Crash in [@ nsFrameLoader::TryRemoteBrowserInternal]
Categories
(Core :: DOM: Navigation, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr68 | --- | unaffected |
| firefox-esr78 | --- | unaffected |
| firefox77 | --- | unaffected |
| firefox78 | --- | unaffected |
| firefox79 | + | fixed |
People
(Reporter: RyanVM, Assigned: kmag)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
This bug is for crash report bp-39034419-2bdc-4cfc-9584-55dd60200609.
Crashes started in the 20200605043926 build. Pushlog range:
https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=e33aea19d0c5&tochange=fecffba489bd447d60c2930f9d55ef834b1b20da
Top 10 frames of crashing thread:
0 xul.dll nsFrameLoader::TryRemoteBrowserInternal dom/base/nsFrameLoader.cpp:2444
1 xul.dll nsFrameLoader::TryRemoteBrowser dom/base/nsFrameLoader.cpp:2644
2 xul.dll nsFrameLoader::GetBrowsingContext dom/base/nsFrameLoader.cpp:3186
3 xul.dll static nsFocusManager::GetFocusedDescendant dom/base/nsFocusManager.cpp:290
4 xul.dll mozilla::PresShell::GetFocusedDOMWindowInOurWindow layout/base/PresShell.cpp:6493
5 xul.dll mozilla::layers::FocusTarget::FocusTarget gfx/layers/apz/src/FocusTarget.cpp:101
6 xul.dll mozilla::PresShell::Paint layout/base/PresShell.cpp:6198
7 xul.dll nsViewManager::ProcessPendingUpdatesPaint view/nsViewManager.cpp:460
8 xul.dll nsViewManager::ProcessPendingUpdatesForView view/nsViewManager.cpp:395
9 xul.dll nsViewManager::ProcessPendingUpdates view/nsViewManager.cpp:1018
|
Reporter | |
Comment 1•4 years ago
|
||
Neha, this is the #5 overall Nightly parent process topcrash at the moment. Can you please help find an owner for it?
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Comment 2•4 years ago
|
||
When trying to get the current focused element during reflow, when the current
focused element in the document is a frame which has yet to be initialized,
attempting to walk through that frame's BrowsingContext causes immediate frame
loader initialization. Since frame loader initialization often requires running
scripts, that's unsafe, which is why we defer initialization until the end of
any in-progress reflow or document update.
This patch fixes the focus manager code to ignore any uninitialized frame
loaders it comes across, since by definition they cannot have any
currently-focused element until their subdocuments have been created.
Pushed by maglione.k@gmail.com: https://hg.mozilla.org/integration/autoland/rev/eba8587b55b1 Don't force frame loader initialization during reflow from focus manager. r=hsivonen
|
||
Comment 4•4 years ago
|
||
| bugherder | ||
|
|
Reporter | |
Comment 5•4 years ago
|
||
We're still getting crash reports from Nightly builds containing the patch from comment 4. Example:
https://crash-stats.mozilla.org/report/index/55e3d66c-55ca-436e-9739-90fc10200615
|
|
Reporter | |
Comment 6•4 years ago
|
||
|
|
Assignee | |
Comment 7•4 years ago
|
||
(In reply to Ryan VanderMeulen [:RyanVM] from comment #5)
We're still getting crash reports from Nightly builds containing the patch from comment 4. Example:
https://crash-stats.mozilla.org/report/index/55e3d66c-55ca-436e-9739-90fc10200615
That's a different crash. It needs a different bug.
|
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Updated•4 years ago
|
Description
•