Note: There are a few cases of duplicates in user autocompletion which are being worked on.

java.lang.IndexOutOfBoundsException: getChars (0 ... <n>) ends beyond length 0 at android.text.SpannableStringBuilder.checkRange(SpannableStringBuilder.java) at org.mozilla.gecko.GeckoInputConnection.getExtractedText

NEW
Unassigned

Status

()

Firefox for Android
Keyboards and IME
P2
critical
5 years ago
2 years ago

People

(Reporter: Scoobidiver (away), Unassigned)

Tracking

({crash})

Trunk
ARM
Android
crash
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(blocking-fennec1.0 -)

Details

(Whiteboard: [native-crash], crash signature)

Attachments

(2 attachments)

(Reporter)

Description

5 years ago
This bug was filed from the Socorro interface and is 
report bp-883d1a79-4730-4c4b-a9a7-6b4e02120624 .
============================================================= 

java.lang.IndexOutOfBoundsException: getChars (0 ... 9309) ends beyond length 0
	at android.text.SpannableStringBuilder.checkRange(SpannableStringBuilder.java:945)
	at android.text.SpannableStringBuilder.getChars(SpannableStringBuilder.java:839)
	at android.text.SpannableStringBuilder.toString(SpannableStringBuilder.java:862)
	at org.mozilla.gecko.GeckoInputConnection.getExtractedText(GeckoInputConnection.java:230)
	at com.android.internal.view.IInputConnectionWrapper.executeMessage(IInputConnectionWrapper.java:266)
	at com.android.internal.view.IInputConnectionWrapper$MyHandler.handleMessage(IInputConnectionWrapper.java:77)
	at android.os.Handler.dispatchMessage(Handler.java:99)
	at android.os.Looper.loop(Looper.java:137)
	at android.app.ActivityThread.main(ActivityThread.java:4424)
	at java.lang.reflect.Method.invokeNative(Native Method)
	at java.lang.reflect.Method.invoke(Method.java:511)
	at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:784)
	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:551)
	at dalvik.system.NativeStart.main(Native Method)

More reports at:
https://crash-stats.mozilla.com/query/query?product=FennecAndroid&version=FennecAndroid%3A16.0a1&query_search=signature&query_type=contains&query=android.text.SpannableStringBuilder.checkRange&do_query=1
Assignee: nobody → cpeterson
Status: NEW → ASSIGNED
blocking-fennec1.0: --- → ?
status-firefox16: --- → affected
Target Milestone: --- → Firefox 16
Created attachment 636786 [details] [diff] [review]
part-1-empty-Editable-exception.patch

Part 1: Do not call Editable.toString() if Editable has no text.

This is an Android bug. Editable.toString() may randomly crash because SpannableStringBuilder.getChars() does not account for its mGapLength when checking its [start, end) copy range. This seems to happen most often when length is 0 and the end index is very large.
Attachment #636786 - Flags: review?(blassey.bugs)
Created attachment 636787 [details] [diff] [review]
part-2-fix-range-brackets.patch

Part 2: Selection ranges exclude end index, so write [a,b), not (a,b].

This patch just fixes some typos in comments and log messages.
Attachment #636787 - Flags: review?(blassey.bugs)
Attachment #636786 - Flags: review?(blassey.bugs) → review+
Attachment #636787 - Flags: review?(blassey.bugs) → review+
blocking-fennec1.0: ? → -
* part 1 may not be necessary after bug 769520 lands.
* part 2 landed: https://hg.mozilla.org/integration/mozilla-inbound/rev/301d38e920a0
Whiteboard: [native-crash] → [native-crash], [leave open]
Depends on: 769520
https://hg.mozilla.org/mozilla-central/rev/301d38e920a0
I believe my fix for bug 769520 will fix these IndexOutOfBoundsExceptions, but I will watch Socorro topcrashes for a few days before resolving this bug.
Blocks: 772225
Priority: -- → P2
The fix for bug 769520, which landed in build Nightly 16 (2012-07-10), should have fixed these IndexOutOfBoundsExceptions. I'm resolving this bug as FIXED because I do not see any IndexOutOfBoundsExceptions in Socorro for builds >= Nightly 16 (2012-07-10).
status-firefox15: --- → fixed
status-firefox16: affected → fixed
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Whiteboard: [native-crash], [leave open] → [native-crash]
(Reporter)

Comment 7

5 years ago
It happens after the backout of bug 769520: bp-e1d3866d-b87f-49c4-9797-ec85f2120906.
Status: RESOLVED → REOPENED
status-firefox17: --- → fixed
status-firefox18: --- → affected
Resolution: FIXED → ---
(Reporter)

Updated

5 years ago
status-firefox15: fixed → ---
status-firefox16: fixed → ---
status-firefox17: fixed → ---
status-firefox18: affected → ---
Target Milestone: Firefox 16 → ---
(Reporter)

Updated

5 years ago
Depends on: 805162
Assignee: cpeterson → nobody
Status: REOPENED → NEW

Updated

2 years ago
Crash Signature: [@ java.lang.IndexOutOfBoundsException: getChars (0 ... 9309) ends beyond length 0 at android.text.SpannableStringBuilder.checkRange(SpannableStringBuilder.java)] [@ java.lang.IndexOutOfBoundsException: getChars (0 ... 6964) ends beyond length 0 a&hellip; → [@ java.lang.IndexOutOfBoundsException: getChars (0 ... 9309) ends beyond length 0 at android.text.SpannableStringBuilder.checkRange(SpannableStringBuilder.java)] [@ java.lang.IndexOutOfBoundsException: getChars (0 ... 6964) ends beyond length 0 a&hellip;
You need to log in before you can comment on or make changes to this bug.