Closed
Bug 403664
Opened 17 years ago
Closed 17 years ago
crash when pasting into textfield with rich text mode (a.o. Gmail) [@ nsParser::ParseFragment()]
Categories
(Core :: General, defect, P2)
Tracking
()
VERIFIED
FIXED
People
(Reporter: Peter6, Assigned: ted)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(2 files)
|
7.47 KB,
text/plain
|
Details | |
|
1008 bytes,
patch
|
pavlov
:
review+
pavlov
:
superreview+
|
Details | Diff | Splinter Review |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b2pre) Gecko/2007111309 Minefield/3.0b2pre ID:2007111309 repro: open FF open Gmail create a new message (rich text format) type some text copy and paste that text into the textfield result: crash reghressionwindow http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=PhoenixTinderbox&branch=HEAD&branchtype=match&filetype=match&whotype=match&sortby=Date&hours=2&date=explicit&mindate=1194916500&maxdate=1194920639&cvsroot=%2Fcvsroot ->Bug 403549
|
||
Comment 1•17 years ago
|
||
I had the crash on the rich-text editor on newsbusters.org, too.
|
Reporter | |
Comment 2•17 years ago
|
||
bp-1d8d3f26-9220-11dc-a542-001a4bd43e5c 0 nsParser::ParseFragment(nsAString_internal const&, void*, nsTArray<nsAutoString>&, int, nsACString_internal const&, nsDTDMode) mozilla/parser/htmlparser/src/nsParser.cpp:1464 1 nsHTMLEditor::ParseFragment(nsAString_internal const&, nsTArray<nsAutoString>&, nsIDocument*, nsCOMPtr<nsIDOMNode>*) mozilla/editor/libeditor/html/nsHTMLDataTransfer.cpp:2665 2 nsHTMLEditor::CreateDOMFragmentFromPaste(nsAString_internal const&, nsAString_internal const&, nsAString_internal const&, nsCOMPtr<nsIDOMNode>*, nsCOMPtr<nsIDOMNode>*, nsCOMPtr<nsIDOMNode>*, int*, int*) mozilla/editor/libeditor/html/nsHTMLDataTransfer.cpp:2554 3 nsHTMLEditor::InsertHTMLWithContext(nsAString_internal const&, nsAString_internal const&, nsAString_internal const&, nsAString_internal const&, nsIDOMDocument*, nsIDOMNode*, int, int) mozilla/editor/libeditor/html/nsHTMLDataTransfer.cpp:298 4 nsHTMLEditor::InsertFromTransferable(nsITransferable*, nsIDOMDocument*, nsAString_internal const&, nsAString_internal const&, nsIDOMNode*, int, int) mozilla/editor/libeditor/html/nsHTMLDataTransfer.cpp:1312 5 nsHTMLEditor::Paste(int) mozilla/editor/libeditor/html/nsHTMLDataTransfer.cpp:1899 6 nsPasteCommand::DoCommand(char const*, nsISupports*) mozilla/editor/libeditor/base/nsEditorCommands.cpp:418 7 nsControllerCommandTable::DoCommand(char const*, nsISupports*) mozilla/embedding/components/commandhandler/src/nsControllerCommandTable.cpp:191 8 nsBaseCommandController::DoCommand(char const*) mozilla/embedding/components/commandhandler/src/nsBaseCommandController.cpp:169 9 nsXBLPrototypeHandler::ExecuteHandler(nsPIDOMEventTarget*, nsIDOMEvent*) mozilla/content/xbl/src/nsXBLPrototypeHandler.cpp:359 10 nsXBLWindowKeyHandler::WalkHandlersInternal(nsIDOMEvent*, nsIAtom*, nsXBLPrototypeHandler*) mozilla/content/xbl/src/nsXBLWindowKeyHandler.cpp:548 11 nsXBLWindowKeyHandler::WalkHandlers(nsIDOMEvent*, nsIAtom*) mozilla/content/xbl/src/nsXBLWindowKeyHandler.cpp:346 12 nsXBLWindowKeyHandler::KeyPress(nsIDOMEvent*) mozilla/content/xbl/src/nsXBLWindowKeyHandler.cpp:403 13 nsEventListenerManager::HandleEvent(nsPresContext*, nsEvent*, nsIDOMEvent**, nsISupports*, unsigned int, nsEventStatus*) mozilla/content/events/src/nsEventListenerManager.cpp:1208 14 nsEventTargetChainItem::HandleEvent(nsEventChainPostVisitor&, unsigned int) mozilla/content/events/src/nsEventDispatcher.cpp:206 15 nsEventTargetChainItem::HandleEventTargetChain(nsEventChainPostVisitor&, unsigned int, nsDispatchingCallback*) mozilla/content/events/src/nsEventDispatcher.cpp:287 16 nsEventTargetChainItem::HandleEventTargetChain(nsEventChainPostVisitor&, unsigned int, nsDispatchingCallback*) mozilla/content/events/src/nsEventDispatcher.cpp:316 17 nsEventDispatcher::Dispatch(nsISupports*, nsPresContext*, nsEvent*, nsIDOMEvent*, nsEventStatus*, nsDispatchingCallback*) mozilla/content/events/src/nsEventDispatcher.cpp:479 18 PresShell::HandleEventInternal(nsEvent*, nsIView*, nsEventStatus*) mozilla/layout/base/nsPresShell.cpp:5792 19 PresShell::HandleEvent(nsIView*, nsGUIEvent*, nsEventStatus*) mozilla/layout/base/nsPresShell.cpp:5593 20 nsViewManager::HandleEvent(nsView*, nsPoint, nsGUIEvent*, int) mozilla/view/src/nsViewManager.cpp:1296 21 nsViewManager::DispatchEvent(nsGUIEvent*, nsEventStatus*) mozilla/view/src/nsViewManager.cpp:1252 22 HandleEvent mozilla/view/src/nsView.cpp:168 23 nsWindow::DispatchEvent(nsGUIEvent*, nsEventStatus&) mozilla/widget/src/windows/nsWindow.cpp:1053 24 nsWindow::DispatchWindowEvent(nsGUIEvent*) mozilla/widget/src/windows/nsWindow.cpp:1073 25 nsWindow::DispatchKeyEvent(unsigned int, unsigned short, unsigned int, long, unsigned int) mozilla/widget/src/windows/nsWindow.cpp:3174 26 nsWindow::OnKeyDown(unsigned int, unsigned int, long) mozilla/widget/src/windows/nsWindow.cpp:3395 27 nsWindow::ProcessMessage(unsigned int, unsigned int, long, long*) mozilla/widget/src/windows/nsWindow.cpp:4325 28 nsWindow::WindowProc(HWND__*, unsigned int, unsigned int, long) mozilla/widget/src/windows/nsWindow.cpp:1266 29 InternalCallWinProc 30 UserCallWinProcCheckWow 31 DispatchMessageWorker 32 DispatchMessageW 33 nsAppShell::ProcessNextNativeEvent(int) mozilla/widget/src/windows/nsAppShell.cpp:148 34 nsBaseAppShell::DoProcessNextNativeEvent(int) mozilla/widget/src/xpwidgets/nsBaseAppShell.cpp:137 35 nsBaseAppShell::OnProcessNextEvent(nsIThreadInternal*, int, unsigned int) mozilla/widget/src/xpwidgets/nsBaseAppShell.cpp:247 36 nsThread::ProcessNextEvent(int, int*) mozilla/xpcom/threads/nsThread.cpp:477 37 NS_ProcessNextEvent_P(nsIThread*, int) nsThreadUtils.cpp:227 38 nsBaseAppShell::Run() mozilla/widget/src/xpwidgets/nsBaseAppShell.cpp:154 39 nsAppStartup::Run() mozilla/toolkit/components/startup/src/nsAppStartup.cpp:170 40 XRE_main mozilla/toolkit/xre/nsAppRunner.cpp:3142 41 main mozilla/browser/app/nsBrowserApp.cpp:153 42 WinMain mozilla/browser/app/nsBrowserApp.cpp:166 43 __tmainCRTStartup crtexe.c:589 44 BaseProcessStart
Summary: crash when pasting into textfield with rich text mode (a.o. Gmail) → crash when pasting into textfield with rich text mode (a.o. Gmail) [@ nsIParser::ParseFragment()]
|
||
Updated•17 years ago
|
Flags: blocking1.9?
|
||
Updated•17 years ago
|
Flags: blocking1.9? → blocking1.9+
Priority: -- → P2
|
||
Comment 3•17 years ago
|
||
I'm seeing this crash consistently when sending a mail/news message from recent SeaMonkey builds (I can provide a stacktrace if wanted), and I can confirm that bug 403549 caused it, as locally backing out all of http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=HEAD&branchtype=match&who=jonas%25sicking.cc&whotype=match&sortby=Date&date=explicit&mindate=2007-11-12+17%3A30&maxdate=2007-11-12+18%3A30&cvsroot=%2Fcvsroot fixes the problem.
|
|
||
Comment 4•17 years ago
|
||
CCing Jonas, as his checkin caused the crashes seen here.
|
|
||
Comment 5•17 years ago
|
||
Just FYI, here the stacktrace of the crash from mailnews posting, which I have confirmed to be fixed with a local backout of Jonas' patch.
|
||
Updated•17 years ago
|
Summary: crash when pasting into textfield with rich text mode (a.o. Gmail) [@ nsIParser::ParseFragment()] → crash when pasting into textfield with rich text mode (a.o. Gmail) [@ nsParser::ParseFragment()]
|
||
Comment 8•17 years ago
|
||
schrep (re "P2"): always crashing when pasting in webapps (google docs and gmail) is not a blocker for the next beta? Like, seriously?
|
|
||
Comment 10•17 years ago
|
||
It looks like this needs to be duped to bug 403877. That bug already has a reviewed patch.
|
||
Comment 11•17 years ago
|
||
The patch from bug 403877 fixes the crash for mailnews postings. SM 2.0a, Linux
|
||
Comment 13•17 years ago
|
||
Thunderbird also crashes when copying text from a received email to a new composed email under the same nightly updates.
|
||
Comment 14•17 years ago
|
||
I have a crash in TB Trunk nightly (version 3.0a1pre (2007111504)) when pasting text copied from a webpage into a new email.
|
|
||
Comment 15•17 years ago
|
||
Right after sending the crash report TB restart operational inmediately
|
||
Comment 16•17 years ago
|
||
This bug reports a crash that occurs when doing a paste operation. Bug 403841 has been marked as a duplicate of this bug because of similarity of the crash stacks. But it is a bug that occurs when a compose window is closed, not when a paste operation is done. I would like some expert in this core code to look at and determine if bug 403841 really is a duplicate of this bug, or not.
|
||
Comment 17•17 years ago
|
||
I notice this crash as well (Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b2pre) Gecko/2007111505 Minefield/3.0b2pre) when pasting into the Gmail rich text editor. It crashes with any text pasted using Ctrl+V and right-click+Paste.
|
Assignee | |
Comment 18•17 years ago
|
||
Really simple fix, just a reversed boolean value in nsHTMLEditor::ParseFragment, from sicking's patch on bug 403549: // figure out if we are parsing full context or not - PRBool bContext = (aTagStack.Count()==0); + PRBool bContext = !aTagStack.IsEmpty(); Patch in 1 min after I verify the fix.
Assignee: nobody → ted.mielczarek
|
|
Assignee | |
Comment 19•17 years ago
|
||
Attachment #288914 -
Flags: review?(jonas)
|
||
Updated•17 years ago
|
Attachment #288914 -
Flags: superreview+
Attachment #288914 -
Flags: review?(jonas)
Attachment #288914 -
Flags: review+
Doh! Thanks for the fix!
|
|
Assignee | |
Comment 21•17 years ago
|
||
No prob. Checked in, could use a test.
Status: NEW → RESOLVED
Closed: 17 years ago
Flags: in-testsuite?
Resolution: --- → FIXED
|
||
Comment 22•17 years ago
|
||
With today's Thunderbird trunk build Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b2pre) Gecko/2007111605 Minefield/3.0b2pre ID:2007111605 no crashes any longer after sending a mail / posting.
|
||
Comment 23•17 years ago
|
||
I still see this crash when sending from Seamonkey. I do have the change and I'm sending plain text emails. The stack is the same one that is in the first attachment here.
|
|
||
Comment 24•17 years ago
|
||
(In reply to comment #23) > I still see this crash when sending from Seamonkey. See Comment #11. I am now building my SMs with this patch and have not had a crash since then.
|
|
||
Comment 25•17 years ago
|
||
The crash of TB continues with today's nightly update version 3.0a1pre (2007111604)
|
|
||
Comment 26•17 years ago
|
||
Since the fix for this bug definitely did not fix the crash reported in bug 403841, we know conclusively that bug 403841 is not a duplicate of this one. But the stacks are similar. Could I ask one of the folks who worked on this bug to look at the crash IDs in bug 403841?
|
|
||
Comment 27•17 years ago
|
||
Hartmut, thank you. I had read that comment, but somehow failed to connect the dots. With that patch, it doesn't crash now.
|
|
||
Comment 29•17 years ago
|
||
with nightly update version 3.0a1pre (2007111703) just installed this bug 403664 seems solved as TB does not crash any more when pasting text from an email to another to be sent, and sent really.
|
||
Comment 30•16 years ago
|
||
verified fixed using Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9b3) Gecko/2008020514 Firefox/3.0b3 ID:2008020514 and the steps to reproduce - no crash -> Verified fixed
Status: RESOLVED → VERIFIED
|
||
Updated•13 years ago
|
Crash Signature: [@ nsParser::ParseFragment()]
You need to log in
before you can comment on or make changes to this bug.
Description
•