This bug was filed from the Socorro interface and is report bp-951ec2e3-1ec7-44f9-b6ac-da2c02160308. ============================================================= Firefox crashes when attempting to draw two different fonts to a 2d canvas that will be used as a texture atlas for a webgl context. The 2d canvas has ctx.globalCompositeOperation = "lighter"; enabled if that has any effect? it is also broken in beta, but works in aurora as it seem that code no longer exists. Thanks in advance, this is a huge blocker for us.
Crashes are flagged as critical, not blocker in general. Could you provide a testcase to reproduce the crash, please.
Severity: blocker → critical
Keywords: crash, testcase-wanted
Created attachment 8729265 [details] [diff] [review] check that SkPaint::textToGlyphs succeeds
Assignee: nobody → lsalzman
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Attachment #8729265 - Flags: review?(jmuizelaar)
Attachment #8729265 - Flags: review?(jmuizelaar) → review+
Comment on attachment 8729265 [details] [diff] [review] check that SkPaint::textToGlyphs succeeds Approval Request Comment [Feature/regressing bug #]: This works around an issue that has been present at least since 2014 when we were using an old version of Skia before we updated in 46. 45 and below are all affected. [User impact if declined]: Specific strings may be used to crash the browser on a null-pointer deference with canvas quite easily. The Skia update that is in 46+ uses incompatible code from what is being patched here and which is not affected at all by this particular bug, which is why this patch can only be applied to release/45 ESR and must bypass aurora/beta/central. Since we can't backport an entire Skia update, it is rather better to just patch the issue in the older Skia. [Describe test coverage new/current, TreeHerder]: mochitests, reftests [Risks and why]: The risk is currently low as in the absence of this change, the browser already crashes on these inputs. This simply makes the Skia canvas backend correctly ignore them, which is what it should be doing on these particular inputs (instead of crashing). [String/UUID change made/needed]: None
Comment on attachment 8729265 [details] [diff] [review] check that SkPaint::textToGlyphs succeeds The number of crashes is quite low, not taking it in release but taking it in esr as we will maintain it for a while
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
status-firefox45: --- → wontfix
status-firefox46: --- → unaffected
status-firefox47: --- → unaffected
status-firefox48: --- → unaffected
status-firefox-esr45: --- → fixed
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.