Closed
Bug 1471157
Opened 6 years ago
Closed 6 years ago
Crash in mozilla::dom::DataTransfer::GetTypes
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla63
Tracking | Status | |
---|---|---|
firefox-esr52 | --- | unaffected |
firefox-esr60 | --- | unaffected |
firefox61 | --- | wontfix |
firefox62 | --- | fixed |
firefox63 | --- | fixed |
People
(Reporter: philipp, Assigned: bzbarsky)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file, 2 obsolete files)
1.77 KB,
patch
|
nika
:
review+
lizzard
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-442fabe4-9b1d-4efd-ae93-30c110180626. ============================================================= Top 10 frames of crashing thread: 0 xul.dll mozilla::dom::DataTransfer::GetTypes dom/events/DataTransfer.cpp:294 1 xul.dll nsFileControlFrame::DnDListener::IsValidDropData layout/forms/nsFileControlFrame.cpp:387 2 xul.dll nsFileControlFrame::DnDListener::HandleEvent layout/forms/nsFileControlFrame.cpp:253 3 xul.dll mozilla::EventListenerManager::HandleEventSubType dom/events/EventListenerManager.cpp:1124 4 xul.dll mozilla::EventListenerManager::HandleEventInternal dom/events/EventListenerManager.cpp:1291 5 xul.dll mozilla::EventTargetChainItem::HandleEventTargetChain dom/events/EventDispatcher.cpp:528 6 xul.dll mozilla::EventTargetChainItem::HandleEventTargetChain dom/events/EventDispatcher.cpp:591 7 xul.dll mozilla::EventDispatcher::Dispatch dom/events/EventDispatcher.cpp:961 8 xul.dll mozilla::PresShell::DispatchEventToDOM layout/base/PresShell.cpp:8000 9 xul.dll mozilla::PresShell::HandleEventInternal layout/base/PresShell.cpp:7677 ============================================================= this is a low volume crash signature regressing during the 61 cycle, so far reports are only coming from windows installations. could this be related to bug 1444686 or 1455052?
Flags: needinfo?(bzbarsky)
Assignee | ||
Comment 1•6 years ago
|
||
This is definitely fallout from bug 1444686.
Assignee | ||
Comment 2•6 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/41d99ad7144f removed a null-check that shouldn't have been removed: the datatransfer argument might actually be null here.
Attachment #8987996 -
Flags: review?(nika)
Assignee | ||
Comment 3•6 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/41d99ad7144f removed a null-check that shouldn't have been removed: the datatransfer argument might actually be null here.
Attachment #8987999 -
Flags: review?(nika)
Assignee | ||
Updated•6 years ago
|
Attachment #8987996 -
Attachment is obsolete: true
Attachment #8987996 -
Flags: review?(nika)
Assignee | ||
Comment 4•6 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/41d99ad7144f removed a null-check that shouldn't have been removed: the datatransfer argument might actually be null here.
Attachment #8988000 -
Flags: review?(nika)
Assignee | ||
Updated•6 years ago
|
Attachment #8987999 -
Attachment is obsolete: true
Attachment #8987999 -
Flags: review?(nika)
Updated•6 years ago
|
Attachment #8988000 -
Flags: review?(nika) → review+
Updated•6 years ago
|
Comment 5•6 years ago
|
||
Keeping an eye on this for release, and could take the patch for beta 62 as well.
Pushed by bzbarsky@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/0ee5b54dab6c Fix null-deref crash when a drop event has no DataTransfer. r=nika
Assignee | ||
Comment 7•6 years ago
|
||
Comment on attachment 8988000 [details] [diff] [review] Fix null-deref crash when a drop event has no DataTransfer Approval Request Comment [Feature/Bug causing the regression]: Bug 1444686. [User impact if declined]: Crashes on drag and drop in some cases. [Is this code covered by automated tests?]: Yes. [Has the fix been verified in Nightly?]: Yes. [Needs manual test from QE? If yes, steps to reproduce]: No. [List of other uplifts needed for the feature/fix]: None. [Is the change risky?]: No. [Why is the change risky/not risky?]: Just adds a null-check that used to be there already. [String changes made/needed]: None.
Attachment #8988000 -
Flags: approval-mozilla-beta?
Comment 8•6 years ago
|
||
Comment on attachment 8988000 [details] [diff] [review] Fix null-deref crash when a drop event has no DataTransfer Crash fix, verified in Nightly, let's take this for beta 4.
Attachment #8988000 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Comment 9•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/0ee5b54dab6c
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
Updated•6 years ago
|
Comment 10•6 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-beta/rev/7ccdd10cf1b0
Updated•6 years ago
|
Flags: qe-verify-
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•