Bug 12491

Summary: REGRESSION: ASSERT in WebCore with Mail
Product: WebKit Reporter: piet <piet.webkit>
Component: Page LoadingAssignee: Maciej Stachowiak <mjs>
Status: RESOLVED FIXED    
Severity: Critical CC: ddkilzer, mjs
Priority: P1 Keywords: InRadar, Regression
Version: 420+   
Hardware: Mac   
OS: OS X 10.4   
Attachments:
Description Flags
Stack trace of crash
none
fix patch mitz: review+

Description piet 2007-01-30 23:04:13 PST
I checked out and built the WebKit in debug mode, around 8pm today, then
launched Mail from the Terminal:

    WebKit/WebKitTools/Scripts/run-webkit-app Mail --debug

Apparently WebCore crashes every time I select a HTML mail and click Reply. 

I get the same crash when I launch Mail under Debugger (after adding it as
Executable in WebKit.xcodeproj) due to an ASSERT in
WebCore::MainResourceLoader::didReceiveData, because 'data' is null.

It doesn't crash when displaying the HTML mail (for instance, a mail with
CSS3 columns is displayed correctly in the 3-pane window). It only crashes
after clicking Reply. Also it doesn't crash when replying to plain text
messages, only to HTML messages (any kind of HTML, even a simple FONT FACE).

Unfortunately I don't have enough history with the WebKit to confirm whether this is a recent regression or not. However some work has been done recently to fix crashes that show WebCore::ResourceLoader::didReceiveData towards the bottom of the stack in bug 12458 (checked in this morning) and bug 12444 (checked in this afternoon). See also bug 12365 (checked in 2007-01-25) and maybe bug 12355 (checked in 2007-01-21).
Comment 1 David Kilzer (:ddkilzer) 2007-01-31 05:17:42 PST
Hi Piet!  Thanks for submitting this bug.  Could you post a stack trace of the crash (either as a comment or as an attachment to this bug)?

Also, could you provide the Subversion revision number (rNNNNN) used when you reproduced the crash?  Use the "svn info" command to get that number.

Comment 2 David Kilzer (:ddkilzer) 2007-01-31 06:52:23 PST
Confirmed with a locally-built debug build of WebKit r19301 with Mail 2.1 (752/752.2) on Mac OS X 10.4.8 (8L127).

Steps to reproduce:

1. Start Mail with WebKit ToT.
2. Open an HTML mail message.
3. Click "Reply" button.

Expected results:

A window should open to reply to the message.

Actual results:

Mail crashes.

Notes:

If you replace Step 2 with "Highlight HTML mail message", Mail doesn't crash, but the reply only has a single empty line when the reply is quoted.

"Responding" Preferences:

- Use the same message format as the original message: checked
- Quote the text of the original message: checked
- Increase quote level: checked
- When quoting text in replies or forward: selected "Include selected text if any, otherwise include all"

Comment 3 David Kilzer (:ddkilzer) 2007-01-31 06:54:41 PST
Created attachment 12824 [details]
Stack trace of crash
Comment 4 David Kilzer (:ddkilzer) 2007-01-31 07:01:31 PST
(In reply to comment #2)
> If you replace Step 2 with "Highlight HTML mail message", Mail doesn't crash,
> but the reply only has a single empty line when the reply is quoted.

Bug 12503.
Comment 5 Maciej Stachowiak 2007-01-31 07:23:19 PST
Should be fixed now.
Comment 6 piet 2007-01-31 09:03:43 PST
I updated my tree. The problem is still there, same stack and all, only with HTML mails.

Reopening.
Comment 7 David Kilzer (:ddkilzer) 2007-02-01 03:32:16 PST
(In reply to comment #6)
> I updated my tree. The problem is still there, same stack and all, only with
> HTML mails.  Reopening.

Still occurs with a locally-built debug build of WebKit r19324.
Comment 8 David Kilzer (:ddkilzer) 2007-02-01 03:36:58 PST
(In reply to comment #2)
> Steps to reproduce:
> 
> 1. Start Mail with WebKit ToT.
> 2. Open an HTML mail message.
> 3. Click "Reply" button.

Note that it is VERY IMPORTANT not to click anywhere in the message after opening it--open it,then click the "Reply" button.

Still reproducible with a local debug build of WebKit r19337.

Comment 9 piet 2007-02-01 14:43:09 PST
I confirm: same problem here with r19341. If you click the Mail first (simple click, or click-n-drag to select some text), it doesn't run into the ASSERT.
Comment 10 Mark Rowe (bdash) 2007-02-01 18:42:29 PST
<rdar://problem/4971224>
Comment 11 Maciej Stachowiak 2007-02-09 02:41:36 PST
Created attachment 13082 [details]
fix patch
Comment 12 mitz 2007-02-09 02:53:32 PST
Comment on attachment 13082 [details]
fix patch

r=me