated•5 years ago
|
tracking-firefox61:
--- → blocking
|
|
||
Comment 4•5 years ago
|
||
Volume is up to almost 800 crashes since initial filing - Mac and Linux only, with Mac 10.13 accounting for the majority of crashes.
|
Assignee | |
Comment 5•5 years ago
|
||
Looks like this accidentally got thrown out in the refactoring.
Attachment #8968315 -
Flags: review?(bzbarsky)
|
|
Assignee | |
Updated•5 years ago
|
Flags: needinfo?(nika)
|
|
Assignee | |
Updated•5 years ago
|
Assignee: nobody → nika
|
|
||
Updated•5 years ago
|
Severity: critical → blocker
Priority: -- → P1
|
||
Comment 7•5 years ago
|
||
Comment on attachment 8968315 [details] [diff] [review] Null-check rootSH in nsDocShell::AddState r=me, though I kinda wonder how we get into this state (torn-down docshell?).
Attachment #8968315 -
Flags: review?(bzbarsky) → review+
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/mozilla-central/rev/26d6282bdbe0 Null-check rootSH in nsDocShell::AddState. r=bz, a=RyanVM
|
|
||
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
|
|
||
Updated•5 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•