Open Bug 399791 Opened 17 years ago Updated 1 year ago

Spellcheck accesses computed style on nodes outside the document

Categories

(Core :: Spelling checker, defect, P5)

x86
Linux
defect

Tracking

()

People

(Reporter: bzbarsky, Unassigned)

Details

STEPS TO REPRODUCE: 1) Load the testcase for bug 399712 (see URL field) 2) Note that nsContentUtils::IsNativeAnonymous is being called on nodes which are not in a document. The stack is: #0 0xb4c73d2b in nsContentUtils::IsNativeAnonymous (aContent=0x8b786f8) at ../../../../mozilla/content/base/src/nsContentUtils.cpp:3701 #1 0xb4bbdd21 in nsStyleSet::FileRules (this=0x8b59918, aCollectorFunc=0xb4bbd7c2 <EnumRulesMatching>, aData=0xbfffe370) at ../../../mozilla/layout/style/nsStyleSet.cpp:515 #2 0xb4bbef71 in nsStyleSet::ResolveStyleFor (this=0x8b59918, aContent=0x8b786f8, aParentContext=0x0) at ../../../mozilla/layout/style/nsStyleSet.cpp:667 #3 0xb4b9ebdf in nsInspectorCSSUtils::GetStyleContextForContent (aContent=0x8b786f8, aPseudo=0x0, aPresShell=0x8b59a48) at ../../../mozilla/layout/style/nsInspectorCSSUtils.cpp:158 #4 0xb4b8770e in nsComputedDOMStyle::GetPropertyCSSValue (this=0x8b48760, aPropertyName=@0xbfffe650, aReturn=0xbfffe570) at ../../../mozilla/layout/style/nsComputedDOMStyle.cpp:321 #5 0xb4b87413 in nsComputedDOMStyle::GetPropertyValue (this=0x8b48760, aPropertyName=@0xbfffe650, aReturn=@0xbfffe660) at ../../../mozilla/layout/style/nsComputedDOMStyle.cpp:287 #6 0xb72dae7e in IsBreakElement (aDocView=0xb1e4edf8, aNode=0x8b78714) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellWordUtil.cpp:508 #7 0xb72db146 in mozInlineSpellWordUtil::BuildSoftText (this=0xbfffeb40) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellWordUtil.cpp:564 #8 0xb72da2e5 in mozInlineSpellWordUtil::EnsureWords (this=0xbfffeb40) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellWordUtil.cpp:270 #9 0xb72da262 in mozInlineSpellWordUtil::SetPosition (this=0xbfffeb40, aNode=0x8b78448, aOffset=0) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellWordUtil.cpp:256 #10 0xb72d21c5 in mozInlineSpellChecker::DoSpellCheck (this=0x8daff38, aWordUtil=@0xbfffeb40, aSpellCheckSelection=0x8b77020, aStatus=0x8b5dd3c, aDoneChecking=0xbfffeb08) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellChecker.cpp:1304 #11 0xb72d2e95 in mozInlineSpellChecker::ResumeCheck (this=0x8daff38, aStatus=0x8b5dd3c) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellChecker.cpp:1450 #12 0xb72d9326 in mozInlineSpellResume::Run (this=0x8b5dd30) at ../../../../mozilla/extensions/spellcheck/src/mozInlineSpellChecker.cpp:500 I don't think we should be spell-checking nodes that are no longer in the document....
Once this is fixed, we should back out the "fix" for bug 399712.
Assignee: mscott → nobody
QA Whiteboard: qa-not-actionable

In the process of migrating remaining bugs to the new severity system, the severity for this bug cannot be automatically determined. Please retriage this bug using the new severity system.

Severity: major → --

There is no more nsContentUtils::IsNativeAnonymous but we have now a combination of flags set by SetIsNativeAnonymousRoot. But that does not mean necessarily that we do not have this problem any more?

Flags: needinfo?(smaug)
Severity: -- → S3
Priority: -- → P4

We might still have this issue, in some form, if spellchecker manages to keep references to nodes which aren't in the document.

But that should be a rather minor thing.

Flags: needinfo?(smaug)
Severity: S3 → N/A
Priority: P4 → P5
Severity: N/A → S4
You need to log in before you can comment on or make changes to this bug.