Closed Bug 603641 Opened 14 years ago Closed 14 years ago

Crash may occur when clicking in the awesome bar right after being in form view [@ nsIMEStateManager::GetFocusSelectionAndRoot ] on Linux 2.6.28

Categories

(Core :: DOM: Events, defect)

Product:
Core
Component:
DOM: Events
Platform:
ARM
Maemo
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
fennec 2.0+ ---

People

(Reporter: nhirata, Assigned: crowderbt)

References

Details

(Keywords: crash, topcrash, Whiteboard: [VKB])

Crash Data

Attachments

(1 file, 2 obsolete files)

tidied up to land
(deleted), patch
crowderbt
: review+
Details | Diff | Splinter Review
Mozilla/5.0 (Maemo;Linux armv71; rv:2.0b8pre)Gecko/20101012 Firefox/4.0b8pre Fennec/4.0b2pre 1. place the device in portrait view 2. go to URL http://www.amazon.com 3. click in the search field to bring up the form helper + Virtual KeyBoard 4. click in the awesomebar Expected: VKB dismisses and may crash. crash logs: 1. 68e7e1bb-d41e-3a96-40376275-42529707 2. bp-4fc36e22-efb8-424c-8ee7-4391a2101012 Actual: Goes to the awesome page Note: http://crash-stats.mozilla.com/report/index/abedf88a-ebc7-47cd-ae55-cca892101012 Fennec 4.0b2pre Crash Report [@ nsIMEStateManager::GetFocusSelectionAndRoot ] Search Mozilla Support for Help ID: abedf88a-ebc7-47cd-ae55-cca892101012 Signature: nsIMEStateManager::GetFocusSelectionAndRoot Details Modules Raw Dump Extensions Comments Correlations Signature nsIMEStateManager::GetFocusSelectionAndRoot UUID abedf88a-ebc7-47cd-ae55-cca892101012 Time 2010-10-12 08:51:02.24019 Uptime 0 Install Age 272 seconds (4.5 minutes) since version was first installed. Product Fennec Version 4.0b2pre Build ID 20101012024103 OS Linux OS Version 0.0.0 Linux 2.6.28-omap1 #1 PREEMPT Thu Apr 15 09:47:09 EEST 2010 armv7l CPU arm CPU Info Crash Reason SIGSEGV Crash Address 0x0 User Comments Processor Notes EMCheckCompatibility False Crashing Thread Frame Module Signature [Expand] Source 0 libxul.so nsIMEStateManager::GetFocusSelectionAndRoot content/events/src/nsIMEStateManager.cpp:635 1 libxul.so nsContentEventHandler::OnSelectionEvent content/events/src/nsContentEventHandler.cpp:934 2 libxul.so nsEventStateManager::PreHandleEvent content/events/src/nsEventStateManager.cpp:1393 3 libxul.so PresShell::HandleEventInternal layout/base/nsPresShell.cpp:6917 4 libxul.so PresShell::HandleEvent layout/base/nsPresShell.cpp:6686 5 libxul.so nsViewManager::HandleEvent view/src/nsViewManager.cpp:1093 6 libxul.so nsViewManager::DispatchEvent view/src/nsViewManager.cpp:1071 7 libxul.so HandleEvent view/src/nsView.cpp:161 8 libxul.so mozilla::widget::PuppetWidget::DispatchEvent widget/src/xpwidgets/PuppetWidget.cpp:299 9 libxul.so mozilla::widget::PuppetWidget::DispatchEvent widget/src/xpwidgets/PuppetWidget.cpp:306 10 libxul.so mozilla::dom::TabChild::DispatchWidgetEvent dom/ipc/TabChild.cpp:590 11 libxul.so mozilla::dom::TabChild::RecvSelectionEvent dom/ipc/TabChild.cpp:578 12 libxul.so mozilla::dom::PBrowserChild::OnMessageReceived PBrowserChild.cpp:1103 13 libxul.so mozilla::dom::PContentChild::OnMessageReceived PContentChild.cpp:657 14 libxul.so mozilla::ipc::AsyncChannel::OnDispatchMessage ipc/glue/AsyncChannel.cpp:262 15 libxul.so mozilla::ipc::RPCChannel::OnMaybeDequeueOne ipc/glue/RPCChannel.cpp:438 16 libxul.so RunnableMethod<mozilla::ipc::RPCChannel,bool ,Tuple0>::Run ipc/chromium/src/base/tuple.h:383 17 libxul.so mozilla::ipc::RPCChannel::DequeueTask::Run RPCChannel.h:449 18 libxul.so MessageLoop::RunTask ipc/chromium/src/base/message_loop.cc:343 19 libxul.so MessageLoop::DeferOrRunPendingTask ipc/chromium/src/base/message_loop.cc:351 20 libxul.so MessageLoop::DoWork ipc/chromium/src/base/message_loop.cc:451 21 libxul.so mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:114 22 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:229 23 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:219 24 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:202 25 libxul.so nsBaseAppShell::Run widget/src/xpwidgets/nsBaseAppShell.cpp:180 26 libxul.so XRE_RunAppShell toolkit/xre/nsEmbedFunctions.cpp:631 27 libxul.so mozilla::ipc::MessagePumpForChildProcess::Run ipc/glue/MessagePump.cpp:215 28 libxul.so MessageLoop::RunInternal ipc/chromium/src/base/message_loop.cc:219 29 libxul.so MessageLoop::Run ipc/chromium/src/base/message_loop.cc:202 30 libxul.so XRE_InitChildProcess toolkit/xre/nsEmbedFunctions.cpp:506 31 plugin-container main ipc/app/MozillaRuntimeMain.cpp:67 32 libc-2.5.so libc-2.5.so@0x14973 33 plugin-container plugin-container@0x10eb 34 libc-2.5.so libc-2.5.so@0x14927
Expected and Actual corrections: Expected: VKB dismisses Actual: Goes to the awesome page and may crash. crash logs: 1. 68e7e1bb-d41e-3a96-40376275-42529707 2. bp-4fc36e22-efb8-424c-8ee7-4391a2101012
Severity: normal → major
Summary: [VKB]Crash may occur when clicking in the awesome bar right after being in form view → Crash may occur when clicking in the awesome bar right after being in form view
Whiteboard: [VKB]
Summary: Crash may occur when clicking in the awesome bar right after being in form view → Crash may occur when clicking in the awesome bar right after being in form view [@ nsIMEStateManager::GetFocusSelectionAndRoot ]
Severity: major → critical
chenn@24836 659 NS_ASSERTION(sTextStateObserver->mSel && sTextStateObserver->mRootContent, chenn@24836 660 "uninitialized text state observer"); chenn@24836 661 NS_ADDREF(*aSel = sTextStateObserver->mSel); mSel is null.
Blocks: 88831
Component: General → DOM: Events
Product: Fennec → Core
QA Contact: general → events
Assignee: nobody → jimnchen+bmo
tracking-fennec: --- → ?
Naoki - Does this still happen for you?
Keywords: topcrash
Assignee: jimnchen+bmo → crowderbt
tracking-fennec: ? → 2.0+
I'm not a good owner for this; my N900 does not seem to want to do portrait mode (too old?)
crowder: err, the current system software is pr1.3 (20.2010.36-2). But portrait mode is mostly application specific, and the vkb doesn't support portrait (it just opens in landscape).
I have that rev of system software ("About product" says 20.2010.36-2.002), but Fennec still does not rotate into portrait mode when I tilt my device on its side. Also, if the VKB doesn't work in portrait, how do you explain the original STR?
Also, I do not get a VKB in landscape.
ah, that's easy, vkb is off by default, open settings, open text input, check the first check item (roughly "use virtual keyboard")
Please reopen with better STR, if you can find them. I still see a crash with a similar signature happening as recently as 12/6, but don't know how to reproduce this.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
Summary: Crash may occur when clicking in the awesome bar right after being in form view [@ nsIMEStateManager::GetFocusSelectionAndRoot ] → Crash may occur when clicking in the awesome bar right after being in form view [@ nsIMEStateManager::GetFocusSelectionAndRoot ] on Linux 2.6.28
Scoobidiver: You've changed the summary, does this mean you have steps-to-reproduce that work on Linux (as opposed to MaeMo)?
Attached patch wallpaper (obsolete) (deleted) — Splinter Review
Can people who are getting this crash reliably try this fix?
Reopening since I think this might be fixable (in spite of lack of STR)
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
> Scoobidiver: You've changed the summary, does this mean you have > steps-to-reproduce that work on Linux (as opposed to MaeMo)? I did it according to the crash stats because crashes happen to four different users only on this Linux version. http://crash-stats.mozilla.com/report/list?range_value=4&range_unit=weeks&signature=nsIMEStateManager%3A%3AGetFocusSelectionAndRoot&version=Fennec%3A4.0b3pre
Attached patch the right fix (obsolete) (deleted) — Splinter Review
Actually the right fix is this.... I'm keeping the mEditableNode check here, though masayuki suggests it may be unnecessary.
Attachment #496812 - Attachment is obsolete: true
Attachment #496821 - Flags: review?
Comment on attachment 496821 [details] [diff] [review] the right fix r=masayuki
Attachment #496821 - Flags: review? → review+
Keywords: checkin-needed
Attached patch tidied up to land (deleted) — Splinter Review
Carrying over masayuki's review, with a=blocking added to the patch file (and my username)
Attachment #496821 - Attachment is obsolete: true
Attachment #496823 - Flags: review+
http://hg.mozilla.org/mozilla-central/rev/ed44f2f4c7cb QA please verify this in a few days by looking at top crashes for Fennec?
Status: REOPENED → RESOLVED
Closed: 14 years ago14 years ago
Resolution: --- → FIXED
Keywords: checkin-needed
Crash Signature: [@ nsIMEStateManager::GetFocusSelectionAndRoot ]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: