Closed Bug 1719053 Opened 4 years ago Closed 4 years ago

Crash in [@ mozilla::a11y::sdnAccessible::get_nodeInfo]

Categories

(Core :: Disability Access APIs, defect)

Product:
Core
Component:
Disability Access APIs
Platform:
Unspecified
Windows
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1720696

People

(Reporter: wsmwk, Unassigned)

Details

(Keywords: crash)

Crash Data

All crashes are Windows. Starting version 90 beta. MOst are startup crashes

Crash report: https://crash-stats.mozilla.org/report/index/48605e76-9fe0-41f6-9e25-ac0490210630 nzbrco.dll

Reason: EXCEPTION_ACCESS_VIOLATION_READ

Top 10 frames of crashing thread:

0 xul.dll mozilla::a11y::sdnAccessible::get_nodeInfo accessible/windows/sdn/sdnAccessible.cpp:108
1 nzbrco.dll nzbrco.dll@0x2c0d5 
2 nzbrco.dll nzbrco.dll@0x2c28f 
3 nzbrco.dll nzbrco.dll@0x6fb6d 
4 xul.dll mozilla::a11y::HTMLTextFieldAccessible::NativeRole const accessible/html/HTMLFormControlAccessible.cpp:229
5 mozglue.dll je_malloc memory/build/malloc_decls.h:51
6 mozglue.dll moz_xmalloc memory/mozalloc/mozalloc.cpp:58
7 xul.dll mozilla::a11y::MsaaAccessible::QueryInterface accessible/windows/msaa/MsaaAccessible.cpp:767
8 oleacc.dll virtual long AccWrap_Base::QueryService 
9 nzbrco.dll nzbrco.dll@0x2b8a0

bp-c21dde3a-446c-4d6e-b085-c0b820210701 FsDomSrv.dll Firefox

Two (or one) Thunderbird user
bp-41c3ab93-d5c5-4b32-a73e-5d9330210616 Ai Squared Thunderbird
bp-f24e4460-a99e-4cd9-91b1-533a00210702 AI Squared Thunderbird

Severity: -- → S2

The Bugbug bot thinks this bug should belong to the 'Core::Disability Access APIs' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: General → Disability Access APIs
Product: Firefox → Core

This stack is somewhat bogus; there's no way we could get from HTMLTextFieldAccessible::NativeRole to some random dll. However, i suspect that's because the symbols for said dll are missing, so we can't symbolicate properly. WinDBG fails to traverse the stack altogether after the frames from this dll.

That said, WinDBG did show one additional inline frame:

00 (Inline Function) --------`-------- xul!mozilla::a11y::sdnAccessible::GetMsaa+0x9d [/builds/worker/checkouts/gecko/accessible/windows/sdn/sdnAccessible-inl.h @ 36]

That suggests this is the same issue as bug 1720696, just a different caller (and Mozilla's symbolicator can't see the inline frame).

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.