Crash in [@ mozilla::dom::EventTarget::ComputeWantsUntrusted]
Categories
(Core :: DOM: Events, defect, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| thunderbird_esr102 | --- | unaffected |
| firefox-esr102 | --- | unaffected |
| firefox110 | --- | unaffected |
| firefox111 | --- | wontfix |
| firefox112 | --- | fixed |
People
(Reporter: wsmwk, Assigned: mkmelin)
References
(Regression)
Details
(Keywords: crash, regression, topcrash-thunderbird, Whiteboard: [tbird topcrash])
Crash Data
Attachments
(1 file)
#2 crash for 111.0a1. First crash below at buildid 20230209104417. Still exists in 112.0a1. And a beta crash at bp-30540e59-ada4-44f3-8b36-aa0a60230217
Crash report: https://crash-stats.mozilla.org/report/index/47d77a2a-58c8-4bdc-ba22-678070230210
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 10 frames of crashing thread:
0 xul.dll mozilla::dom::EventTarget::ComputeWantsUntrusted dom/events/EventTarget.cpp:47
0 xul.dll mozilla::dom::EventTarget::AddSystemEventListener dom/events/EventTarget.cpp:111
1 xul.dll mozilla::dom::EventTarget::AddSystemEventListener dom/events/EventTarget.h:114
1 xul.dll mozilla::dom::MenuBarListener::MenuBarListener dom/xul/MenuBarListener.cpp:70
2 xul.dll mozilla::dom::XULMenuBarElement::BindToTree dom/xul/XULMenuBarElement.cpp:82
3 xul.dll mozilla::dom::Element::BindToTree dom/base/Element.cpp:1833
4 xul.dll nsStyledElement::BindToTree dom/base/nsStyledElement.cpp:214
5 xul.dll nsXULElement::BindToTree dom/xul/nsXULElement.cpp:628
6 xul.dll nsINode::InsertChildBefore dom/base/nsINode.cpp:1586
7 xul.dll nsINode::ReplaceOrInsertBefore dom/base/nsINode.cpp:2825
|
Reporter | |
Comment 2•2 years ago
|
||
No Thunderbird nightly crashes after build 20230215102959, so far.
|
|
Reporter | |
Comment 3•2 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #2)
No Thunderbird nightly crashes after build 20230215102959, so far.
still
|
|
Reporter | |
Comment 4•2 years ago
|
||
However, there are 111.0b1 crashes https://crash-stats.mozilla.org/search/?product=Thunderbird&version=111.0b1&date=%3E%3D2023-02-21T15%3A40%3A00.000Z&date=%3C2023-02-28T15%3A40%3A00.000Z&_facets=signature&_sort=-date&_columns=date&_columns=signature&_columns=product&_columns=version&_columns=build_id&_columns=platform#facet-signature
|
|
Reporter | |
Updated•2 years ago
|
|
|
Reporter | |
Comment 5•2 years ago
|
||
any ideas what this could be?
bp-13e91a90-5b6f-486a-aae4-fdddf0230228 linux
bp-0f491aa5-27d0-461f-8d65-a9d460230228 windows
|
|
Reporter | |
Comment 6•2 years ago
|
||
I found no correlations to add-ons.
There are no Firefox crashes.
Maybe we get lucky and there are no crashes after 112 merges to beta in two weeks.
At the crash point, all callees in ComputeDefaultWantsUntrusted do null-check correctly. So, it seems that the method is called with nullptr. The root caller does not do null-check but nsContentUtils::GetWindowRoot() may return nullptr.
|
Assignee | |
Comment 8•2 years ago
|
||
|
||
Updated•2 years ago
|
|
|
Reporter | |
Updated•2 years ago
|
|
|
Reporter | |
Comment 10•2 years ago
|
||
FWIW, there are no useful user comments in the crash reports, so we don't know what action(s) in Thunderbird is triggering this.
|
||
Comment 11•2 years ago
|
||
| bugherder | ||
|
||
Updated•2 years ago
|
|
||
Comment 12•2 years ago
|
||
The patch landed in nightly and beta is affected.
:mkmelin, is this bug important enough to require an uplift?
- If yes, please nominate the patch for beta approval.
- If no, please set
status-firefox111towontfix.
For more information, please visit auto_nag documentation.
|
|
Reporter | |
Comment 14•2 years ago
|
||
V.fixed - no crashes happening on beta nor nightly
Description
•