Closed
Bug 161444
Opened 22 years ago
Closed 22 years ago
crash doing 'select all' [@ nsTypedSelection::selectFrames]
Categories
(Core :: DOM: Selection, defect)
Tracking
()
VERIFIED
FIXED
People
(Reporter: jrgmorrison, Assigned: mjudge)
References
()
Details
(Keywords: crash, regression, topcrash, Whiteboard: EDITORBASE)
Crash Data
Attachments
(2 files)
3.35 KB,
text/plain
|
Details | |
1008 bytes,
patch
|
Brade
:
review+
sfraser_bugs
:
superreview+
|
Details | Diff | Splinter Review |
crash doing 'select all' [@ nsTypedSelection::selectFrames] Steps to repro: 1) start browser, load http://www.mozilla.org/start.html 2) set focus in content area 3) Ctrl-A 4) crash On second pass in to selectFrames, |frame| is null... result = mFrameSelection->GetTracker()->GetPrimaryFrameFor(innercontent, &frame); if (NS_SUCCEEDED(result) && frame) //NOTE: eSpreadDown is now IGNORED. Selected state is set only for given // frame frame->SetSelected(aPresContext, nsnull,aFlags,eSpreadDown); //spread from // here to hit all frames in flow frame->GetRect(frameRect); //<-- added this line, //<-- but it's not part of the //<-- |if (... && frame)| check above nsTypedSelection::selectFrames(nsTypedSelection * const 0x035e4548, nsIPresContext * 0x036304a8, nsIContentIterator * 0x036c9848, nsIContent * 0x02a379b8, nsIDOMRange * 0x036ee7a0, nsIPresShell * 0x0362b008, int 0x00000001) line 4988 + 9 bytes nsTypedSelection::selectFrames(nsTypedSelection * const 0x035e4548, nsIPresContext * 0x036304a8, nsIDOMRange * 0x036ee7a0, int 0x00000001) line 5091 nsTypedSelection::Extend(nsTypedSelection * const 0x02d437e0, nsIDOMNode * 0x036ee7a0, int 0x036ee7a0) line 6565 nsTypedSelection::SelectAllChildren(nsTypedSelection * const 0x00000002, nsIDOMNode * 0x04eff8f0) line 6846 + 12 bytes DocumentViewerImpl::SelectAll(DocumentViewerImpl * const 0x02cbba2c) line 5452 nsDOMWindowController::DoCommandWithEditInterface(nsDOMWindowController * const 0x02502890, const char * 0x0012e198) line 6159 nsDOMWindowController::DoCommand(nsDOMWindowController * const 0x0246b198, const char * 0x0012e198) line 6104 + 9 bytes nsXBLPrototypeHandler::ExecuteHandler(nsXBLPrototypeHandler * const 0x024a5f60, nsIDOMEventReceiver * 0x1004bf24 const nsDefaultStringComparator::`vftable', nsIDOMEvent * 0x02fad558) line 328 nsXBLWindowHandler::WalkHandlersInternal(nsXBLWindowHandler * const 0x02502890, nsIDOMEvent * 0x02fad558, nsIAtom * 0x019ccfc8, nsIXBLPrototypeHandler * 0x0199ebc8) line 312 nsXBLWindowKeyHandler::WalkHandlers(nsXBLWindowKeyHandler * const 0x021abf48, nsIDOMEvent * 0x02fad558, nsIAtom * 0x019ccfc8) line 183 nsXBLWindowKeyHandler::KeyPress(nsXBLWindowKeyHandler * const 0x021abf48, nsIDOMEvent * 0x02fad558) line 199 nsEventListenerManager::HandleEvent(nsEventListenerManager * const 0x01a79808, nsIPresContext * 0x00000000, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x021abf48, nsIDOMEventTarget * 0x0199ebc8, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 1707 nsWindowRoot::HandleChromeEvent(nsWindowRoot * const 0x00000000, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 182 GlobalWindowImpl::HandleDOMEvent(GlobalWindowImpl * const 0x019fee60, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 784 nsXULDocument::HandleDOMEvent(nsXULDocument * const 0x00eed720, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 2625 nsXULElement::HandleDOMEvent(nsXULElement * const 0x021aa360, nsIPresContext * 0x036304a8, nsEvent * 0x00000000, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3476 + 21 bytes nsXULElement::HandleDOMEvent(nsXULElement * const 0x021e5770, nsIPresContext * 0x036304a8, nsEvent * 0x021aa360, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x021e5898, nsIPresContext * 0x036304a8, nsEvent * 0x021e5770, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x021e59a0, nsIPresContext * 0x036304a8, nsEvent * 0x021e5898, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x021e59e0, nsIPresContext * 0x036304a8, nsEvent * 0x021e59a0, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x023ed0e8, nsIPresContext * 0x036304a8, nsEvent * 0x021e59e0, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x023f5ba0, nsIPresContext * 0x036304a8, nsEvent * 0x023ed0e8, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleDOMEvent(nsXULElement * const 0x023f5c48, nsIPresContext * 0x036304a8, nsEvent * 0x023f5ba0, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3472 nsXULElement::HandleChromeEvent(nsXULElement * const 0x00eed720, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 4681 + 24 bytes GlobalWindowImpl::HandleDOMEvent(GlobalWindowImpl * const 0x024176f0, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 784 nsDocument::HandleDOMEvent(nsDocument * const 0x03a85b98, nsIPresContext * 0x036304a8, nsEvent * 0x0012fb20, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000002, nsEventStatus * 0x0012fa84) line 3531 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x039cb538, nsIPresContext * 0x036304a8, nsEvent * 0x00000000, nsIDOMEvent * * 0x0012f918, unsigned int 0x00000001, nsEventStatus * 0x0012fa84) line 1852 + 16 bytes PresShell::HandleEventInternal(PresShell * const 0x02502890, nsEvent * 0x037b0da0, nsIView * 0x0246b870, unsigned int 0x00000001, nsEventStatus * 0x0012fa84) line 6105 + 18 bytes PresShell::HandleEvent(PresShell * const 0x037b0da0, nsIView * 0x0246b870, nsGUIEvent * 0x0012fb20, nsEventStatus * 0x0012fa84, int 0x00000001, int & 0x00000001) line 6028 + 18 bytes nsViewManager::HandleEvent(nsViewManager * const 0x02502890, nsView * 0x00000001, nsGUIEvent * 0x00000000, int 0x00000000) line 2052 nsView::HandleEvent(nsView * const 0x02502890, nsViewManager * 0x02b9cd70, nsGUIEvent * 0x0012fb20, int 0x00000000) line 306 nsViewManager::DispatchEvent(nsViewManager * const 0x02b9cd70, nsGUIEvent * 0x0246b870, nsEventStatus * 0x0012fae8) line 1903 + 30 bytes HandleEvent(nsGUIEvent * 0x0012fb20) line 83 nsWindow::DispatchEvent(nsWindow * const 0x02e5622c, nsGUIEvent * 0x0012fb20, nsEventStatus & nsEventStatus_eIgnore) line 1038 nsWindow::DispatchWindowEvent(nsWindow * const 0x02502890, nsGUIEvent * 0x00000000) line 1055 nsWindow::DispatchKeyEvent(nsWindow * const 0x02502890, unsigned int 0x00000083, unsigned short 0x0061, unsigned int 0x00000000, long 0x00000000) line 2885 + 14 bytes nsWindow::OnChar(nsWindow * const 0x02502890, unsigned int 0x00000001, unsigned int 0x00000001, unsigned char 0x00) line 3063 + 17 bytes nsWindow::ProcessMessage(nsWindow * const 0x02502890, unsigned int 0x00000102, unsigned int 0x00000001, long 0x001e0001, long * 0x0012fda0) line 3712 nsWindow::WindowProc(HWND__ * 0x02a20088, unsigned int 0x00000000, unsigned int 0x00000001, long 0x02e5622c) line 1303 + 16 bytes USER32! 77e13eb0() USER32! 77e1401a() USER32! 77e192da() nsAppShellService::Run(nsAppShellService * const 0x00ef2d30) line 452 main1(int 0x00000001, char * * 0x00253af8, nsISupports * 0x00253b30) line 1516 + 9 bytes main(int 0x00000001, char * * 0x00253af8) line 1876 + 26 bytes WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00400000, char * 0x00133352, HINSTANCE__ * 0x00400000) line 1896 + 23 bytes MOZILLA! WinMainCRTStartup + 308 bytes KERNEL32! 77e87903()
Reporter | ||
Comment 1•22 years ago
|
||
er, that url is http://www.mozilla.org/start/ (not .../start.html), but I don't think the content really matters. (I first crashed doing select all on the 'about:cache?device=disk' page).
On Linux, I merely have to start a selection of text in a page, it seems (trunk) Crashed 4 times so far today, allthough i realized what was going on after the second crash. It's veeery easy to start a selection by accident. Blocker? Changing OS.
OS: Windows 2000 → All
Comment 3•22 years ago
|
||
I'm seeing this on 2002080704. Here are some TBs: TB9063846G TB9063949K Comment #2 may be bug 153457, I'm seeing that today as well.
Comment 5•22 years ago
|
||
I assume this is a regression? adding some keywords/status
Whiteboard: EDITORBASE
Comment 6•22 years ago
|
||
seeing this *frequently* in 2002080705/Linux, since like to select-and-drag rather than dragging on the scrollbar, this bug is really annoying :(
perhaps needless to say, but backing out the checkins for bug 159207 cure the crashes.. cvs update -j1.51 -j1.50 mozilla/layout/html/base/src/nsHRFrame.cpp cvs update -j3.384 -j3.383 mozilla/layout/html/base/src/nsFrame.cpp cvs update -j3.125 -j3.124 mozilla/content/base/src/nsSelection.cpp
hmm missed a {} around the indented code. I added it to the code above but not the crashing block. I have fix looking for when I can check it in.
Status: NEW → ASSIGNED
code was indented allready as though it was in a block. I forgot to add the {} to make it a block sorry. 2 line fix
Comment 10•22 years ago
|
||
Comment on attachment 94347 [details] [diff] [review] patch for {} in nsSelection.cpp r=brade
Attachment #94347 -
Flags: review+
Comment 11•22 years ago
|
||
likely duplicates: bug 161500, bug 161484, bug 161500
Comment 12•22 years ago
|
||
bug 161499
Updated•22 years ago
|
Attachment #94347 -
Flags: superreview+
Comment 13•22 years ago
|
||
Comment on attachment 94347 [details] [diff] [review] patch for {} in nsSelection.cpp sr=sfraser
Comment 14•22 years ago
|
||
*** Bug 161484 has been marked as a duplicate of this bug. ***
Comment 15•22 years ago
|
||
*** Bug 161500 has been marked as a duplicate of this bug. ***
Assignee | ||
Comment 16•22 years ago
|
||
fixed.
Assignee | ||
Comment 17•22 years ago
|
||
fixed.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Comment 18•22 years ago
|
||
This would definitely be a good bug for those in the "always use braces even for one line blocks" camp for the next style wars showdown... That most likely would have prevented this crasher from happening...
Comment 20•22 years ago
|
||
*** Bug 161541 has been marked as a duplicate of this bug. ***
Comment 21•22 years ago
|
||
*** Bug 161543 has been marked as a duplicate of this bug. ***
Comment 22•22 years ago
|
||
*** Bug 161536 has been marked as a duplicate of this bug. ***
Comment 23•22 years ago
|
||
*** Bug 161517 has been marked as a duplicate of this bug. ***
Comment 24•22 years ago
|
||
*** Bug 161538 has been marked as a duplicate of this bug. ***
Comment 25•22 years ago
|
||
*** Bug 161643 has been marked as a duplicate of this bug. ***
Comment 26•22 years ago
|
||
*** Bug 161614 has been marked as a duplicate of this bug. ***
Comment 27•22 years ago
|
||
*** Bug 161669 has been marked as a duplicate of this bug. ***
Comment 28•22 years ago
|
||
adding topcrash keyword so that talkback automation does not show this crash as open.
Keywords: topcrash
Comment 29•22 years ago
|
||
*** Bug 161714 has been marked as a duplicate of this bug. ***
Comment 30•22 years ago
|
||
*** Bug 161513 has been marked as a duplicate of this bug. ***
Comment 31•22 years ago
|
||
*** Bug 161698 has been marked as a duplicate of this bug. ***
Comment 32•22 years ago
|
||
*** Bug 161833 has been marked as a duplicate of this bug. ***
Comment 33•22 years ago
|
||
Is this bug fixed? See bugzilla bug: http://bugzilla.mozilla.org/show_bug.cgi?id=161538
Updated•13 years ago
|
Crash Signature: [@ nsTypedSelection::selectFrames]
You need to log in
before you can comment on or make changes to this bug.
Description
•