Closed Bug 146255 Opened 23 years ago Closed 22 years ago

[FIX]Typing CTRL+TAB shortly after opening a new tab will crash the browser [@ nsEventStateManager::IsIFrameDoc]

Categories

(Core :: DOM: Events, defect, P1)

defect

Tracking

()

VERIFIED FIXED
mozilla1.2alpha

People

(Reporter: KAustinLuter, Assigned: bzbarsky)

References

Details

(Keywords: crash, testcase, topcrash+)

Crash Data

Attachments

(1 file)

From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.0+) Gecko/20020522 BuildID: 2002052204 If I click on a link while pressing CTRL to open it in a new tab and very quickly thereafter press CTRL+TAB, Mozilla will crash. It will not crash if I have first switched between tabs after opening the new ones, and it will not crash if I wait too long to press CTRL+TAB. Reproducible: Always Steps to Reproduce: 1. Be sure you can control-click links into a new tab (Preferences > Navigator > Tabbed Browsing). 2. Go to a website with a link, hold down the CTRL key, and clikc on a link to open it in a new tab. 3. Press CTRL+TAB very shortly after performing step 2. Actual Results: Mozilla crashes. Expected Results: Focus should have moved from the browser to the address bar.
Keywords: crash
I confirm this crash occurs under Windows 98 with the following agent string: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.1a) Gecko/20020608 Also, in step 2, it is not necessary to open the window via the CTRL-click method. The same crash occurs after clicking the middle mouse button on a link.
This bug still exists in build-ID 2002-06-17-12 under Windows 98. For reference, here is a Talkback Incident ID: TB71442583W.
Correct ID is TB7442583W. nsEventStateManager::IsIFrameDoc [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp, line 4771] nsEventStateManager::ShiftFocusByDoc [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp, line 5023] nsEventStateManager::PostHandleEvent [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp, line 1901] PresShell::HandleEventInternal [c:/builds/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp, line 6189] PresShell::HandleEvent [c:/builds/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp, line 6091] nsViewManager::HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsViewManager.cpp, line 2039] nsView::HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsView.cpp, line 306] nsViewManager::DispatchEvent [c:/builds/seamonkey/mozilla/view/src/nsViewManager.cpp, line 1896] HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsView.cpp, line 83] nsWindow::DispatchEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1029] nsWindow::DispatchWindowEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 1046] nsWindow::DispatchKeyEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 2824] nsWindow::OnKeyDown [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 2900] nsWindow::ProcessMessage [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp, line 3721] 0x22eb84b1
.
Assignee: jaggernaut → joki
Component: Tabbed Browser → DOM Events
QA Contact: sairuh → vladimire
Summary: Typing CTRL+TAB shortly after opening a new tab will crash the browser → Typing CTRL+TAB shortly after opening a new tab will crash the browser [@nsEventStateManager::IsIFrameDoc]
This should be mine.
Assignee: joki → bryner
Status: UNCONFIRMED → NEW
Ever confirmed: true
*** Bug 155519 has been marked as a duplicate of this bug. ***
Same thing happening on Windows XP on two of my systems, here's one of the talkback id's TB9003204W.
*** Bug 141807 has been marked as a duplicate of this bug. ***
This is a current topcrasher for the MozillaTrunk. Adding topcrash and qawanted keywords to see if we can get a solid reproducible testcase. Here is the latest info from Talkback: Rank StackSignature Count 20 nsEventStateManager::IsIFrameDoc 16 Source File : c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp line : 4824 ==================================================================================================== Count Offset Real Signature [ 12 nsEventStateManager::IsIFrameDoc 3e5222ff - nsEventStateManager::IsIFrameDoc ] Crash date range: 2002-08-01 to 2002-08-07 Min/Max Seconds since last crash: 192 - 163210 Min/Max Runtime: 7809 - 344589 Keyword List : Count Platform List 12 Windows NT 5.1 build 2600 Count Build Id List 5 2002080508 2 2002080408 1 2002080308 1 2002080218 1 2002080108 1 2002080104 1 2002072904 No of Unique Users 9 Stack trace(Frame) nsEventStateManager::IsIFrameDoc [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp line 4824] nsEventStateManager::ShiftFocusByDoc [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp line 5076] nsEventStateManager::PostHandleEvent [c:/builds/seamonkey/mozilla/content/events/src/nsEventStateManager.cpp line 1905] PresShell::HandleEventInternal [c:/builds/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp line 6129] PresShell::HandleEvent [c:/builds/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp line 6031] nsViewManager::HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsViewManager.cpp line 2054] nsView::HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsView.cpp line 306] nsViewManager::DispatchEvent [c:/builds/seamonkey/mozilla/view/src/nsViewManager.cpp line 1911] HandleEvent [c:/builds/seamonkey/mozilla/view/src/nsView.cpp line 83] nsWindow::DispatchEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 1038] nsWindow::DispatchWindowEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 1055] nsWindow::DispatchKeyEvent [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 2886] nsWindow::OnKeyDown [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 2975] nsWindow::ProcessMessage [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 3800] nsWindow::WindowProc [c:/builds/seamonkey/mozilla/widget/src/windows/nsWindow.cpp line 1304] USER32.dll + 0x3a5f (0x77d43a5f) USER32.dll + 0x3b2e (0x77d43b2e) USER32.dll + 0x3d6a (0x77d43d6a) USER32.dll + 0x41fd (0x77d441fd) nsAppShellService::Run [c:/builds/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp line 452] main1 [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp line 1534] main [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp line 1881] WinMain [c:/builds/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp line 1899] WinMainCRTStartup() kernel32.dll + 0x1eb69 (0x77e7eb69) (9036907) URL: espn.com (9036907) Comments: bastards! did it again (9036800) URL: espn.com (9036800) Comments: just loaded it (9036526) URL: drudgereport.com (9036526) Comments: just went to that page (9007412) URL: drudgereport.com (9007412) Comments: bah! just gave focus to the window (9003204) Comments: - Open browser- Go to any site- Open up about 4-8 tabbed pages in one window- while one of these is still loading press ctrl-tab- bam browser crashesNote this works fine if no page is loading.I've been able to reproduce this during (9003204) Comments: critical multi pages research just mix up alt-tab and ctrl-tab by mistake.Current behavior: Crashes browserExpected behavior: Nothing or focus/cursor moves to url location (8989182) URL: ezh@infonet.ee (8878928) Comments: Pressed Alt-F6 by mistake.
Keywords: qawanted, topcrash
Summary: Typing CTRL+TAB shortly after opening a new tab will crash the browser [@nsEventStateManager::IsIFrameDoc] → Typing CTRL+TAB shortly after opening a new tab will crash the browser [@ nsEventStateManager::IsIFrameDoc]
I just tried several times to reproduce this on Linux and Windows XP and was not able to.
I just got nearly the same bug with build 2002082814, Windows NT4, SP6 After typing the URL into the address field (e.g. http://www.vol.at) the browser starts to load the page. Now I press Ctrl-Tab rapidly a few times and suddenly I get my favourite, Dr. Watson. Don't need additional opened Tabs to reproduce the bug. Johannes
Yep, I was able to reproduce this on 1.1 on WinME. I used Johannes' method in comment #11.
*** Bug 166035 has been marked as a duplicate of this bug. ***
There's a testcase (with 100% reproducible crash) within bug 166035.
*** Bug 165336 has been marked as a duplicate of this bug. ***
Adding keyword testcase - see comment 14.
Keywords: testcase
Per Adam and Olivier's comments (#14 & #16) removing "qawanted" and upgrading to topcrash+
Keywords: qawanted, topcrashtopcrash+
I get this absolutely reliably with 2002090415 (trunk). The key is to hit ctrl+tab while the other tab is still loading. Talkbacks: TB10420918M TB01421031Q TB10421081E TB10421192Q Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.1b) Gecko/20020904
*** Bug 167397 has been marked as a duplicate of this bug. ***
Attached patch proposed patchSplinter Review
This fixes the crash in the testcases from bug 167397 and bug 166035. I suspect it'll fix this crash in all cases.
This happens on Linux too, of course.
OS: Windows 2000 → All
Hardware: PC → All
Comment on attachment 98359 [details] [diff] [review] proposed patch sr=bryner
Attachment #98359 - Flags: superreview+
Comment on attachment 98359 [details] [diff] [review] proposed patch r=aaronl
Attachment #98359 - Flags: review+
Comment on attachment 98359 [details] [diff] [review] proposed patch a=asa (on behalf of drivers) for checkin to 1.2a. Who will land this for us? Time is short.
Attachment #98359 - Flags: approval+
taking.
Assignee: bryner → bzbarsky
Priority: -- → P1
Summary: Typing CTRL+TAB shortly after opening a new tab will crash the browser [@ nsEventStateManager::IsIFrameDoc] → [FIX]Typing CTRL+TAB shortly after opening a new tab will crash the browser [@ nsEventStateManager::IsIFrameDoc]
Target Milestone: --- → mozilla1.2alpha
Checked in
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
*** Bug 169965 has been marked as a duplicate of this bug. ***
*** Bug 170815 has been marked as a duplicate of this bug. ***
verifying.
Status: RESOLVED → VERIFIED
Crash Signature: [@ nsEventStateManager::IsIFrameDoc]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: