Open Bug 1663496 Opened 4 years ago Updated 4 years ago

Crash in [@ nsFont::CalcDifference]

Categories

(Core :: Layout: Text and Fonts, defect)

defect

Tracking

()

People

(Reporter: gsvelto, Unassigned)

References

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/28db25f2-108c-489c-8f16-ecc730200904

Top 10 frames of crashing thread:

0 xul.dll nsFont::CalcDifference const gfx/src/nsFont.cpp:37
1 xul.dll nsStyleFont::CalcDifference const layout/style/nsStyleStruct.cpp:284
2 xul.dll mozilla::ComputedStyle::CalcStyleDifference const layout/style/ComputedStyle.cpp:169
3 xul.dll Gecko_CalcStyleDifference layout/style/GeckoBindings.cpp:315
4 xul.dll style::matching::PrivateMatchMethods::accumulate_damage_for<style::gecko::wrapper::GeckoElement> servo/components/style/matching.rs:729
5 xul.dll style::traversal::compute_style<style::gecko::wrapper::GeckoElement> servo/components/style/traversal.rs:681
6 xul.dll geckoservo::glue::traverse_subtree servo/ports/geckolib/glue.rs:260
7 xul.dll geckoservo::glue::Servo_TraverseSubtree servo/ports/geckolib/glue.rs:310
8 xul.dll mozilla::ServoStyleSet::StyleDocument layout/style/ServoStyleSet.cpp:743
9 xul.dll mozilla::RestyleManager::DoProcessPendingRestyles layout/base/RestyleManager.cpp:2986

I found this crash during nightly crash triage but it's an old issue, we have reports going back 6 months. The crash is a simple NULL pointer de-reference but given the code doesn't involve pointers directly it's hard to say what field is involved. If I have some time later I'll crack open a minidump and report back after further inspection.

This seems to affect all platforms and affects ESR too.

Really low volume and old issue, so probably S3, though it'd definitely be great to figure out what's going on.

Severity: -- → S3

I looked at a few recent crashes in Nightly, and they had Flash games as URLs like http://www.mousecity.com/games/point-and-click/snowday/

bp-a9ef5753-1ce7-4e06-bdff-72ee10200917

I was looking at some crashes in bug 1665787, and I saw that exact same Flash game in the URLs. I wonder if they are related somehow, but I don't know how they could be.

One of the crashes has the comment " please fix http://www.mousecity.com " and there are quite a few crashes with that URL, so if somebody wants to reproduce it, maybe that would be a place to start.

See Also: → 1665787
You need to log in before you can comment on or make changes to this bug.