Closed Bug 548545 Opened 10 years ago Closed 10 years ago
Crash in Tools->Options->Content [@ strlen | NS
_New Atom(char const*) ]
Using a build with cset: http://hg.mozilla.org/mozilla-central/rev/4c60c40075e9 Opening Tools->Options->Content tab caused the browser to crash. Works in cset: http://hg.mozilla.org/mozilla-central/rev/639b98ae11a8 Crash in cset: http://hg.mozilla.org/mozilla-central/rev/4c60c40075e9 This bug https://bugzilla.mozilla.org/show_bug.cgi?id=524107 has broken the Option Panel -> Content tab
Now that nightly is out for today here is a crash-report: http://crash-stats.mozilla.com/report/pending/318aae17-80f2-44ae-97db-bac2a2100225 Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a2pre) Gecko/20100225 Minefield/3.7a2pre Firefox/3.6 ID:20100225062635
Summary: Crash in Tools->Options->Content → Crash in Tools->Options->Content [@ strlen | NS_NewAtom(char const*) ]
The crash occurs when nsThebesFontEnumerator::EnumerateFonts is called with aLangGroup == nsnull, and we try to turn the langGroup into an atom. Fix is to check for null here. In addition, we need to check the resulting language atom for null in the platform implementations of GetFontList(), otherwise we'll just crash a moment later.
Assignee: nobody → jfkthame
Attachment #428919 - Flags: review?(roc)
The OS/2 change should initialize the char* to null, right? Otherwise it's printing random memory.
(In reply to comment #3) > The OS/2 change should initialize the char* to null, right? Otherwise it's > printing random memory. Oops. Should initialize it to "", actually, or maybe "null". (It's just someone's old debug code, so it's not critical exactly what we print, but random memory is definitely not good!)
Also occurring on WinXP.
Yes, it's platform-independent.
OS: Windows 7 → All
Hardware: x86 → All
Yes Sir. It is platform-independent. Just crashed my Linux build.
Attachment #428927 - Flags: review?(roc) → review+
Comment on attachment 428927 [details] [diff] [review] patch v2: don't leave char* uninitialized in debug code; ensure atom is lowercased I wonder if we can have a test for this?
Testcase that gets the font list - fails unless this bug is fixed.
Pushed fix: http://hg.mozilla.org/mozilla-central/rev/e0b27f479229 Testcase: http://hg.mozilla.org/mozilla-central/rev/dd4ac841e90b
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Verified fixed using latest hourly build: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a2pre) Gecko/20100225 Minefield/3.7a2pre Firefox/3.6 ID:20100225155722 cset: http://hg.mozilla.org/mozilla-central/rev/9ac0aab7c9d5
10 years ago
AFAICT-Verified fixed in Linux: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.3a2pre) Gecko/20100226 Minefield/3.7a2pre - Build ID: 20100226032052 cset: http://hg.mozilla.org/mozilla-central/rev/475768f37b1a
marking verified based on comments #14 and #15
Status: RESOLVED → VERIFIED
Crash Signature: [@ strlen | NS_NewAtom(char const*) ]
You need to log in before you can comment on or make changes to this bug.