Crash in [@ mozilla::dom::ResponsiveImageSelector::Content]
Categories
(Core :: Layout, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr91 | --- | unaffected |
firefox-esr102 | --- | unaffected |
firefox104 | --- | unaffected |
firefox105 | --- | unaffected |
firefox106 | --- | fixed |
People
(Reporter: mccr8, Assigned: boris)
References
(Regression)
Details
(Keywords: crash, regression)
Crash Data
Attachments
(1 file)
Crash report: https://crash-stats.mozilla.org/report/index/e544b670-19da-4447-addd-7459c0220824
Reason: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
Top 10 frames of crashing thread:
0 XUL mozilla::dom::ResponsiveImageSelector::Content dom/base/ResponsiveImageSelector.cpp:199
1 XUL mozilla::dom::HTMLImageElement::PictureSourceDimensionChanged dom/html/HTMLImageElement.cpp:1031
2 XUL mozilla::dom::HTMLSourceElement::AfterSetAttr dom/html/HTMLSourceElement.cpp:144
3 XUL mozilla::dom::Element::SetAttr dom/base/Element.cpp:2493
4 XUL mozilla::dom::Element_Binding::setAttribute dom/bindings/ElementBinding.cpp:1697
5 XUL mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions> dom/bindings/BindingUtils.cpp:3287
6 None @0x0000283c78ecc454
7 None @0x0000283c78ecc454
8 None @0x0000283c7907110c
9 None @0x0000283c78ecc0fc
Null deref crash. This signature is present in older versions, but it looks like it has started popping up fairly frequently on Nightly, so I think this is a regression, probably from bug 1694741, which has code in the stack and just landed.
Maybe mResponsiveSelector is null on this line?
if (mResponsiveSelector->Content() == aSourceNode) {
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
|
||
Yes. My fault. We should do the null check in this line. Sorry for this.
Assignee | ||
Comment 2•2 years ago
|
||
PictureSourceDimensionChanged may be called by an image element with a null
selector (because we call this function on all the image elements after
the source element).
Updated•2 years ago
|
Comment 4•2 years ago
|
||
bugherder |
Comment 5•2 years ago
|
||
bugherder |
Description
•