MOZ_DIAGNOSTIC_ASSERT(mozilla::AnyOf(loadingInfo->mContiguousEntries.begin(), loadingInfo->mContiguousEntries.end(), pred)) (The target entry now needs to be a part of the contiguous list of entries.)
Categories
(Core :: DOM: Navigation, defect, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox144 | --- | disabled |
People
(Reporter: hsinyi, Unassigned)
References
(Blocks 2 open bugs, )
Details
(Keywords: crash, testcase, Whiteboard: [fuzzblocker])
Crash Data
Attachments
(1 file)
|
176 bytes,
text/html
|
Details |
Crash report: https://crash-stats.mozilla.org/report/index/8ff551eb-307c-4279-a5f9-2045f0250916
MOZ_CRASH Reason:
MOZ_DIAGNOSTIC_ASSERT(mozilla::AnyOf(loadingInfo->mContiguousEntries.begin(), loadingInfo->mContiguousEntries.end(), pred)) (The target entry now needs to be a part of the contiguous list of entries.)
Top 10 frames:
0 xul.dll mozilla::dom::CanonicalBrowsingContext::CreateLoadingSessionHistoryEntryForLo... docshell/base/CanonicalBrowsingContext.cpp:727
0 xul.dll mozilla::net::DocumentLoadListener::Open(nsDocShellLoadState*, mozilla::net::... netwerk/ipc/DocumentLoadListener.cpp:852
1 xul.dll mozilla::net::DocumentLoadListener::OpenDocument(nsDocShellLoadState*, unsign... netwerk/ipc/DocumentLoadListener.cpp:1102
2 xul.dll mozilla::net::DocumentChannelParent::Init(mozilla::dom::CanonicalBrowsingCont... netwerk/ipc/DocumentChannelParent.cpp:69
2 xul.dll mozilla::net::NeckoParent::RecvPDocumentChannelConstructor(mozilla::net::PDoc... netwerk/ipc/NeckoParent.cpp:270
3 xul.dll mozilla::net::PNeckoParent::OnMessageReceived(IPC::Message const&) ipc/ipdl/PNeckoParent.cpp:1819
4 xul.dll mozilla::dom::PContentParent::OnMessageReceived(IPC::Message const&) ipc/ipdl/PContentParent.cpp:6523
5 xul.dll mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecyc... ipc/glue/MessageChannel.cpp:1797
5 xul.dll mozilla::ipc::MessageChannel::DispatchMessage(mozilla::ipc::ActorLifecyclePro... ipc/glue/MessageChannel.cpp:1723
5 xul.dll mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::ActorLifecycleProxy*, ... ipc/glue/MessageChannel.cpp:1512
Preference: dom.navigation.webidl.enabled was set to true
|
Reporter | |
Comment 1•6 months ago
•
|
||
I encountered this signature twice in the past two days.
Vague STRs for the 1st hit:
I have a pinned chatgpt tab. I was chatting in another chatgpt tab. Then I refreshed the pinned one. I got a crash.
I didn't manage to reproduce again following these STRs.
Vague STRs for the 2nd hit:
The crash happened when I navigated between interview scorecards in greenhouse. First crash happened upon clicking the back button. Right after the first crash and the restoration, when I clicked the back button on a greenhouse tab again, I got the second crash. I wanted to see if it's reliably reproducible, but I couldn't.
|
|
Reporter | |
Updated•6 months ago
|
|
||
Updated•6 months ago
|
|
||
Updated•6 months ago
|
|
||
Comment 4•1 month ago
|
||
FYI it looks like you already know how to reproduce, but bug 2013913 contains a pernosco session.
|
||
Updated•1 month ago
|
| Comment hidden (Intermittent Failures Robot) |
|
|
||
Comment 6•28 days ago
|
||
The browser fuzzers are reporting this frequently, marking as fuzzblocker.
|
|
||
Comment 7•28 days ago
|
||
|
||
Comment 8•23 days ago
|
||
This bug prevents fuzzing from making progress; however, it has low severity. It is important for fuzz blocker bugs to be addressed in a timely manner (see here why?).
:masayuki, could you consider increasing the severity?
For more information, please visit BugBot documentation.
|
|
||
Updated•23 days ago
|
|
||
Comment 9•19 days ago
|
||
So it appears that the failure from the testcase in comment 7 is appearing as the result of an about:blank page for an iframe being loaded with a Replace navigation type.
This specific behaviour is changed by the patch for bug 1998954, which from my testing appears to stop the crashes from this testcase.
Description
•