Closed Bug 1812597 Opened 1 year ago Closed 8 months ago

Crash in [@ gfxFontGroup::SetUserFontSet]

Categories

(Core :: Layout: Text and Fonts, defect)

Product:
Core
Component:
Layout: Text and Fonts
Platform:
Unspecified
All
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1846293

People

(Reporter: sefeng, Unassigned)

References

Details

(Keywords: crash, topcrash, topcrash-thunderbird)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/7a853edd-a059-4d41-8c84-d0a0f0230126

Reason: EXCEPTION_ACCESS_VIOLATION_READ

Top 10 frames of crashing thread:

0  xul.dll  mozilla::RefPtrTraits<gfxUserFontSet>::Release  mfbt/RefPtr.h:50
0  xul.dll  RefPtr<gfxUserFontSet>::ConstRemovingRefPtrTraits<gfxUserFontSet>::Release  mfbt/RefPtr.h:381
0  xul.dll  RefPtr<gfxUserFontSet>::assign_assuming_AddRef  mfbt/RefPtr.h:69
0  xul.dll  RefPtr<gfxUserFontSet>::assign_with_AddRef  mfbt/RefPtr.h:62
0  xul.dll  RefPtr<gfxUserFontSet>::operator=  mfbt/RefPtr.h:190
0  xul.dll  gfxFontGroup::SetUserFontSet  gfx/thebes/gfxTextRun.cpp:3650
1  xul.dll  mozilla::dom::CanvasRenderingContext2D::DrawOrMeasureText  dom/canvas/CanvasRenderingContext2D.cpp:4034
2  xul.dll  mozilla::dom::CanvasRenderingContext2D::FillText  dom/canvas/CanvasRenderingContext2D.cpp:3643
3  xul.dll  mozilla::dom::CanvasRenderingContext2D_Binding::fillText  dom/bindings/CanvasRenderingContext2DBinding.cpp:6427
4  ?  @0x00000006ebc3c8e2

This seems like a nullptr crash.

The severity field is not set for this bug.
:lsalzman, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(lsalzman)
Severity: -- → S3
Flags: needinfo?(lsalzman) → needinfo?(jfkthame)

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 5 desktop browser crashes on Mac on release

:lsalzman, could you consider increasing the severity of this top-crash bug?

For more information, please visit BugBot documentation.

Flags: needinfo?(lsalzman)
Keywords: topcrash
Severity: S3 → S2
Flags: needinfo?(lsalzman)

Potentially affects upcoming ESR 115.

Thunderbird bp-01639df4-5eb7-40c2-9b4c-1a4080230622

QA Whiteboard: [tbird topcrash]
Keywords: topcrash-thunderbird

This went from ~80 crash reports for Firefox 113.0.x to ~1100 for Firefox 114.0.x. Most frequent on macOS 13 followed by Windows 10 and 11. If an url has been submitted, it's .pdf. Edit: Crash stacks are corrupted.

Some crash comments:

  • moved the thunderbird window during 'fetching mails from imnap' from fullhd monitor to 4k monitor with scaling on 150%, crashed after releasing the mouse button.
  • Dragged a sticky tab off the window to make a new window. The detached one survived but the sticky tab broke
  • occurs post machine hibernation
  • When I first unlock in the morning
  • moved the tabs onto i different monitor
Flags: needinfo?(lsalzman)

It looks like this started creeping up when 114 rolled out to beta, and then further when it went to release. But before that numbers were substantially flat. So something related to the font layout, or maybe even offscreen canvas/threading/etc. probably changed during 114 (presumably some time in April?) that would have precipitated this.

Jonathan, any ideas?

Component: Graphics: Text → Layout: Text and Fonts
Flags: needinfo?(lsalzman)

It doesn't look like crash data goes back far enough, but I wonder if this dates back to bug 1759686. I don't have any explanation for why it spiked recently, but it seems like the low level of crashes of this started at least much longer ago than 114.

Depends on: 1846293

We're hoping emilio's patch in bug 1846293 may help here. We should be able to find out pretty soon after it lands; it seems we get a substantial amount of crash volume from Nightly here. (I see 19 crashes from 117 Nightly in the past week.)

If that patch lands soon, and if we're right that it'll address this crash, then we should hopefully see little-to-no crash volume in v118 Nightly (from the version bump that's happening tonight, coincidentally right around when bug 1846293's patch will probably make it into a Nightly).

(In reply to Daniel Holbert [:dholbert] from comment #10)

We're hoping emilio's patch in bug 1846293 may help here. We should be able to find out pretty soon after it lands; it seems we get a substantial amount of crash volume from Nightly here.

No nightly crashes after bug 1846293 landed. The last nightly crashes have build 20230731215815.
https://crash-stats.mozilla.org/signature/?release_channel=nightly&signature=gfxFontGroup%3A%3ASetUserFontSet&date=%3E%3D2023-02-12T00%3A00%3A00.000Z&date=%3C2023-08-12T23%3A59%3A00.000Z&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&_columns=install_time&_columns=startup_crash&_sort=-date&page=1#graphs

Uplift patch to beta?

Status: NEW → RESOLVED
Closed: 8 months ago
Duplicate of bug: 1846293
Flags: needinfo?(jfkthame)
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.