Open Bug 1721850 Opened 2 months ago Updated 3 days ago

Crash in [@ nsIconChannel::GetHIconFromFile]

Categories

(Core :: Security: Process Sandboxing, defect, P2)

Unspecified
Windows 10
defect

Tracking

()

ASSIGNED

People

(Reporter: sefeng, Assigned: bobowen)

References

(Blocks 1 open bug)

Details

(Keywords: crash)

Crash Data

Maybe Fission related. (DOMFissionEnabled=1)

Crash report: https://crash-stats.mozilla.org/report/index/286187e2-c711-4b76-b049-f337e0210720

MOZ_CRASH Reason: MOZ_DIAGNOSTIC_ASSERT(false) (GetHIconFromFile requires call to SHGetFileInfo, which cannot be used when win32k is disabled.)

Top 10 frames of crashing thread:

0 xul.dll nsIconChannel::GetHIconFromFile image/decoders/icon/win/nsIconChannel.cpp:452
1 xul.dll nsIconChannel::GetHIcon image/decoders/icon/win/nsIconChannel.cpp:692
2 xul.dll nsIconChannel::AsyncOpen image/decoders/icon/win/nsIconChannel.cpp:392
3 xul.dll imgLoader::LoadImage image/imgLoader.cpp:2491
4 xul.dll static nsContentUtils::LoadImage dom/base/nsContentUtils.cpp:3659
5 xul.dll mozilla::dom::Document::PreLoadImage dom/base/Document.cpp:12178
6 xul.dll mozilla::dom::Document::MaybePreLoadImage dom/base/Document.cpp:12225
7 xul.dll nsHtml5SpeculativeLoad::Perform parser/html/nsHtml5SpeculativeLoad.cpp:43
8 xul.dll nsHtml5TreeOpExecutor::RunFlushLoop parser/html/nsHtml5TreeOpExecutor.cpp:585
9 xul.dll nsHtml5ExecutorFlusher::Run parser/html/nsHtml5StreamParser.cpp:179
Severity: -- → S2

Win32k lockdown is an experiment, and I think cmartin has seen this failure in try runs.

Severity: S2 → S4
Priority: -- → P2

Seems like most of these are being caused by listing resource:// URLs.

Assignee: nobody → bobowencode
Status: NEW → ASSIGNED
You need to log in before you can comment on or make changes to this bug.