Closed
Bug 1560313
Opened 5 years ago
Closed 5 years ago
[Fission] Crash in [@ nsGlobalWindowOuter::GetPrincipal]
Categories
(Core :: DOM: Navigation, defect, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox67 | --- | unaffected |
| firefox68 | --- | unaffected |
| firefox69 | --- | fixed |
People
(Reporter: emilghitta, Assigned: mccr8)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file, 1 obsolete file)
This bug is for crash report bp-1607a149-413e-4e7d-bb85-fc1bc0190620.
Top 10 frames of crashing thread:
0 xul.dll nsGlobalWindowOuter::GetPrincipal dom/base/nsGlobalWindowOuter.cpp:2746
1 xul.dll nsGlobalWindowOuter::GetPrincipalForPostMessage dom/base/nsGlobalWindowOuter.cpp:5997
2 xul.dll mozilla::dom::ContentChild::RecvWindowPostMessage dom/ipc/ContentChild.cpp:3979
3 xul.dll mozilla::dom::PContentChild::OnMessageReceived ipc/ipdl/PContentChild.cpp:12357
4 xul.dll mozilla::ipc::MessageChannel::DispatchMessage ipc/glue/MessageChannel.cpp:2082
5 xul.dll mozilla::ipc::MessageChannel::MessageTask::Run ipc/glue/MessageChannel.cpp:1970
6 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1225
7 xul.dll NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:486
8 xul.dll void mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:88
9 xul.dll MessageLoop::RunHandler ipc/chromium/src/base/message_loop.cc:308
Affected Versions
- Firefox 69.0a1 (BuildId:20190620094631).
Affected Platforms
- Windows 10 64bit
- Ubuntu 18.04 64bit
Unaffected platforms
- macOS 10.10.5 (not sure for now, didn't managed to reproduce on macOS after a couple of tries. Will get back and investigate further).
Steps to Reproduce
- Launch Firefox with a clean profile.
- Access the about:config page.
- Create the fission.autostart pref and set it to true
- Access the following webpage
- Wait for the page to fully load and start scrolling (maybe refresh the page a couple of times).
Expected Results
- Firefox is stable and the website is successfully loaded.
Actual Results
- Tab crash
|
Reporter | |
Updated•5 years ago
|
Summary: Crash in [@ nsGlobalWindowOuter::GetPrincipal] → [Fission] Crash in [@ nsGlobalWindowOuter::GetPrincipal]
|
||
Updated•5 years ago
|
Fission Milestone: --- → M4
Flags: needinfo?(continuation)
|
Assignee | |
Comment 1•5 years ago
|
||
My guess is that we're trying to postmessage to a BrowsingContext where the window is null, but I'd have to check. Presumably the fix to that would be to bail out in that case.
|
|
Assignee | |
Updated•5 years ago
|
Assignee: nobody → continuation
Flags: needinfo?(continuation)
|
|
||
Updated•5 years ago
|
Priority: -- → P2
|
|
Assignee | |
Comment 2•5 years ago
|
||
I couldn't reproduce the crash, but there are a few places in
ContentChild where we grab a window off of a BC without checking if
the window exists, so I added null checks.
|
||
Updated•5 years ago
|
status-firefox67:
--- → unaffected
status-firefox68:
--- → unaffected
status-firefox-esr60:
--- → unaffected
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 3•5 years ago
|
||
|
||
Updated•5 years ago
|
Attachment #9074033 -
Attachment is obsolete: true
Pushed by amccreight@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/115a611f83a3
Add some null checks for GetDOMWindow() in ContentChild. r=farre
|
||
Comment 5•5 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
You need to log in
before you can comment on or make changes to this bug.
Description
•