1597215 - Crash in [@ mozilla::dom::WindowGlobalChild::RecvLoadURIInChild]

Status: RESOLVED FIXED

(Core :: DOM: Window and Location, defect, P2)

Description

[Gabriele Svelto [:gsvelto]]

This bug is for crash report bp-f4eaa5dd-e700-42f2-8c90-0fe800191116.

Top 10 frames of crashing thread:

0 libxul.so mozilla::dom::WindowGlobalChild::RecvLoadURIInChild dom/ipc/WindowGlobalChild.cpp:240
1 libxul.so mozilla::dom::PWindowGlobalChild::OnMessageReceived ipc/ipdl/PWindowGlobalChild.cpp:675
2 libxul.so mozilla::dom::PContentChild::OnMessageReceived ipc/ipdl/PContentChild.cpp:8167
3 libxul.so mozilla::ipc::MessageChannel::DispatchMessage ipc/glue/MessageChannel.cpp:2208
4 libxul.so mozilla::ipc::MessageChannel::RunMessage ipc/glue/MessageChannel.cpp:1972
5 libxul.so mozilla::ipc::MessageChannel::MessageTask::Run ipc/glue/MessageChannel.cpp:2003
6 libxul.so mozilla::SchedulerGroup::Runnable::Run xpcom/threads/SchedulerGroup.cpp:295
7 libxul.so nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1250
8 libxul.so <name omitted> xpcom/threads/nsThreadUtils.cpp:486
9 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:88

This is a NULL pointer dereference happening across all three platforms with Fission enabled.

Comment 1

[Neil Deakin]

This crashing code no longer exists and was moved in bug 1589123, but it looks like this specific crash wouldn't happen as what could have been a null pointer before is always 'this' now.

Matt, could you confirm and close this bug?