If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

infinite loop? in nsStrPrivate::GrowCapacity if editing a password field in a form

RESOLVED DUPLICATE of bug 207094

Status

()

Core
String
RESOLVED DUPLICATE of bug 207094
14 years ago
14 years ago

People

(Reporter: Dan, Assigned: jag (Peter Annema))

Tracking

1.4 Branch
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: DUPEME?, URL)

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030701
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030701

When I try to backspace over an already-entered password entry, Mozilla freezes.
 I have to kill it to continue.

Reproducible: Always

Steps to Reproduce:
1. Go to any webpage that has a "username" and "password" field.  (I just
happened to find this on a Bugzilla system, although it works with
http://alum.mit.edu/ too.)
2. Type in a password.
3. Type in a username.
4. Click back to the password field, put the cursor at the very end, and hit
backspace a few times.
5. Watch everything slow to a crawl.
Actual Results:  
Netscape became unresponsive.  A kill -15 closed it down.  I got a stack trace
when I connected wit hgdb to the still-running process.  (See "additional
information.")

Expected Results:  
Let me backspace.

I connected with gdb and did a stack trace, and got this:

(gdb) bt
#0  0x080605a0 in nsStrPrivate::GrowCapacity(nsStr&, unsigned) ()
#1  0x0805ddae in nsString::SetCapacity(unsigned) ()
#2  0x0805dd46 in nsString::SetLength(unsigned) ()
#3  0x40a32d44 in nsAString::Cut(unsigned, unsigned) () from
/usr/lib/mozilla-1.4/libxpcom.so
#4  0x451c8727 in NSGetModule () from /usr/lib/mozilla-1.4/components/libeditor.so
#5  0x451c7000 in NSGetModule () from /usr/lib/mozilla-1.4/components/libeditor.so
#6  0x451c1b49 in NSGetModule () from /usr/lib/mozilla-1.4/components/libeditor.so
#7  0x451ca96d in NSGetModule () from /usr/lib/mozilla-1.4/components/libeditor.so
#8  0x40e23a7a in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#9  0x40dd0c45 in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#10 0x40e7c9ad in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#11 0x40cadc1d in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#12 0x40cad45d in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#13 0x40fae9aa in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#14 0x40fa6972 in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#15 0x40fade19 in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#16 0x40fa60f8 in NSGetModule () from /usr/lib/mozilla-1.4/components/libgklayout.so
#17 0x41990eee in NSGetModule () from
/usr/lib/mozilla-1.4/components/libwidget_gtk2.so
#18 0x41989d9d in NSGetModule () from
/usr/lib/mozilla-1.4/components/libwidget_gtk2.so
#19 0x4198d6ff in NSGetModule () from
/usr/lib/mozilla-1.4/components/libwidget_gtk2.so
#20 0x401b9c2f in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#21 0x4043ced7 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#22 0x4044f983 in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
#23 0x4044e7af in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#24 0x4044ebe4 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#25 0x4029f6fb in gtk_widget_send_expose () from /usr/lib/libgtk-x11-2.0.so.0
#26 0x402ad2b6 in _gtk_window_query_nonaccels () from /usr/lib/libgtk-x11-2.0.so.0
#27 0x401b9c2f in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#28 0x4043d247 in g_cclosure_new_swap () from /usr/lib/libgobject-2.0.so.0
#29 0x4043ced7 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#30 0x4044f439 in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
#31 0x4044e7af in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#32 0x4044ebe4 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#33 0x4029f6fb in gtk_widget_send_expose () from /usr/lib/libgtk-x11-2.0.so.0
#34 0x401b9adc in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
#35 0x401b8725 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#36 0x403771a5 in _gdk_events_queue () from /usr/lib/libgdk-x11-2.0.so.0
#37 0x40490b35 in g_get_current_time () from /usr/lib/libglib-2.0.so.0
#38 0x40491b78 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#39 0x40491e8d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#40 0x4049258f in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#41 0x401b7f5f in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#42 0x4198f634 in NSGetModule () from
/usr/lib/mozilla-1.4/components/libwidget_gtk2.so
#43 0x4196db1a in NSGetModule () from
/usr/lib/mozilla-1.4/components/libnsappshell.so
#44 0x0804e0c0 in main1(int, char**, nsISupports*) ()
#45 0x0804e777 in main ()
#46 0x420156a4 in __libc_start_main () from /lib/tls/libc.so.6
(gdb) q
The program is running.  Quit anyway (and detach it)? (y or n) y
Detaching from program: /usr/lib/mozilla-1.4/mozilla-bin, process 16178

Here's what's running on my system:

$ rpm -qa | grep -i moz
mozilla-js-debugger-1.4-0
mozilla-1.4-0
mozilla-nspr-1.4-0
mozilla-psm-1.4-0
mozilla-mail-1.4-0
mozilla-chat-1.4-0
mozilla-nss-1.4-0
mozilla-dom-inspector-1.4-0

Comment 1

14 years ago
You've been tricked by symbol stripping. NSGetModule is a public symbol, none
of the other functions in the libraries listed are, so when gdb needs to get a
stack trace it gives things relative to it.

That said, there are bugs about GrowCapacity, this might be a dupe.
Does this happen w/ a current build?
Assignee: dveditz+bmo → mozeditor
Component: Form Manager → Editor: Core
QA Contact: sairuh
Summary: infinite loop in NSGetModule and nsStrPrivate::GrowCapacity if editting a password field in a form → infinite loop? in nsStrPrivate::GrowCapacity if editting a password field in a form
Whiteboard: DUPEME?
Version: Trunk → 1.4 Branch

Comment 2

14 years ago
If we really think the loop is in string code, then it should be assigned there.
Assignee: mozeditor → jag
Component: Editor: Core → String
QA Contact: sairuh → scc

Comment 3

14 years ago
dupe of "Hang while backspacing password fields"

*** This bug has been marked as a duplicate of 207094 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → DUPLICATE
Summary: infinite loop? in nsStrPrivate::GrowCapacity if editting a password field in a form → infinite loop? in nsStrPrivate::GrowCapacity if editing a password field in a form
You need to log in before you can comment on or make changes to this bug.