Crash in [@ nsPrintJob::PrintDocContent]
Categories
(Core :: Printing: Output, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr91 | --- | unaffected |
| firefox101 | --- | unaffected |
| firefox102 | + | fixed |
| firefox103 | --- | fixed |
People
(Reporter: mccr8, Assigned: mccr8)
References
(Regression)
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
pascalc
:
approval-mozilla-beta+
|
Details | Review |
Crash report: https://crash-stats.mozilla.org/report/index/62fa0d12-f74a-4e62-81e6-936aa0220525
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 10 frames of crashing thread:
0 xul.dll nsPrintJob::PrintDocContent layout/printing/nsPrintJob.cpp:1475
1 xul.dll nsPrintJob::SetupToPrintContent layout/printing/nsPrintJob.cpp:948
2 xul.dll nsPrintJob::MaybeResumePrintAfterResourcesLoaded layout/printing/nsPrintJob.cpp:1072
3 xul.dll nsPrintJob::InitPrintDocConstruction layout/printing/nsPrintJob.cpp:1019
4 xul.dll nsPrintJob::DoCommonPrint layout/printing/nsPrintJob.cpp:469
5 xul.dll nsPrintJob::CommonPrint layout/printing/nsPrintJob.cpp:352
6 xul.dll nsPrintJob::Print layout/printing/nsPrintJob.cpp:479
7 xul.dll nsDocumentViewer::Print layout/base/nsDocumentViewer.cpp:2937
8 xul.dll nsGlobalWindowOuter::Print dom/base/nsGlobalWindowOuter.cpp:5313
9 xul.dll mozilla::dom::BrowserChild::RecvPrint dom/ipc/BrowserChild.cpp:2522
Looks like a null deref.
|
||
Comment 1•3 years ago
|
||
Comment 0 seems to be a null-deref on aPO here:
// Called for each DocShell that needs to be printed
bool nsPrintJob::PrintDocContent(const UniquePtr<nsPrintObject>& aPO,
nsresult& aStatus) {
NS_ASSERTION(aPO, "Pointer is null!");
aStatus = NS_OK;
if (!aPO->mHasBeenPrinted && aPO->PrintingIsEnabled()) {
aStatus = DoPrint(aPO);
return true;
jwatt, is this possibly related to your recent cleanups?
|
|
||
Comment 2•3 years ago
|
||
Looking at the crash data, this is almost entirely Win7, but there's one Windows 10 crash right now:
bp-d908a9e8-4696-4c73-a71c-e6f4c0220603
|
|
||
Comment 3•3 years ago
|
||
(and this seems to be largely from window.print(), based on the reports we've looked at so far)
|
||
Comment 5•3 years ago
|
||
We do a null-check here: https://searchfox.org/mozilla-central/rev/4c3f6e8bf87fffb7c62feb4c76a14e0eb0b94c1f/layout/printing/nsPrintJob.cpp#782
But then run a bunch of code before this: https://searchfox.org/mozilla-central/rev/4c3f6e8bf87fffb7c62feb4c76a14e0eb0b94c1f/layout/printing/nsPrintJob.cpp#948
Including running script, so another null-check around might be warranted.
|
||
Updated•3 years ago
|
|
||
Comment 6•3 years ago
|
||
High volume of crashes on beta, tracking for our 102 release.
|
||
Updated•3 years ago
|
|
|
||
Comment 7•3 years ago
|
||
Jonathan, can we please get somebody assigned rapidly to this bug? This is high volume on beta, I would take a patch next week for the RC. Thanks
|
Assignee | |
Comment 8•3 years ago
|
||
jwatt hasn't been active on bugzilla for a few weeks. I'll write a patch.
|
|
Assignee | |
Comment 9•3 years ago
|
||
We're seeing a lot of null crashes here. Maybe we're running script since
we last checked mPrintObject and the printer was disconnected or
something along those lines, so just add a null check.
|
||
Comment 10•3 years ago
|
||
|
|
Assignee | |
Comment 11•3 years ago
|
||
Comment on attachment 9281413 [details]
Bug 1771383 - Null check mPrintObject in nsPrintJob::SetupToPrintContent().
Beta/Release Uplift Approval Request
- User impact if declined: Crashes while printing under unknown circumstances (maybe if the printer is disconnected while in the middle of printing?).
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This is just a null check. I think the worst that can happen is that we end up crashing a little later.
- String changes made/needed: none
- Is Android affected?: No
|
||
Comment 12•3 years ago
|
||
| bugherder | ||
|
|
||
Comment 13•3 years ago
|
||
Comment on attachment 9281413 [details]
Bug 1771383 - Null check mPrintObject in nsPrintJob::SetupToPrintContent().
Thanks, this will be in our last beta tomorrow!
|
|
||
Comment 14•3 years ago
|
||
| bugherder uplift | ||
|
||
Updated•3 years ago
|
Description
•