User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.9.2a1pre) Gecko/20090330 Minefield/3.2a1pre Build Identifier: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.9.2a1pre) Gecko/20090330 Minefield/3.2a1pre As discussed in newsgroup (thread, page crashes FF 3) going to http://www.toolmax-walldorf.de/ causes Firefox and Seamonkey to crash. Investigation points to wingding.ttf causing crash in GetMetrics() Reproducible: Always Steps to Reproduce: 1.Install wingding.ttf from winos2 2.Load http://www.toolmax-walldorf.de/ 3. Actual Results: sigsegv in xul.dll Expected Results: Display page Killed by SIGSEGV pid=0x4a08 ppid=0x0020 tid=0x0001 slot=0x00d1 pri=0x0200 mc=0x0001 I:\COMM-CENTRAL\.MOZILLA-TRUNK\OBJ-FB\DIST\BIN\FIREFOX.EXE XUL 0:009d86ce cs:eip=005b:11d786ce ss:esp=0053:0011bea0 ebp=0011beb8 ds=0053 es=0053 fs=150b gs=0000 efl=00212206 eax=00000000 ebx=234f5560 ecx=11ec2fac edx=00000000 edi=0011c25c esi=00000005 Process dumping was disabled, use DUMPPROC / PROCDUMP to enable it.
Created attachment 374865 [details] [diff] [review] fix for the branch As all crash addresses shown in the newsgroup had something to do with fontmetrics, a fix in gfxOS2Fonts::GetMetrics suggested itself. For the Wingdings font, the code enters the !face->charmap case and so would return unallocated metrics, causing the crash. This fix allocates the metrics before returning, so that at least there won't be a sigsev any more. This patch is against mozilla-1.9.1 but should work similarly for mozilla-central.
Assignee: nobody → mozilla
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Attachment #374865 - Flags: review?(wuno)
This is a regression from changeset http://hg.mozilla.org/mozilla-central/rev/f9ff564db145 which added improvements from gfxFT2Fonts. FF 3.0.x is not affected.
Severity: normal → major
Version: unspecified → Trunk
Severity: major → critical
Component: General → Widget: OS/2
Product: Firefox → Core
QA Contact: general → os2
Component: Widget: OS/2 → GFX: Color Management
QA Contact: os2 → color-management
Component: GFX: Color Management → GFX: Thebes
QA Contact: color-management → thebes
Created attachment 374938 [details] [diff] [review] patch for trunk Peter, for your convenience I added the patch for the trunk, the #ifdef DEBUG line you changed already (no bug #) in Dec for the trunk
Attachment #374938 - Flags: review+
Pushed: http://hg.mozilla.org/mozilla-central/rev/3a27bee3d7b5 (1.9.1 will have to wait until I figured out again how to handle new branches.)
Status: ASSIGNED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.