Note: There are a few cases of duplicates in user autocompletion which are being worked on.

Crash with mouse over Forecastfox

VERIFIED FIXED in mozilla8

Status

()

Core
General
--
critical
VERIFIED FIXED
6 years ago
6 years ago

People

(Reporter: Antti Tervasmäki, Assigned: hsivonen)

Tracking

({crash})

Trunk
mozilla8
x86_64
Windows 7
crash
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [inbound], crash signature)

Attachments

(1 attachment)

(Reporter)

Description

6 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0a1) Gecko/20110730 Firefox/8.0a1
Build ID: 20110730030836

Steps to reproduce:

Mouse over Forecastfox


Actual results:

Crash


Expected results:

Forecastfox extension shows more info.
(Reporter)

Comment 1

6 years ago
Nightly 110729 does not crash.

Nightly 110730 crashes:
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0a1) Gecko/20110730 Firefox/8.0a1 ID:20110730030836 

https://crash-stats.mozilla.com/report/index/bp-3c5894cf-b095-4cc0-bd8e-56e402110731
Maybe related to/Dupe of Bug 675437.
(Reporter)

Comment 3

6 years ago
Yes, I agree, it is related to that, did not find that bug..:-(
Severity: normal → critical
Crash Signature: [@ nsScriptableUnescapeHTML::ParseFragment(nsAString_internal const&, int, nsIURI*, nsIDOMElement*, nsIDOMDocumentFragment**) ]
Component: General → General
Depends on: 675437
Keywords: crash
Product: Firefox → Core
QA Contact: general → general
Summary: Crash: nsScriptableUnescapeHTML::ParseFragment(nsAString_internal const&, int, nsIURI*, nsIDOMElement*, nsIDOMDocumentFragment**) → Crash with mouse over Forecastfox

Comment 4

6 years ago
Comments on https://crash-stats.mozilla.com/report/list?signature=nsScriptableUnescapeHTML%3A%3AParseFragment%28nsAString_internal%20const%26%2C%20int%2C%20nsIURI%2A%2C%20nsIDOMElement%2A%2C%20nsIDOMDocumentFragment%2A%2A%29 suggest that this happens with all kinds of RSS feeds.

Henri, can you confirm that this is the same as bug 675437?
Bug 675437 Fix is available in http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds/mozilla-inbound-win32/1312208046/ if anyone (Antti?) wants to check the Extension Case of this Report.
(In reply to comment #4)
> Comments on
> https://crash-stats.mozilla.com/report/
> list?signature=nsScriptableUnescapeHTML%3A%3AParseFragment%28nsAString_intern
> al%20const%26%2C%20int%2C%20nsIURI%2A%2C%20nsIDOMElement%2A%2C%20nsIDOMDocume
> ntFragment%2A%2A%29 suggest that this happens with all kinds of RSS feeds.
> 
> Henri, can you confirm that this is the same as bug 675437?

Based on stacks, it seems that this is different.
Assignee: nobody → hsivonen
Created attachment 550056 [details] [diff] [review]
Null-check base URI in the HTML case
Attachment #550056 - Flags: review?(bzbarsky)

Updated

6 years ago
Blocks: 482909

Updated

6 years ago
Duplicate of this bug: 675925

Updated

6 years ago
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 9

6 years ago
Comment on attachment 550056 [details] [diff] [review]
Null-check base URI in the HTML case

r=me
Attachment #550056 - Flags: review?(bzbarsky) → review+
Thanks. Pushed to inbound:
http://hg.mozilla.org/integration/mozilla-inbound/rev/78efa76773a6
Status: NEW → ASSIGNED
Flags: in-testsuite?
Whiteboard: [inbound]
http://hg.mozilla.org/mozilla-central/rev/78efa76773a6
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla8
Flags: in-testsuite? → in-testsuite+
Verifying Fixed using latest m-c hourly build based on:

http://hg.mozilla.org/mozilla-central/rev/c35c69e1ce99
Status: RESOLVED → VERIFIED
Added [@ nsScriptableUnescapeHTML::ParseFragment ] since that was the Mac and Linux specific signature for this crash.
Crash Signature: [@ nsScriptableUnescapeHTML::ParseFragment(nsAString_internal const&, int, nsIURI*, nsIDOMElement*, nsIDOMDocumentFragment**) ] → [@ nsScriptableUnescapeHTML::ParseFragment(nsAString_internal const&, int, nsIURI*, nsIDOMElement*, nsIDOMDocumentFragment**) ] [@ nsScriptableUnescapeHTML::ParseFragment ]
You need to log in before you can comment on or make changes to this bug.