Closed Bug 1494203 Opened 3 years ago Closed 3 years ago

Crash in java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 +

Categories

(Firefox for Android Graveyard :: Keyboards and IME, defect)

Firefox 62
Unspecified
Android
defect
Not set
critical

Tracking

(firefox-esr60 unaffected, firefox62 unaffected, firefox63 fixed, firefox64 fixed)

RESOLVED FIXED
Firefox 64
Tracking Status
firefox-esr60 --- unaffected
firefox62 --- unaffected
firefox63 --- fixed
firefox64 --- fixed

People

(Reporter: calixte, Assigned: gsvelto)

References

(Blocks 1 open bug)

Details

(Keywords: crash, regression)

Crash Data

Attachments

(1 file)

This bug was filed from the Socorro interface and is
report bp-38a1ccfe-f3cf-4d83-b76b-0d0920180926.
=============================================================

Java stack trace:

java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1
+
 ^
	at java.util.regex.Pattern.compileImpl(Native Method)
	at java.util.regex.Pattern.compile(Pattern.java:1340)
	at java.util.regex.Pattern.<init>(Pattern.java:1324)
	at java.util.regex.Pattern.compile(Pattern.java:971)
	at org.mozilla.gecko.home.BrowserSearch$9.format(BrowserSearch.java:1224)
	at org.mozilla.gecko.home.TwoLinePageRow.update(TwoLinePageRow.java:254)
	at org.mozilla.gecko.home.TwoLinePageRow.updateFromCursor(TwoLinePageRow.java:346)
	at org.mozilla.gecko.home.BrowserSearch$SearchAdapter.bindView(BrowserSearch.java:1205)
	at org.mozilla.gecko.home.MultiTypeCursorAdapter.getView(MultiTypeCursorAdapter.java:62)
	at android.widget.AbsListView.obtainView(AbsListView.java:2365)
	at android.widget.ListView.makeAndAddView(ListView.java:2052)
	at android.widget.ListView.fillDown(ListView.java:786)
	at android.widget.ListView.fillSpecific(ListView.java:1494)
	at android.widget.ListView.layoutChildren(ListView.java:1790)
	at android.widget.AbsListView.onLayout(AbsListView.java:2164)
	at org.mozilla.gecko.widget.themed.ThemedListView.onLayout(ThemedListView.java:108)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.LinearLayout.setChildFrame(LinearLayout.java:1791)
	at android.widget.LinearLayout.layoutVertical(LinearLayout.java:1635)
	at android.widget.LinearLayout.onLayout(LinearLayout.java:1544)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.FrameLayout.layoutChildren(FrameLayout.java:323)
	at android.widget.FrameLayout.onLayout(FrameLayout.java:261)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.RelativeLayout.onLayout(RelativeLayout.java:1083)
	at org.mozilla.gecko.GeckoApp$MainLayout.onLayout(GeckoApp.java:2371)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.RelativeLayout.onLayout(RelativeLayout.java:1083)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.FrameLayout.layoutChildren(FrameLayout.java:323)
	at android.widget.FrameLayout.onLayout(FrameLayout.java:261)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.LinearLayout.setChildFrame(LinearLayout.java:1791)
	at android.widget.LinearLayout.layoutVertical(LinearLayout.java:1635)
	at android.widget.LinearLayout.onLayout(LinearLayout.java:1544)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.FrameLayout.layoutChildren(FrameLayout.java:323)
	at android.widget.FrameLayout.onLayout(FrameLayout.java:261)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.LinearLayout.setChildFrame(LinearLayout.java:1791)
	at android.widget.LinearLayout.layoutVertical(LinearLayout.java:1635)
	at android.widget.LinearLayout.onLayout(LinearLayout.java:1544)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.widget.FrameLayout.layoutChildren(FrameLayout.java:323)
	at android.widget.FrameLayout.onLayout(FrameLayout.java:261)
	at com.android.internal.policy.DecorView.onLayout(DecorView.java:761)
	at android.view.View.layout(View.java:19659)
	at android.view.ViewGroup.layout(ViewGroup.java:6075)
	at android.view.ViewRootImpl.performLayout(ViewRootImpl.java:2496)
	at android.view.ViewRootImpl.performTraversals(ViewRootImpl.java:2212)
	at android.view.ViewRootImpl.doTraversal(ViewRootImpl.java:1392)
	at android.view.ViewRootImpl$TraversalRunnable.run(ViewRootImpl.java:6752)
	at android.view.Choreographer$CallbackRecord.run(Choreographer.java:911)
	at android.view.Choreographer.doCallbacks(Choreographer.java:723)
	at android.view.Choreographer.doFrame(Choreographer.java:658)
	at android.view.Choreographer$FrameDisplayEventReceiver.run(Choreographer.java:897)
	at android.os.Handler.handleCallback(Handler.java:790)
	at android.os.Handler.dispatchMessage(Handler.java:99)
	at android.os.Looper.loop(Looper.java:164)
	at android.app.ActivityThread.main(ActivityThread.java:6494)
	at java.lang.reflect.Method.invoke(Native Method)
	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:438)
	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:807)


There are 3 crashes (from 1 installation) in nightly 64 with buildid 20180925100114. In analyzing the backtrace, the regression may have been introduced by patch [1] to fix bug 1127855.

[1] https://hg.mozilla.org/mozilla-central/rev?node=fbc27c2a3b88
Flags: needinfo?(gsvelto)
(In reply to Calixte Denizet (:calixte) from comment #0)
> There are 3 crashes (from 1 installation) in nightly 64 with buildid
> 20180925100114. In analyzing the backtrace, the regression may have been
> introduced by patch [1] to fix bug 1127855.
> 
> [1] https://hg.mozilla.org/mozilla-central/rev?node=fbc27c2a3b88

Indeed, I should have escaped the string and I forgot!
Flags: needinfo?(gsvelto)
Confirmed: to reproduce it's sufficient to go in the URL bar, then type the '[' character followed by a letter. Fix coming soon.
Assignee: nobody → gsvelto
Status: NEW → ASSIGNED
Duplicate of this bug: 1494402
Crash Signature: [@ java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 +] → [@ java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 +] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 1 (]
Crash Signature: [@ java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 +] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 1 (] → [@ java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 +] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 1 (] [@ java.util.regex.PatternSyntaxException: Incorrectly …
Crash Signature: nested parentheses in regexp pattern near index 3 ln(] → nested parentheses in regexp pattern near index 3 ln(] [@ java.util.regex.PatternSyntaxException: Syntax error in regexp pattern near index 1 *] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 9 ne…
Pushed by gsvelto@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/20c446dff6ab
Ensure the pattern we're highlighting is not interpreted as a regular expression r=nalexander
https://hg.mozilla.org/mozilla-central/rev/20c446dff6ab
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 64
Comment on attachment 9012103 [details]
Bug 1494203 - Ensure the pattern we're highlighting is not interpreted as a regular expression

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: Bug 1127855

User impact if declined: Fennec might crash when typing certain characters in the awesomebar (like braces, parentheses, etc...)

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: Yes

Needs manual test from QE?: No

If yes, steps to reproduce: 

List of other uplifts needed: None

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): This is a one-line fix that makes a regular expression be interpreted as a literal string

String changes made/needed: None
Attachment #9012103 - Flags: approval-mozilla-beta?
Crash Signature: nexus 7 (] → nexus 7 (] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 2 f( ]
Comment on attachment 9012103 [details]
Bug 1494203 - Ensure the pattern we're highlighting is not interpreted as a regular expression

Low-risk and a crash fix, uplift approved for 63 beta 13, thanks.
Attachment #9012103 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Assignee: gsvelto → nobody
Assignee: nobody → gsvelto
Crash Signature: nexus 7 (] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 2 f( ] → nexus 7 (] [@ java.util.regex.PatternSyntaxException: Incorrectly nested parentheses in regexp pattern near index 2 f( ] [@ java.util.regex.PatternSyntaxException: at java.util.regex.Pattern.compileImpl(Native Method)]
We tested on 63.0b13 and nightly 64.0a1 following the steps provided and we didn't see the crash on the following devices: Motorola Nexus 6(Android 7.1.1), Xiaomi Mi4i(Android 5.0.2), Nexus 9(Android 6.0.1).
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.