crash in nsHTMLEditor::SplitStyleAbovePoint

RESOLVED FIXED

Status

()

--
critical
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: njn, Assigned: ayg)

Tracking

({crash})

Trunk
Unspecified
Windows NT
crash
Points:
---

Firefox Tracking Flags

(firefox48 affected)

Details

(crash signature)

(Reporter)

Description

2 years ago
This bug was filed from the Socorro interface and is 
report bp-a9353322-463c-46da-87b1-c043b2160422.
=============================================================

This is a new crash that first appeared in Nightly 20160420030213. It's happened 7 times so far. It looks like it might be a null deref.

> 0 	xul.dll 	nsHTMLEditor::SplitStyleAbovePoint(nsCOMPtr<nsINode>*, int*, nsIAtom*, nsAString_internal const*, nsIContent**, nsIContent**) 	editor/libeditor/nsHTMLEditorStyle.cpp
> 1 	xul.dll 	nsHTMLEditRules::JoinBlocks(nsIContent&, nsIContent&, bool*) 	editor/libeditor/nsHTMLEditRules.cpp
> 2 	xul.dll 	nsHTMLEditRules::WillDeleteSelection(mozilla::dom::Selection*, short, short, bool*, bool*) 	editor/libeditor/nsHTMLEditRules.cpp
> 3 	xul.dll 	nsHTMLEditRules::WillDoAction(mozilla::dom::Selection*, nsRulesInfo*, bool*, bool*) 	editor/libeditor/nsHTMLEditRules.cpp
> 4 	xul.dll 	nsPlaintextEditor::DeleteSelection(short, short) 	editor/libeditor/nsPlaintextEditor.cpp
> 5 	xul.dll 	nsEditor::HandleKeyPressEvent(nsIDOMKeyEvent*) 	editor/libeditor/nsEditor.cpp
> 6 	xul.dll 	nsHTMLEditor::HandleKeyPressEvent(nsIDOMKeyEvent*) 	editor/libeditor/nsHTMLEditor.cpp
> 7 	xul.dll 	nsEditorEventListener::KeyPress(nsIDOMKeyEvent*) 	editor/libeditor/nsEditorEventListener.cpp
> 8 	xul.dll 	nsEditorEventListener::HandleEvent(nsIDOMEvent*) 	editor/libeditor/nsEditorEventListener.cpp

It might be related to bug 1190172, which touched this code recently.
(Reporter)

Comment 1

2 years ago
Aryeh, can you please take a look?
Flags: needinfo?(ayg)
This is because I changed an NS_ENSURE_TRUE to a MOZ_ASSERT.  If I were redoing these patches now, I probably wouldn't do that.  The fix is just to change it back.

Note: the patch seems to have been backed out for other reasons, so we just need to fix before relanding.
Assignee: nobody → ayg
Status: NEW → ASSIGNED
Flags: needinfo?(ayg)
Should be fixed in the new version of the patch: https://hg.mozilla.org/mozilla-central/rev/9c056080ee98#l3.68
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.