Closed
Bug 710940
Opened 13 years ago
Closed 13 years ago
Firefox Crash [@ AffixMgr::parse_file(char const*, char const*) ]
Categories
(Core :: Spelling checker, defect)
Tracking
()
RESOLVED
FIXED
mozilla12
| Tracking | Status | |
|---|---|---|
| firefox11 | --- | fixed |
People
(Reporter: marcia, Assigned: ehsan.akhgari)
References
Details
(Keywords: crash, regression, topcrash, Whiteboard: [fixed-in-hunspell-1.3.3][qa-], startupcrash)
Crash Data
Attachments
(1 file, 1 obsolete file)
|
3.08 KB,
patch
|
akeybl
:
approval-mozilla-aurora+
akeybl
:
approval-mozilla-beta-
|
Details | Diff | Splinter Review |
Seen while looking at trunk crash reports. Crashes started showing up using the 2011121400 build on trunk but the crash is seen on other versions as well. https://crash-stats.mozilla.com/report/list?signature=AffixMgr::parse_file%28char%20const*,%20char%20const*%29. Some of the reports look like they are probably the same person, but not all. Not sure what caused the spike on trunk, but here is what was checked in: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=3c321d2c9884&tochange=fd6ab19f312c https://crash-stats.mozilla.com/report/index/3114185e-8dee-4790-ad92-f01352111214 Frame Module Signature [Expand] Source 0 xul.dll AffixMgr::parse_file extensions/spellcheck/hunspell/src/affixmgr.cpp:808 1 xul.dll AffixMgr::AffixMgr extensions/spellcheck/hunspell/src/affixmgr.cpp:167 2 xul.dll Hunspell::Hunspell extensions/spellcheck/hunspell/src/hunspell.cpp:84 3 xul.dll mozHunspell::SetDictionary extensions/spellcheck/hunspell/src/mozHunspell.cpp:220 4 xul.dll PromiseFlatString obj-firefox/dist/include/nsTPromiseFlatString.h:134 5 xul.dll mozSpellChecker::SetCurrentDictionary extensions/spellcheck/src/mozSpellChecker.cpp:385
|
||
Comment 1•13 years ago
|
||
At #7 on the top crash list for the trunk. Adding the keyword.
Keywords: topcrash
|
Assignee | |
Comment 2•13 years ago
|
||
This is a real bug which has existed since forever. Our implementation of get_current_cs can return null. hunspell's implementation can't, and relies on this assumption all over the place. We should stop returning null, and just return dummy data in case of failures, just as hunspell's implementation does. I have a patch for this.
Assignee: nobody → ehsan
|
|
Assignee | |
Comment 3•13 years ago
|
||
Attachment #585563 -
Flags: review?(bugs)
|
||
Comment 5•13 years ago
|
||
Comment on attachment 585563 [details] [diff] [review] Patch (v1) > // XXX This function was rewritten for mozilla. Instead of storing the > // conversion tables static in this file, create them when needed > // with help the mozilla backend. > struct cs_info * get_current_cs(const char * es) { >- struct cs_info *ccs; >+ struct cs_info *ccs = new cs_info[256]; >+ // Initialze the array with dummy data so that we wouldn't need >+ // to return null in case of failures. >+ for (int i = 0; i < 256; ++i) { Could you use 0xff here, so that the loop looks like the one below. This error handling is very strange, but it is what the code below does too :/
Attachment #585563 -
Flags: review?(bugs) → review+
|
|
Assignee | |
Comment 6•13 years ago
|
||
[Approval Request Comment] Regression caused by (bug #): This has been broken since forever. User impact if declined: A crash not being fixed. Testing completed (on m-c, etc.): I tested this patch locally, and I believe the code changes are sane. Risk to taking this patch (and alternatives if risky): This is relatively low-risk. The alternative is patching all of the callers of get_current_cs, which is way more risky.
Attachment #585563 -
Attachment is obsolete: true
Attachment #587186 -
Flags: approval-mozilla-beta?
Attachment #587186 -
Flags: approval-mozilla-aurora?
|
|
Assignee | |
Comment 7•13 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/b4778618b053
Target Milestone: --- → mozilla12
|
||
Comment 8•13 years ago
|
||
Nemeth/Caolan, can you land this upstream please?
|
|
Assignee | |
Comment 9•13 years ago
|
||
(In reply to Ryan VanderMeulen from comment #8) > Nemeth/Caolan, can you land this upstream please? This is a bug in Mozilla specific customizations to hunspell, it doesn't need to be upstreamed.
|
|
||
Comment 10•13 years ago
|
||
The MOZILLA_CLIENT code is upstream as well. It will make future updates easier if it's included there as well.
|
||
Comment 11•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/b4778618b053
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Comment 12•13 years ago
|
||
upstreamed this fix to hunspell cvs
|
|
||
Updated•13 years ago
|
Whiteboard: startupcrash → [fixed-in-hunspell-1.3.3], startupcrash
|
|
Assignee | |
Comment 13•13 years ago
|
||
(In reply to Ryan VanderMeulen from comment #10) > The MOZILLA_CLIENT code is upstream as well. It will make future updates > easier if it's included there as well. Ah, I didn't know that, thanks!
|
||
Comment 14•13 years ago
|
||
Comment on attachment 587186 [details] [diff] [review] Review comments addressed [Triage Comment] Approving for Aurora, but since this has been broken forever, we'll let it ride 11 and up.
Attachment #587186 -
Flags: approval-mozilla-beta?
Attachment #587186 -
Flags: approval-mozilla-beta-
Attachment #587186 -
Flags: approval-mozilla-aurora?
Attachment #587186 -
Flags: approval-mozilla-aurora+
|
|
Assignee | |
Comment 15•13 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/3301ea9d78b0
status-firefox11:
--- → fixed
|
||
Comment 16•12 years ago
|
||
Since that is an old bug blocking functionality and a no-risk fix (w/o it is just segfaulting) I vote for bring the fix to a version <11!
|
|
||
Comment 17•12 years ago
|
||
(In reply to amai from comment #16) Where the old bug is Bug 608639
|
||
Comment 18•12 years ago
|
||
Is there anything that QA can do to verify this fix (apart from checking crashstats)?
Whiteboard: [fixed-in-hunspell-1.3.3], startupcrash → [fixed-in-hunspell-1.3.3][qa?], startupcrash
|
|
Assignee | |
Comment 20•12 years ago
|
||
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #18) > Is there anything that QA can do to verify this fix (apart from checking > crashstats)? No, I think that is all which can be done here. (In reply to amai from comment #16) > Since that is an old bug blocking functionality and a no-risk fix (w/o it is > just segfaulting) I vote for bring the fix to a version <11! Firefox <11 is no longer being maintained, and Firefox 11 has fixed this bug. You should upgrade to the latest version of Firefox.
Whiteboard: [fixed-in-hunspell-1.3.3][qa?], startupcrash → [fixed-in-hunspell-1.3.3][qa-], startupcrash
|
|
||
Updated•10 years ago
|
Depends on: hunspell-1.3.3
You need to log in
before you can comment on or make changes to this bug.
Description
•