Closed
Bug 1784387
Opened 2 years ago
Closed 2 years ago
Crash in [@ nsDocShell::Reload] in ContentChild::RecvReload
Categories
(Core :: DOM: Navigation, defect)
Core
DOM: Navigation
Tracking
()
RESOLVED
FIXED
105 Branch
| Tracking | Status | |
|---|---|---|
| firefox-esr91 | --- | unaffected |
| firefox-esr102 | --- | fixed |
| firefox103 | --- | wontfix |
| firefox104 | --- | wontfix |
| firefox105 | --- | fixed |
People
(Reporter: mccr8, Assigned: smaug)
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-esr102+
|
Details | Review |
Crash report: https://crash-stats.mozilla.org/report/index/a49aefa2-e293-4f03-aa77-804da0220811
Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Top 10 frames of crashing thread:
0 XUL nsDocShell::Reload docshell/base/nsDocShell.cpp:4106
1 XUL mozilla::dom::ContentChild::RecvReload dom/ipc/ContentChild.cpp:4536
2 XUL mozilla::dom::PContentChild::OnMessageReceived ipc/ipdl/PContentChild.cpp:13342
3 XUL mozilla::ipc::MessageChannel::RunMessage ipc/glue/MessageChannel.cpp:1474
4 XUL mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal xpcom/threads/TaskController.cpp:851
5 XUL mozilla::TaskController::ProcessPendingMTTask xpcom/threads/TaskController.cpp:461
6 XUL nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:1205
7 XUL NS_ProcessNextEvent xpcom/threads/nsThreadUtils.cpp:465
8 XUL mozilla::jsinspector::nsJSInspector::EnterNestedEventLoop devtools/platform/nsJSInspector.cpp:70
9 XUL _NS_InvokeByIndex
Low volume, but there are a few of these. Null derefs.
nsCOMPtr<nsIContentViewer> cv(mContentViewer);
...
MOZ_TRY(cv->PermitUnload(&okToUnload));
I guess cv is null here.
|
Assignee | |
Comment 1•2 years ago
|
||
No test, since the patch is based on the crash reports. Creating a test which relies on some race conditions through IPC is hard.
|
||
Updated•2 years ago
|
Assignee: nobody → smaug
Status: NEW → ASSIGNED
Pushed by opettay@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/273e5f345a7f Crash in [@ nsDocShell::Reload] in ContentChild::RecvReload, r=mccr8
|
||
Comment 3•2 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox105:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 105 Branch
|
||
Updated•2 years ago
|
status-firefox103:
--- → wontfix
status-firefox104:
--- → wontfix
status-firefox-esr102:
--- → affected
status-firefox-esr91:
--- → unaffected
Flags: in-testsuite-
|
|
||
Comment 4•2 years ago
|
||
Please nominate this for ESR102 approval when you get a chance.
Flags: needinfo?(smaug)
|
|
Assignee | |
Comment 5•2 years ago
|
||
Comment on attachment 9289856 [details]
Bug 1784387 - Crash in [@ nsDocShell::Reload] in ContentChild::RecvReload, r=mccr8
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Simple null check to fix crashes
- User impact if declined: Crashes
- Fix Landed on Version: 105
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Null check
Flags: needinfo?(smaug)
Attachment #9289856 -
Flags: approval-mozilla-esr102?
|
|
||
Comment 6•2 years ago
|
||
Comment on attachment 9289856 [details]
Bug 1784387 - Crash in [@ nsDocShell::Reload] in ContentChild::RecvReload, r=mccr8
Approved for 102.3esr.
Attachment #9289856 -
Flags: approval-mozilla-esr102? → approval-mozilla-esr102+
|
|
||
Comment 7•2 years ago
|
||
| bugherder uplift | ||
You need to log in
before you can comment on or make changes to this bug.
Description
•