Bug 1693859

Summary: Firefox on Wayland segfaults if long text repeatedly pasted enough times in input control
Product: [Fedora] Fedora Reporter: Alex Villacís Lasso <alexvillacislasso>
Component: firefoxAssignee: Gecko Maintainer <gecko-bugs-nobody>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 29CC: 0xalen+redhat, anto.trande, gecko-bugs-nobody, jhorak, john.j5live, kengert, pjasicek, rhughes, rstrode, sandmann
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-04-09 15:47:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Villacís Lasso 2019-03-28 20:00:01 UTC 
Description of problem:
If running under GNOME Shell under Wayland, and Firefox is also running in Wayland mode (firefox-wayland), an attempt to repeatedly paste a long text into any unconstrained text input control (input type=text) will eventually crash Firefox with a SIGSEGV. The crash does NOT happen if Firefox is started in the default X11 mode, even under GNOME Shell on Wayland.

Version-Release number of selected component (if applicable):
firefox-66.0.1-1.fc29.x86_64
firefox-wayland-66.0.1-1.fc29.x86_64


How reproducible:
Always

Steps to Reproduce:
1. Start GNOME Shell using Wayland (the default in Fedora 29). Other wayland compositors have not been tested.
2. Install, then run firefox-wayland
3. Open any web page with a text input control that does not have any maximum length specified
4. Focus on the input control, then press any letter key to get a long string of characters
5. Select the entirety of this character string and copy it to the clipboard
6. Focus on the input control, and keep Ctrl-V pressed to paste the long string at high speed

Actual results:
Firefox segfaults and terminates

Expected results:
No segfault. Firefox should either keep accepting characters in the input control, or block the paste attempts on whathever limit is appropriate.

Additional info:

ABRT points me to this report, but I do not know if it is the right one:
https://retrace.fedoraproject.org/faf/reports/2507322/
Comment 1 Alex Villacís Lasso 2019-04-09 15:47:25 UTC 
This crash no longer happens after update to gtk3-3.24.1-3.fc29.x86_64. Linking as duplicate of #1695521 .

*** This bug has been marked as a duplicate of bug 1695521 ***