Closed
Bug 336737
Opened 19 years ago
Closed 17 years ago
Crash when switching folders [@ NS_strlen]
Categories
(MailNews Core :: Database, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: ajschult784, Assigned: Bienvenu)
References
Details
(Keywords: crash, regression, topcrash)
Crash Data
Attachments
(3 files, 2 obsolete files)
|
6.07 KB,
text/plain
|
Details | |
|
6.53 KB,
patch
|
Details | Diff | Splinter Review | |
|
1010 bytes,
patch
|
Bienvenu
:
superreview+
|
Details | Diff | Splinter Review |
With seamonkey trunk build 2006050410, I've crashed a few times switching to a different mail folder (usually IMAP) but it doesn't happen consistently. I don't remember crashing with the previous nightly, 2006050309.
|
Reporter | |
Comment 1•19 years ago
|
||
|
|
Reporter | |
Updated•19 years ago
|
Summary: Crash when switching folders → Crash when switching folders [@ NS_strlen]
|
||
Comment 2•19 years ago
|
||
I got same top of stack with windows on startup of thunderbird trunk 2006050409
talkback id TB18335210
|
|
||
Comment 3•19 years ago
|
||
There are a few others for windows also reported since yesterday 5/4. The oldest deployment id is MozillaOrgMozillaTrunkWin322006050310 for TB18287346
|
|
Reporter | |
Comment 4•19 years ago
|
||
I went back to the 2006050309 build and did still hit this. 2006050210 seems ok.
Keywords: topcrash
Attachment #221114 -
Flags: superreview?(bienvenu)
Attachment #221114 -
Flags: review?(bienvenu)
|
Assignee | |
Comment 6•19 years ago
|
||
Comment on attachment 221114 [details] [diff] [review]
null pointers are not legal for strlen and strdup and friends, they aren't healthy in general either
I've actually already got a different patch in my tree that uses the empty string instead of returning errors, so I'm going to decide which I prefer. Also, something changed underneath this code to cause this crash - so I'd like to investigate the underlying cause...
*** Bug 336893 has been marked as a duplicate of this bug. ***
|
||
Comment 8•19 years ago
|
||
I changed nsCRT::strlen (which became NS_strlen) to not accept null input... mostly accidentally, but I think it's the right thing to do if the callers can be easily fixed.
|
|
Assignee | |
Comment 9•19 years ago
|
||
that's always been part of the contract of the nsCRT:: string routines, part of their raison d'etre, if you will, and part of the reason we used them instead of the vanilla c library or PL_ routines. A better thing to do might be to fix all the callers to null check and not use nsCRT:: routines, but leave the nsCRT:: routines the way there were...
|
|
||
Comment 10•19 years ago
|
||
The reason for nsCRT:: functions was because we needed a strlen for prunichar*, not just char*. The nsCRT::strlen(char*) function has crashed-on-null for a long time.
|
|
Assignee | |
Comment 11•19 years ago
|
||
Attachment #221114 -
Attachment is obsolete: true
Attachment #221337 -
Flags: superreview?(mscott)
Attachment #221114 -
Flags: superreview?(bienvenu)
Attachment #221114 -
Flags: review?(bienvenu)
|
||
Updated•19 years ago
|
Attachment #221337 -
Flags: superreview?(mscott) → superreview+
|
||
Comment 12•19 years ago
|
||
Comment on attachment 221337 [details] [diff] [review]
tweak timeless's fix
thanks for addressing most of my XXXs, however you removed one w/o addressing it:
nsMsgGroupThread *nsMsgGroupView::AddHdrToThread(nsIMsgDBHdr *msgHdr, PRBool *pNewThread)
nsHashKey *hashKey = AllocHashKeyForHdr(msgHdr);
// XXX using this pointer without null checking will almost certainly
Why? the code ends up sticking a null pointer into a hash among other strange things....
|
|
Assignee | |
Comment 13•19 years ago
|
||
this is the -u patch for checkin, also addresses timeless's last comment.
Attachment #221337 -
Attachment is obsolete: true
|
||
Comment 14•19 years ago
|
||
*** Bug 337580 has been marked as a duplicate of this bug. ***
|
||
Comment 15•19 years ago
|
||
*** Bug 337672 has been marked as a duplicate of this bug. ***
|
|
||
Comment 16•19 years ago
|
||
I checked this in for David now that the tree is open again.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
|
|
||
Comment 17•19 years ago
|
||
Even with the patch checked in, I'm still seeing talkback reports today with this crash such as:
TB18759487M
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
||
Comment 18•19 years ago
|
||
This additional change might fix the crash seen in TB18759487M.
|
|
Assignee | |
Updated•19 years ago
|
Attachment #222240 -
Flags: superreview+
|
||
Comment 19•19 years ago
|
||
+ *aRecipientsString = nsCRT::strdup(unparsedRecipients.IsEmpty() ? NS_LITERAL_STRING("").get() : unparsedRecipients.get());
Could this be:
*aRecipientsString = ToNewUnicode(unparsedRecipients);
?
|
|
Assignee | |
Comment 20•19 years ago
|
||
should this be marked fixed now?
|
|
||
Comment 21•17 years ago
|
||
Bienvenu in comment #20
> should this be marked fixed now?
one would think. both patches checked in, and NS_strlen doesn't appear in TB trunk or TB2 on talkback
|
|
Assignee | |
Comment 22•17 years ago
|
||
thx, marking fixed.
Status: REOPENED → RESOLVED
Closed: 19 years ago → 17 years ago
Resolution: --- → FIXED
|
||
Updated•17 years ago
|
Product: Core → MailNews Core
|
|
||
Updated•14 years ago
|
Crash Signature: [@ NS_strlen]
You need to log in
before you can comment on or make changes to this bug.
Description
•