Crash in [@ weasel.dll | RtlFreeHeap | CInputContext::RequestEditSession] cause by the Rime Input Method Engine
Categories
(External Software Affecting Firefox :: Other, defect)
Tracking
(Not tracked)
People
(Reporter: gsvelto, Unassigned)
Details
(Keywords: crash)
Crash Data
Crash report: https://crash-stats.mozilla.org/report/index/d4a0b895-3e1b-4f8d-afc1-117490220108
Reason: EXCEPTION_ACCESS_VIOLATION_READ
Top 10 frames of crashing thread:
0 weasel.dll weasel.dll@0x0000000000003e99
1 ntdll.dll RtlFreeHeap
2 None @0x00000028e4dfe1af
3 textinputframework.dll CInputContext::RequestEditSession
4 weasel.dll weasel.dll@0x0000000000004089
5 weasel.dll weasel.dll@0x00000000000030ea
6 weasel.dll weasel.dll@0x00000000000046e3
7 xul.dll _tailMerge_d3dcompiler_47.dll
8 xul.dll _tailMerge_d3dcompiler_47.dll
9 weasel.dll weasel.dll@0x00000000000877af
The software in question is available here.
Comments mention it explicitly as the cause of the crash:
The crash occured when using Asian IME on the search box of extension page.
when move to plugin page, it crashed and exited
Comment 1•1 year ago
|
||
Since the crash volume is low (less than 5 per week), the severity is downgraded to S3
. Feel free to change it back if you think the bug is still critical.
For more information, please visit auto_nag documentation.
Reporter | ||
Comment 2•10 months ago
|
||
I found more instances of this.
Reporter | ||
Comment 3•10 months ago
|
||
Masayuki do you think something could be done to improve the situation here?
Comment 4•10 months ago
•
|
||
It seems that it's a crash in this TIP.
https://github.com/rime/weasel/tree/master/WeaselTSF
According to these crash reports:
- https://crash-stats.mozilla.org/report/index/d220fcd7-f70e-460b-a884-708b20230601
- https://crash-stats.mozilla.org/report/index/4d5da2c3-3b71-47ad-b3e8-32f560230612
The crash occurs during a call of ITfKeystrokeMgr::TestKeyDown()
or ITfKeystrokeMgr::TestKeyUp()
. While calling them, we guarantee the lifetime of ITfKeystrokeMgr
with a local RefPtr
which is the only ref-countable object which we need to guarantee the lifetime.
Therefore, I think that we can do nothing from the our side.
Reporter | ||
Comment 5•10 months ago
|
||
This crash mentions this happened after an update to RIME, maybe we can reach out and see if they can fix the issue on their side since it might be a regression.
Description
•