Closed Bug 1197650 Opened 10 years ago Closed 10 years ago

crash in gfxFontGroup::FindNonItalicFaceForChar

Categories

(Core :: Graphics: Text, defect)

Product:
Core
Component:
Graphics: Text
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla43
Tracking Flags:
Tracking Status
firefox41 --- fixed
firefox42 --- fixed
firefox43 --- fixed

People

(Reporter: jtd, Assigned: jtd)

References

Details

Crash Data

Attachments

(1 file, 1 obsolete file)

patch, skip duplicate call to Valid()
978 bytes, patch
m_kato
: review+
ritu
: approval-mozilla-aurora+
ritu
: approval-mozilla-beta+
Details | Diff | Splinter Review
Searching through gfx-related top crashers for 41.b builds, #9 is a null-deref within gfxFontGroup::FindNonItalicFaceForChar. The problem here is that the Valid() check already occurs within FindOrMakeFont. If !Valid() a nullptr is returned. So the code here just needs to do a null-check rather than calling Valid() again. https://crash-stats.mozilla.com/report/index/bf1c51b5-5bcc-4bb8-be6f-62e1a2150818
Summary: crash in → crash in gfxFontGroup::FindNonItalicFaceForChar
Crash Signature: gfxFontGroup::FindNonItalicFaceForChar(gfxFontFamily*, unsigned int)
Attachment #8651568 - Flags: review?(m_kato)
The Valid() check has already been done within FindOrMakeFont, so just pass the result up (either valid or null).
Attachment #8651568 - Attachment is obsolete: true
Attachment #8651568 - Flags: review?(m_kato)
Attachment #8651570 - Flags: review?(m_kato)
Attachment #8651570 - Flags: review?(m_kato) → review+
https://hg.mozilla.org/mozilla-central/rev/c9a6e3c257bc
Status: NEW → RESOLVED
Closed: 10 years ago
status-firefox43: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
Crash Signature: gfxFontGroup::FindNonItalicFaceForChar(gfxFontFamily*, unsigned int) → [@ gfxFontGroup::FindNonItalicFaceForChar(gfxFontFamily*, unsigned int)]
This showed up on the beta 41 crash charts. Could you request an uplift?
Comment on attachment 8651570 [details] [diff] [review] patch, skip duplicate call to Valid() Approval Request Comment [Feature/regressing bug #]: crasher caused by null dereference [User impact if declined]: small number of crashes [Describe test coverage new/current, TreeHerder]: landed on central monday [Risks and why]: very minor fix [String/UUID change made/needed]: none
Attachment #8651570 - Flags: approval-mozilla-beta?
Attachment #8651570 - Flags: approval-mozilla-aurora?
Comment on attachment 8651570 [details] [diff] [review] patch, skip duplicate call to Valid() Crash fix that is simple and safe. Aurora42+, Beta41+.
Attachment #8651570 - Flags: approval-mozilla-beta?
Attachment #8651570 - Flags: approval-mozilla-beta+
Attachment #8651570 - Flags: approval-mozilla-aurora?
Attachment #8651570 - Flags: approval-mozilla-aurora+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: