Last Comment Bug 415776 - AT-SPI Collection Interface crashes Firefox
: AT-SPI Collection Interface crashes Firefox
: access
Product: Core
Classification: Components
Component: Disability Access APIs (show other bugs)
: unspecified
: x86 Linux
-- critical (vote)
: ---
Assigned To: Ginn Chen
: alexander :surkov
Depends on:
Blocks: fox3access
  Show dependency treegraph
Reported: 2008-02-05 07:41 PST by Scott Haeger
Modified: 2008-02-15 05:50 PST (History)
2 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

test script to demonstrate crash (1.95 KB, text/plain)
2008-02-05 08:01 PST, Scott Haeger
no flags Details

Description User image Scott Haeger 2008-02-05 07:41:05 PST
A second call to Collection.freeMatchRule() crashes Firefox.  Firefox definitely should not crash, but I am wondering if work needs to be done in the Collection module.

Crash reports:

To reproduce:
You will need the latest version of at-spi and this patch  
Build instrucions:

Once you have logged out or restarted at-spi, use an up to date version of Orca and do a page summary command twice.  The command for a page summary is Orca+(double-click)enter, where enter is pressed twice and Orca=Insert(desktop key binding) or CapsLock(laptop key binding).  In addition, I will post a small Python test script that should illustrate the problem.
Comment 1 User image Aaron Leventhal 2008-02-05 07:51:30 PST
I have no idea. It's crashing in libc somewhere.
Comment 2 User image Scott Haeger 2008-02-05 08:01:50 PST
Created attachment 301506 [details]
test script to demonstrate crash

Look at the last 'for' loop on the script to tweak the test.  Removing the freeMatchRule() fixes the crash (but probably bleeds memory on my end).
Comment 3 User image Ginn Chen 2008-02-14 03:08:10 PST
It is either a bug of at-spi or your script.
I'll ask Li Yuan tomorrow.

Not a bug of Firefox, so close.
Comment 4 User image Aaron Leventhal 2008-02-14 05:39:15 PST
Ginn, why would it crash Firefox?
Comment 5 User image Scott Haeger 2008-02-14 06:28:59 PST
Firefox should be bullet proof and be able to handle any errant communication sent to it.  No client should ever be able to take down a server.
Comment 6 User image Aaron Leventhal 2008-02-14 08:13:04 PST
I agree with Scott.
Comment 7 User image Ginn Chen 2008-02-14 23:40:55 PST
Sorry, I was wrong about thinking it could be a bug of the script.
It's a bug of libspi library.

firefox loads, which uses
It runs in firefox process to deal with CORBA requests.
If there's something wrong in, firefox will crash.
Firefox can do nothing to avoid it.

I posted my comments and a patch at
Comment 8 User image Scott Haeger 2008-02-15 05:50:06 PST
Thanks for clarifying the problem and all your hard work.  I'll verify the collection patch today.

Note You need to log in before you can comment on or make changes to this bug.