macOS Crash in [@ nsBaseWidget::StartAsyncAutoscroll]
Categories
(Core :: Panning and Zooming, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr78 | --- | unaffected |
firefox87 | --- | unaffected |
firefox88 | --- | fixed |
firefox89 | --- | fixed |
People
(Reporter: aryx, Assigned: hiro)
References
(Regression)
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-release+
|
Details | Review |
8 crashes on 4+ devices, macOS 10.15 + 11, reported versions 88.0b6 + 88.0b7 + 89.0a1
Crash report: https://crash-stats.mozilla.org/report/index/83177606-08a0-4877-8bc9-6b1670210406
Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Top 10 frames of crashing thread:
0 XUL nsBaseWidget::StartAsyncAutoscroll widget/nsBaseWidget.cpp:1873
1 XUL mozilla::dom::BrowserParent::StartApzAutoscroll dom/ipc/BrowserParent.cpp:3489
2 XUL {virtual override thunk}
3 XUL NS_InvokeByIndex
4 XUL XPCWrappedNative::CallMethod js/xpconnect/src/XPCWrappedNative.cpp:1142
5 XUL XPC_WN_CallMethod js/xpconnect/src/XPCWrappedNativeJSOps.cpp:925
6 XUL js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:520
7 XUL Interpret js/src/vm/Interpreter.cpp:3244
8 XUL js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:552
9 XUL JS::Call js/src/jsapi.cpp:2856
Updated•3 years ago
|
Comment 1•3 years ago
|
||
Comment 2•3 years ago
•
|
||
Just eyeballing the code, the AsyncPanZoomEnabled() check might return true because of the popup delegation but then the autoscroll start function tries to use mAPZC from the root widget which might be null. So the STR would be to start an autoscroll in an extension popup, probably.
Comment 3•3 years ago
|
||
Ah good catch!
I guess StartAsyncAutoscroll()
and StopAsyncAutoscroll()
should be delegated to the popup window as well?
Comment 4•3 years ago
|
||
Sounds reasonable.
Assignee | ||
Comment 5•3 years ago
|
||
I am on it.
Assignee | ||
Comment 6•3 years ago
|
||
Pushed by hikezoe.birchill@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/5791073c28b7 Delegate StartAsyncAutoscroll and StopAsyncAutoscroll calls to the proper widget mPopupContentView. r=botond
Comment 8•3 years ago
|
||
bugherder |
Comment 9•3 years ago
|
||
Looks like a low-volume regression from bug 1694898, but feel free to nominate for Release approval if you think it should be on the radar as a ride-along for an RC respin or dot release.
Updated•3 years ago
|
Assignee | ||
Comment 10•3 years ago
|
||
Comment on attachment 9215014 [details]
Bug 1703762 - Delegate StartAsyncAutoscroll and StopAsyncAutoscroll calls to the proper widget mPopupContentView. r?botond!
Beta/Release Uplift Approval Request
- User impact if declined: Crash
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): It simply delegates two functions to the proper class.
- String changes made/needed: none
Updated•3 years ago
|
Comment 11•3 years ago
|
||
Comment on attachment 9215014 [details]
Bug 1703762 - Delegate StartAsyncAutoscroll and StopAsyncAutoscroll calls to the proper widget mPopupContentView. r?botond!
Approved for 88.0rc2, thanks.
Comment 12•3 years ago
|
||
bugherder uplift |
Updated•3 years ago
|
Description
•