Closed Bug 205063 Opened 22 years ago Closed 17 years ago

assertion on indent, accessing invalid memory location

Categories

(Core :: DOM: Editor, defect, P4)

x86
Windows 2000
defect

Tracking

()

RESOLVED FIXED

People

(Reporter: KaiE, Assigned: smontagu)

Details

Attachments

(1 file, 2 obsolete files)

Simon reported it, and I can reproduce. Latest trunk, open new composer window, use "indent" toolbar button or command. Actual behaviour: - an assertion is shown, see stack trace below. The code in WillCSSIndent tries to access the first entry in an array, although the array is empty. (reproducible) - Simon sees the caret going to the "partially visible" state. I can not reproduce that. But that could be a sideeffect of corrupting memory, caused by the invalid array entry access. nsVoidArray::ElementAt(int 0) line 72 + 35 bytes nsCOMArray_base::ObjectAt(int 0) line 98 nsCOMArray<nsIDOMNode>::ObjectAt(int 0) line 147 nsCOMArray<nsIDOMNode>::operator[](int 0) line 152 nsHTMLEditRules::WillCSSIndent(nsISelection * 0x0573bf70, int * 0x0012d3ac, int * 0x0012d3f4) line 3449 + 10 bytes nsHTMLEditRules::WillIndent(nsISelection * 0x0573bf70, int * 0x0012d3ac, int * 0x0012d3f4) line 3368 + 20 bytes nsHTMLEditRules::WillDoAction(nsHTMLEditRules * const 0x04661d54, nsISelection * 0x0573bf70, nsRulesInfo * 0x0012d3b4, int * 0x0012d3ac, int * 0x0012d3f4) line 548 + 23 bytes nsHTMLEditor::Indent(nsHTMLEditor * const 0x055a44d8, const nsAString & {...}) line 2906 + 56 bytes nsIndentCommand::DoCommand(nsIndentCommand * const 0x053e2078, const char * 0x05487378, nsISupports * 0x055a43f0) line 537 + 43 bytes nsControllerCommandTable::DoCommand(nsControllerCommandTable * const 0x053678c8, const char * 0x05487378, nsISupports * 0x055a43f0) line 191 + 31 bytes nsBaseCommandController::DoCommand(nsBaseCommandController * const 0x05361090, const char * 0x05487378) line 133
Attached patch Patch (obsolete) — Splinter Review
This patch removes the assertion and the caret problem for me.
Attached patch Same patch with diff -w (obsolete) — Splinter Review
Attachment #122877 - Flags: superreview?(sfraser)
Attachment #122877 - Flags: review?(jfrancis)
Correction: this patch doesn't always fix the caret problem :-(
Attachment #122877 - Flags: superreview?(sfraser)
Attachment #122877 - Flags: review?(jfrancis)
Attached patch Better patchSplinter Review
Attachment #122877 - Attachment is obsolete: true
Attachment #122878 - Attachment is obsolete: true
Attachment #122902 - Flags: review+
Attachment #122902 - Flags: superreview?(sfraser)
BTW, in case my last two comments are misleading, the last patch *still* doesn't fix the cursor problem.
Attachment #122902 - Flags: superreview?(sfraser) → superreview+
taking
Assignee: jfrancis → smontagu
QA Contact: bugzilla → editor
Flags: blocking1.9?
Flags: blocking1.9? → blocking1.9+
Priority: -- → P4
What's the status of this, four years later?
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: