Crash in [@ mozilla::a11y::PDocAccessibleChild::SendCache]
Categories
(Core :: Disability Access APIs, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr78 | --- | unaffected |
firefox-esr91 | --- | unaffected |
firefox92 | --- | unaffected |
firefox93 | --- | unaffected |
firefox94 | --- | unaffected |
firefox95 | --- | fixed |
People
(Reporter: calixte, Assigned: morgan)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
Maybe Fission related. (DOMFissionEnabled=1)
Crash report: https://crash-stats.mozilla.org/report/index/62b31cbf-c110-4f46-94a6-eb3210211006
Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Top 10 frames of crashing thread:
0 XUL mozilla::a11y::PDocAccessibleChild::SendCache ipc/ipdl/PDocAccessibleChild.cpp:684
1 XUL nsAccessibilityService::NotifyOfResolutionChange accessible/base/nsAccessibilityService.cpp:410
2 XUL mozilla::PresShell::SetResolutionAndScaleTo layout/base/PresShell.cpp:5422
3 XUL mozilla::ScrollFrameHelper::RestoreState layout/generic/nsGfxScrollFrame.cpp:7333
4 XUL {virtual override thunk}
5 XUL nsCSSFrameConstructor::InitAndRestoreFrame layout/base/nsCSSFrameConstructor.cpp:4669
6 XUL nsCSSFrameConstructor::BeginBuildingScrollFrame layout/base/nsCSSFrameConstructor.cpp:4239
7 XUL nsCSSFrameConstructor::ContentRangeInserted layout/base/nsCSSFrameConstructor.cpp:6986
8 XUL mozilla::PresShell::Initialize layout/base/PresShell.cpp:1859
9 XUL mozilla::dom::PrototypeDocumentContentSink::DoneWalking dom/prototype/PrototypeDocumentContentSink.cpp:669
There is 1 crash in nightly 95 with buildid 20211006094130. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1726227.
[1] https://hg.mozilla.org/mozilla-central/rev?node=3cfe5bd5d084
Comment 1•3 years ago
|
||
I didn't spot this in review :(, but I guess there's no reason nsAccessibilityService::NotifyOfResolutionChange can't be called before DocAccessible::DoInitialUpdate is called. In that case, the IPC document won't exist yet, nor will the initial cache push have occurred. A simple null check should suffice here, for now at least.
Assignee | ||
Comment 2•3 years ago
|
||
haha this crash report is mine :)
I'll put up a patch for this
Assignee | ||
Comment 3•3 years ago
|
||
Updated•3 years ago
|
Pushed by mreschenberg@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a28e38db75a1 Verify IPC doc exists before sending resolution update r=Jamie
Comment 5•3 years ago
|
||
bugherder |
Updated•3 years ago
|
Description
•