Closed
Bug 719872
Opened 12 years ago
Closed 12 years ago
[skia] Crash [@ SkTypeface::UniqueID] switching tabs to a Flash document
Categories
(Core :: Graphics, defect)
Tracking
()
VERIFIED
FIXED
mozilla12
| Tracking | Status | |
|---|---|---|
| fennec | + | --- |
People
(Reporter: martijn.martijn, Assigned: snorp)
References
()
Details
(4 keywords, Whiteboard: [native-crash])
Crash Data
Attachments
(1 file, 1 obsolete file)
|
19.60 KB,
patch
|
mattwoodrow
:
review+
|
Details | Diff | Splinter Review |
I was getting this crash a couple of times on my LG Optimus Black. You need to have the Setting Plugins to "Enabled" to test this. Steps to reproduce: - Visit http://people.mozilla.org/~mwargers/tests/plugins/flash/317375_flash_wmode.swf - Switch to a different tab - Switch back to the Flash file I did crash a couple of times this way, but currently, it doesn't seem to crash anymore. https://crash-stats.mozilla.com/report/index/bp-6dff8f4a-93c7-4dd8-a05e-7f8c22120120 0 libxul.so SkTypeface::UniqueID gfx/skia/src/core/SkTypeface.cpp:56 1 libxul.so SkPaint::descriptorProc gfx/skia/src/core/SkPaint.cpp:1380 2 libxul.so SkPaint::getFontMetrics gfx/skia/src/core/SkPaint.cpp:1091 3 libxul.so anp_getFontMetrics other-licenses/skia-npapi/ANPPaint.cpp:162 4 libflashplayer.so libflashplayer.so@0x54ddff 5 0 (deleted) 0 @0x13f3ffe 6 libflashplayer.so libflashplayer.so@0x54ddd3 7 libflashplayer.so libflashplayer.so@0x532871 8 libflashplayer.so libflashplayer.so@0x532863 9 libflashplayer.so libflashplayer.so@0x234ddb 10 libflashplayer.so libflashplayer.so@0x533cf7 11 0 (deleted) 0 @0x13f3ffe 12 libflashplayer.so libflashplayer.so@0x75a606 13 libflashplayer.so libflashplayer.so@0x234c9b 14 libflashplayer.so libflashplayer.so@0x75a606 15 libflashplayer.so libflashplayer.so@0x225feb 16 libflashplayer.so libflashplayer.so@0x225fab 17 libflashplayer.so libflashplayer.so@0x240067 18 libflashplayer.so libflashplayer.so@0x75a606 19 libflashplayer.so libflashplayer.so@0x75a606 20 libflashplayer.so libflashplayer.so@0x5328d7
|
||
Updated•12 years ago
|
Crash Signature: [@ SkTypeface::UniqueID]
Component: General → Graphics
Product: Fennec Native → Core
QA Contact: general → thebes
Summary: Crash [@ SkTypeface::UniqueID] switching tabs to a Flash document → [skia] Crash [@ SkTypeface::UniqueID] switching tabs to a Flash document
Whiteboard: [native-crash]
|
|
||
Comment 1•12 years ago
|
||
It's currently #1 top crasher in today's build. The regression range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=58e933465c36&tochange=5c2bc94d359c
Keywords: regression,
topcrash
|
||
Comment 2•12 years ago
|
||
I get the same crash when going to http://www.bundesliga.de on a Samsung Galaxy S2 (landscape mode) and then scrolling down a bit after the page has finished loading. Plugins are enabled.
|
||
Comment 3•12 years ago
|
||
I'm not familiar with this code. Where is the 'ANPPaint*' created, that libflashplayer is passing into anp_getFontMetrics? If it's created by flash, then doesn't libflashplayer need to have been compiled against the same Skia version as we have in our tree?
|
||
Comment 4•12 years ago
|
||
snorp, I choose you!
dup of Bug 717060 ?
|
Assignee | |
Comment 6•12 years ago
|
||
(In reply to Matt Woodrow (:mattwoodrow) from comment #3) > I'm not familiar with this code. Where is the 'ANPPaint*' created, that > libflashplayer is passing into anp_getFontMetrics? > > If it's created by flash, then doesn't libflashplayer need to have been > compiled against the same Skia version as we have in our tree? There are shims in other-licenses/skia-npapi that libflashplayer uses. This didn't used to crash, though, so I'd guess something changed in our Skia? Regardless, I'll take this one.
Assignee: nobody → snorp
|
||
Updated•12 years ago
|
tracking-fennec: --- → +
|
|
Assignee | |
Comment 7•12 years ago
|
||
With a local debug build I actually get the following:
Switching to Thread 21195]
0x72fab4b6 in SkFontHost::CreateTypeface(SkTypeface const*, char const*, void const*, unsigned int, SkTypeface::Style) ()
from /Users/snorp/source/birch/objdir-android/dist/bin/libxul.so
(gdb) bt
#0 0x72fab4b6 in SkFontHost::CreateTypeface(SkTypeface const*, char const*, void const*, unsigned int, SkTypeface::Style) ()
from /Users/snorp/source/birch/objdir-android/dist/bin/libxul.so
#1 0x72fa112e in SkTypeface::CreateFromName (name=<optimized out>, style=<optimized out>)
at /Users/snorp/source/birch/gfx/skia/src/core/SkTypeface.cpp:65
#2 0x72e07374 in anp_createFromName (name=0x0, s=0) at /Users/snorp/source/birch/other-licenses/skia-npapi/ANPTypeface.cpp:32
#3 0x81d4e598 in ?? ()
#4 0x81d4e598 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
The 'name' passed in anp_createFromName isn't actually null. It's actually "Curlz MT" when I print it out. If I had to guess, I'd say the new Skia is not coping well when it can't find a given font.|
|
Assignee | |
Comment 9•12 years ago
|
||
Ok, this appears to be the problem: changeset: 84849:8de271eee34b user: Matt Woodrow <mwoodrow@mozilla.com> date: Thu Jan 19 17:55:27 2012 +1300 summary: Bug 716415 - Follow to include changes that I forgot to qref. r=bustage diff --git a/gfx/skia/Makefile.in b/gfx/skia/Makefile.in --- a/gfx/skia/Makefile.in +++ b/gfx/skia/Makefile.in @@ -301,24 +301,21 @@ include/ports/SkTypeface_mac.h \ $(NULL) CPPSRCS += \ SkFontHost_mac_coretext.cpp \ SkTime_Unix.cpp \ $(NULL) endif ifeq (android,$(MOZ_WIDGET_TOOLKIT)) CPPSRCS += \ - SkFontHost_FreeType.cpp \ - SkFontHost_android.cpp \ - SkFontHost_gamma.cpp \ - FontHostConfiguration_android.cpp \ + SkFontHost_none.cpp \ SkMMapStream.cpp \ SkTime_Unix.cpp \ $(NULL) We need the font stuff to work (as it was before). What was the reason for using the null backend here?
|
|
||
Comment 10•12 years ago
|
||
Sorry, I didn't realize there was other code depending on our skia codebase. FontHostConfiguration_android (required by SkFontHost_android.cpp) has a dependency on expat.h (and XML parser). Their code is expecting XML_Char to be defined as char*, while our implementation of expat (see expat_config.h) is using PRUnichar.
|
|
Assignee | |
Comment 11•12 years ago
|
||
Ugh, and PRUnichar is two bytes, I presume? Do we have a plan for working around this problem? s/XML_Char/char*/ maybe in the one file maybe?
|
|
||
Comment 12•12 years ago
|
||
Yep. I'm not sure, the XML parser callbacks pass 2 byte chars, and the skia implementations of those callbacks are using one byte chars. I can't think of anything other than rewriting the majority of that file. Unless there is a system version of the XML parser that we can link to instead.
|
|
Assignee | |
Comment 13•12 years ago
|
||
Attachment #591663 -
Flags: review?(matt.woodrow)
|
||
Comment 14•12 years ago
|
||
This crash still occurs on the latest Nightly build. I opened and enabled flash plugin for http://gotmilk.com. While the page content is loading, Fennec just crashes without performing any additional steps. -- Mozilla/5.0 (Android;Linux armv7l;rv:12.0a1)Gecko/20120125 Firefox/12.0a1 Fennec/12.0a1 Device: Samsung Galaxy S OS: Android 2.2
|
|
||
Comment 15•12 years ago
|
||
(In reply to Cristian Nicolae (:xti) from comment #14) > This crash still occurs on the latest Nightly build. The patch hasn't been reviewed.
|
|
Assignee | |
Comment 16•12 years ago
|
||
Comment on attachment 591663 [details] [diff] [review] Fix Skia font backend on Android bsmedberg: Matt wasn't comfortable reviewing the stringy bits of the patch, and Brad suggested that you might be able to.
Attachment #591663 -
Flags: review?(matt.woodrow) → review?(benjamin)
|
|
Assignee | |
Comment 17•12 years ago
|
||
We have a problem here. The xml files it tries to read don't exist on older Android. I'm going to patch it to work with that (fallback to whatever it did in older versions).
|
|
Assignee | |
Comment 18•12 years ago
|
||
Ok, this one just falls back to the hardcoded list that Skia used before and works everywhere
Attachment #592060 -
Flags: review?(matt.woodrow)
|
|
Assignee | |
Updated•12 years ago
|
Attachment #591663 -
Attachment is obsolete: true
Attachment #591663 -
Flags: review?(benjamin)
|
|
||
Comment 19•12 years ago
|
||
Comment on attachment 592060 [details] [diff] [review] Fix Skia font backend on Android Review of attachment 592060 [details] [diff] [review]: ----------------------------------------------------------------- This looks good for now, as long as you add a patch file to update.sh :) I'll talk to the google guys too, and see if they are aware of this (possibly unintentional) android version requirement.
Attachment #592060 -
Flags: review?(matt.woodrow) → review+
|
|
Assignee | |
Comment 20•12 years ago
|
||
http://hg.mozilla.org/integration/mozilla-inbound/rev/b735935813b2 http://hg.mozilla.org/integration/mozilla-inbound/rev/8e80c7006eba
|
||
Comment 21•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/b735935813b2 https://hg.mozilla.org/mozilla-central/rev/8e80c7006eba
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla12
Need to wait until tomorrow to verify; Was able to hit this bug on Samsung Galaxy S II with http://www.kongozan.com/live/index2.html and tapping on the two flash plugins.
Today's build does not seem to crash with the repro steps in Comment 22.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•