Closed
Bug 282709
Opened 20 years ago
Closed 20 years ago
Crash entering empty table cell from input (submit) using Caret Browsing
Categories
(Core :: Layout: Text and Fonts, defect)
Tracking
()
VERIFIED
WORKSFORME
People
(Reporter: djcater+bugzilla, Unassigned)
References
()
Details
(Keywords: crash, testcase)
Attachments
(1 file)
|
336 bytes,
application/xhtml+xml
|
Details |
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20050126 Firefox/1.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20050126 Firefox/1.0 When using Caret Browsing, navigating from a submit button to a completely empty table data cell (not even whitespace,) the browser crashes. Reproducible: Always Steps to Reproduce: 1. Load up the provided testcase. 2. Use Caret Browsing (F7.) 3. Press Tab until the button is highlighted and the caret is at the beginning of the button (should just be one press.) 4. Press the left arrow key. Actual Results: Caret doesn't move, browser crashes. Expected Results: Caret should have moved to the empty cell, and the browser should have continued to run. This occurred using the build specified above on Gentoo Linux, Mozilla 1.7.5 (20050130) on Gentoo Linux, and also Firefox/1.0 on Windows XP. When I boot into Windows I will post a link to the Talkback crash. I have also devised a simplified testcase which shows the crash clearly. I will attach it shortly.
Follow instructions in first post to test the crash using this testcase.
|
||
Updated•20 years ago
|
Assignee: aaronleventhal → ginn.chen
(In reply to comment #0) > I will post a link to the Talkback crash http://talkback-public.mozilla.org./talkback/fastfind.jsp?search=2&type=iid&id=TB3778660Q Basics: Stack Signature nsTextFrame::PeekOffset 9a3a2129 Product ID Firefox10 Build ID 2004110711 Platform Win32 Operating System Windows NT 5.1 build 2600 Module firefox.exe + (0022e6cb) URL visited https://bugzilla.mozilla.org./attachment.cgi?id=174681 Trigger Reason Stack overflow Source File, Line No. d:/builds/tinderbox/firefox-1.0/WINNT_5.0_Clobber/mozilla/layout/html/base/src/nsTextFrame.cpp, line 3870 And after that a whole load of: nsTextFrame::PeekOffset [d:/builds/tinderbox/firefox-1.0/WINNT_5.0_Clobber/mozilla/layout/html/base/src/nsTextFrame.cpp, line 3943]
Assignee: ginn.chen → nobody
Component: Keyboard: Navigation → Layout: Fonts and Text
Keywords: crash
QA Contact: bugzilla → layout.fonts-and-text
|
||
Comment 3•20 years ago
|
||
IMHO dupe of bug 256835, which was fixed on trunk. Crash with FF1.0.1NB/20050216/WXP -> TB3779554Z WFM M1.8b1NB/2005021614/WXP WFM FF1.0+NB/20050218/WXP
Keywords: testcase
Version: Trunk → 1.7 Branch
|
||
Comment 4•20 years ago
|
||
Yeah, worksforme on trunk too. Not sure it's a direct dup of bug 256835, but it's definitely not crashing.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•