Closed Bug 945308 Opened 12 years ago Closed 12 years ago

crash in mozilla::a11y::HyperTextAccessible::GetBoundsInFrame(nsIFrame*, unsigned int, unsigned int)

Categories

(Core :: Disability Access APIs, defect)

Product:
Core
Component:
Disability Access APIs
Version:
28 Branch
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla28

People

(Reporter: tracy, Assigned: surkov)

Details

(Keywords: crash, topcrash-win)

Crash Data

Attachments

(1 file)

patch
879 bytes, patch
tbsaunde
: review+
Details | Diff | Splinter Review
This bug was filed from the Socorro interface and is report bp-9fb19193-026a-4e3f-ad36-b8f7f2131202. ============================================================= This has risen to the #2 topcrasher on Nightly (Fx28) on builds since 2013112605. Appears to be essentially isolated to Facebook, with a few random other sites in crash reports. A few comments say just typing in comment they crashed. Frame Module Signature Source 0 xul.dll mozilla::a11y::HyperTextAccessible::GetBoundsInFrame(nsIFrame *,unsigned int,unsigned int) accessible/src/generic/HyperTextAccessible.cpp 1 xul.dll mozilla::a11y::HyperTextAccessible::TextBounds(int,int,unsigned int) accessible/src/generic/HyperTextAccessible.cpp 2 xul.dll mozilla::a11y::HyperTextAccessible::GetCaretRect(nsIWidget * *) accessible/src/generic/HyperTextAccessible.cpp 3 xul.dll mozilla::a11y::AccessibleWrap::UpdateSystemCaretFor(mozilla::a11y::Accessible *) accessible/src/windows/msaa/AccessibleWrap.cpp 4 xul.dll mozilla::a11y::AccessibleWrap::HandleAccEvent(mozilla::a11y::AccEvent *) accessible/src/windows/msaa/AccessibleWrap.cpp 5 xul.dll mozilla::a11y::HyperTextAccessibleWrap::HandleAccEvent(mozilla::a11y::AccEvent *) accessible/src/windows/msaa/HyperTextAccessibleWrap.cpp 6 xul.dll nsEventShell::FireEvent(mozilla::a11y::AccEvent *) accessible/src/base/nsEventShell.cpp 7 xul.dll mozilla::a11y::FocusManager::ProcessFocusEvent(mozilla::a11y::AccEvent *) accessible/src/base/FocusManager.cpp 8 xul.dll mozilla::a11y::EventQueue::ProcessEventQueue() accessible/src/base/EventQueue.cpp 9 xul.dll mozilla::a11y::NotificationController::WillRefresh(mozilla::TimeStamp) accessible/src/base/NotificationController.cpp 10 xul.dll nsRefreshDriver::Tick(__int64,mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp 11 xul.dll mozilla::RefreshDriverTimer::TickDriver(nsRefreshDriver *,__int64,mozilla::TimeStamp) layout/base/nsRefreshDriver.cpp 12 xul.dll mozilla::RefreshDriverTimer::Tick() layout/base/nsRefreshDriver.cpp 13 xul.dll nsTimerImpl::Fire() xpcom/threads/nsTimerImpl.cpp 14 xul.dll nsThread::ProcessNextEvent(bool,bool *) xpcom/threads/nsThread.cpp 15 xul.dll NS_ProcessNextEvent(nsIThread *,bool) xpcom/glue/nsThreadUtils.cpp 16 xul.dll mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate *) ipc/glue/MessagePump.cpp 17 xul.dll MessageLoop::RunHandler() ipc/chromium/src/base/message_loop.cc 18 xul.dll MessageLoop::Run() ipc/chromium/src/base/message_loop.cc 19 xul.dll nsBaseAppShell::Run() widget/xpwidgets/nsBaseAppShell.cpp 20 xul.dll nsAppShell::Run() widget/windows/nsAppShell.cpp 21 xul.dll nsAppStartup::Run() toolkit/components/startup/nsAppStartup.cpp 22 xul.dll XREMain::XRE_mainRun() toolkit/xre/nsAppRunner.cpp 23 xul.dll XREMain::XRE_main(int,char * * const,nsXREAppData const *) toolkit/xre/nsAppRunner.cpp 24 xul.dll XRE_main toolkit/xre/nsAppRunner.cpp 25 firefox.exe do_main browser/app/nsBrowserApp.cpp 26 firefox.exe NS_internal_main(int,char * *) browser/app/nsBrowserApp.cpp 27 firefox.exe wmain toolkit/xre/nsWindowsWMain.cpp 28 firefox.exe __tmainCRTStartup f:/dd/vctools/crt_bld/self_x86/crt/src/crtexe.c 29 kernel32.dll BaseThreadInitThunk 30 ntdll.dll __RtlUserThreadStart 31 ntdll.dll _RtlUserThreadStart
seems to be broken tree, assert (it should be in a good state at WillRefresh) + null check
Attached patch patchSplinter Review
Assignee: nobody → surkov.alexander
Status: NEW → ASSIGNED
Attachment #8341760 - Flags: review?(trev.saunders)
Comment on attachment 8341760 [details] [diff] [review] patch ugh :(
Attachment #8341760 - Flags: review?(trev.saunders) → review+
https://hg.mozilla.org/mozilla-central/rev/87468d6fc936
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla28
Calling this verified fixed since there are no reports of this signature with a build ID newer than 2013120503.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: