Closed
Bug 770263
Opened 13 years ago
Closed 13 years ago
crash in _cairo_ft_font_face_scaled_font_create @ libxul.so@0xe... when opening links on http://www.golem.de/ticker/
Categories
(Core :: Graphics: Text, defect)
Tracking
()
RESOLVED
FIXED
mozilla16
| Tracking | Status | |
|---|---|---|
| firefox15 | --- | unaffected |
| firefox16 | --- | fixed |
| fennec | 16+ | --- |
People
(Reporter: aryx, Unassigned)
References
Details
(4 keywords, Whiteboard: [native-crash])
Crash Data
Fennec native nightly 2012-07-02 (but also seen with previous version, 2012-07-01 if I remember correct)
Android 4.0.4 (stock)
Google Nexus S
I got several times a crash [@ libxul.so@0xeb9144] and once [@ libxul.so@0xeb8a84] after visiting http://www.golem.de/ticker/ and opening a linked story by tapping it long and choosing "Open in a new tab" from the context menu. Opening a new tab in the same way on a different page worked as expected.
https://crash-stats.mozilla.com/report/index/bp-b16eac9f-03fd-4943-8810-241e42120702
https://crash-stats.mozilla.com/report/index/bp-278c8589-b3f5-4e8a-b264-bc2442120702
https://crash-stats.mozilla.com/report/index/bp-a02916ba-6d7b-428d-8e88-302ea2120702
|
Reporter | |
Updated•13 years ago
|
Crash Signature: libxul.so@0xeb8a84
libxul.so@0xeb9144
|
|
||
Comment 1•13 years ago
|
||
It's #1 top crasher on Nightly with about 45% of all crashes in the latest build.
The regression range is:
http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=f08d285b63b0&tochange=d9d61d199b11
It's likely a regression from bug 539356 and might be a dupe of bug 770041.
Blocks: dlbi
tracking-fennec: --- → ?
Crash Signature: libxul.so@0xeb8a84
libxul.so@0xeb9144 → [@ libxul.so@0xeb8a84]
[@ libxul.so@0xeb9144]
status-firefox15:
--- → unaffected
status-firefox16:
--- → affected
Whiteboard: [native-crash]
Version: Trunk → Firefox 16
|
|
||
Updated•13 years ago
|
Crash Signature: [@ libxul.so@0xeb8a84]
[@ libxul.so@0xeb9144] → [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
|
|
||
Updated•13 years ago
|
Crash Signature: [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ] → [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
Summary: crash [@ libxul.so@0xeb9144] and [@ libxul.so@0xeb8a84] when opening news tabs from links on http://www.golem.de/ticker/ → crash in libxul.so@0xeb... when opening news tabs from links on http://www.golem.de/ticker/
|
|
||
Comment 2•13 years ago
|
||
aryx, does it still happen in the latest build (16.0a1/20120704) as bug 539356 has been backed out?
|
|
Reporter | |
Comment 3•13 years ago
|
||
Yes, this still happens with Fennec native trunk nightly version 2012-07-04. Proof: https://crash-stats.mozilla.com/report/index/bp-ef6c357f-0162-4b39-9576-d08372120704
Summary: crash in libxul.so@0xeb... when opening news tabs from links on http://www.golem.de/ticker/ → crash in libxul.so@0xeb... when opening links on http://www.golem.de/ticker/
|
|
||
Updated•13 years ago
|
No longer blocks: dlbi
Crash Signature: [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ] → [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
[@ libxul.so@0xeb65fc ]
|
|
||
Comment 4•13 years ago
|
||
There are explicit stack traces in today's nightly:
Frame Module Signature Source
0 libxul.so libxul.so@0xebc118
1 dalvik-mark-stack (deleted) dalvik-mark-stack @0x419dffe
2 dalvik-mark-stack (deleted) dalvik-mark-stack @0x419dffe
3 dalvik-mark-stack (deleted) dalvik-mark-stack @0x419dffe
4 dalvik-mark-stack (deleted) dalvik-mark-stack @0x453dffe
5 dalvik-mark-stack (deleted) dalvik-mark-stack @0x453dffe
6 dalvik-mark-stack (deleted) dalvik-mark-stack @0x419dffe
7 dalvik-mark-stack (deleted) dalvik-mark-stack @0x419dffe
8 dalvik-mark-stack (deleted) dalvik-mark-stack @0x453dffe
9 dalvik-mark-stack (deleted) dalvik-mark-stack @0x453dffe
10 libxul.so _cairo_ft_font_face_scaled_font_create gfx/cairo/cairo/src/cairo-ft-font.c:1864
11 libxul.so _moz_cairo_scaled_font_create gfx/cairo/cairo/src/cairo-scaled-font.c:1053
12 libxul.so FT2FontEntry::CreateScaledFont gfx/thebes/gfxFT2FontList.cpp:127
13 libxul.so FT2FontEntry::CreateFontInstance gfx/thebes/gfxFT2FontList.cpp:152
14 libxul.so gfxFontEntry::FindOrMakeFont gfx/thebes/gfxFont.cpp:187
15 libxul.so gfxFontGroup::FindPlatformFont gfx/thebes/gfxFont.cpp:3050
16 libxul.so gfxFontGroup::FontResolverProc gfx/thebes/gfxFont.cpp:3296
17 libxul.so gfxFontGroup::ForEachFontInternal gfx/thebes/gfxFont.cpp:3251
18 libxul.so gfxFontGroup::ForEachFont gfx/thebes/gfxFont.cpp:3108
19 libxul.so gfxFontGroup::BuildFontList gfx/thebes/gfxFont.cpp:2946
20 libxul.so gfxFontGroup::gfxFontGroup gfx/thebes/gfxFont.cpp:2937
21 libxul.so gfxAndroidPlatform::CreateFontGroup gfx/thebes/gfxAndroidPlatform.cpp:145
22 libxul.so nsFontMetrics::Init gfx/src/nsFontMetrics.cpp:109
23 libxul.so nsFontCache::GetMetricsFor gfx/src/nsDeviceContext.cpp:139
24 libxul.so nsDeviceContext::GetMetricsFor gfx/src/nsDeviceContext.cpp:254
25 libxul.so nsLayoutUtils::GetFontMetricsForStyleContext layout/base/nsLayoutUtils.cpp:2084
26 libxul.so nsLayoutUtils::GetFontMetricsForFrame layout/base/nsLayoutUtils.cpp:2064
27 libxul.so GetFontGroupForFrame layout/generic/nsTextFrameThebes.cpp:1617
28 libxul.so BuildTextRunsScanner::BuildTextRunForFrames layout/generic/nsTextFrameThebes.cpp:1873
...
I think it's a regression from bug 769194.
More reports at:
https://crash-stats.mozilla.com/report/list?signature=libxul.so%400xebc118+|+_cairo_ft_font_face_scaled_font_create
Blocks: 769194
Crash Signature: [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
[@ libxul.so@0xeb65fc ] → [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
[@ libxul.so@0xeb65fc ]
[@ libxul.so@0xebc118 ]
[@ libxul.so@0xebc118 | _cairo_ft_font_face_scaled_font_create ]
|
||
Comment 5•13 years ago
|
||
Yes, almost certainly a regression from bug 769194; the http://www.golem.de pages are using CSS (from Google webfonts) that loads the Droid fonts using src:local() if available. I'll try to reproduce locally; but if we can't fix this quickly, we could temporarily back out 769194 to avoid the issue.
|
|
||
Updated•13 years ago
|
Component: General → Graphics: Text
Product: Firefox for Android → Core
Version: Firefox 16 → 16 Branch
|
|
||
Comment 6•13 years ago
|
||
It still accounts for about 30% of all crashes.
Crash Signature: [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
[@ libxul.so@0xeb65fc ]
[@ libxul.so@0xebc118 ]
[@ libxul.so@0xebc118 | _cairo_ft_font_face_scaled_font_create ] → [@ libxul.so@0xeb8a84 ]
[@ libxul.so@0xeb9144 ]
[@ libxul.so@0xeb9124 ]
[@ libxul.so@0xeb9174 ]
[@ libxul.so@0xeb65fc ]
[@ libxul.so@0xebc118 ]
[@ libxul.so@0xebc118 | _cairo_ft_font_face_scaled_font_create ]
[@ libxul.so@0xebd5d8 ]
[@ libxul.so@…
|
|
||
Comment 7•13 years ago
|
||
In my testing, it seems like this occurs if a page uses @font-face with src:local() to load a font that has *not* already been used directly via css font-family. So the http://www.golem.de/ticker/ article pages tend to hit it because they use Droid Serif via src:local(), but the browser's default is sans-serif and so it's quite likely that Droid Serif, or at least some of its faces, has not previously been used.
The crashes tend to be close to startup, as the longer the browser has been running, the more likely it is that the fonts will have been used "normally" through font-family already, in which case the src:local() usage no longer crashes, AFAICT.
|
||
Comment 9•13 years ago
|
||
Note that (per bug 772168 comment 2) this appears to make us crash at browserid.org, and hence prevents Nightly users from logging into any browserid-dependent site.
(In reply to Jonathan Kew (:jfkthame) from comment #5)
> but if we can't fix
> this quickly, we could temporarily back out 769194 to avoid the issue.
Perhaps a backout is in order, given the crash volume and the browserid bustage?
|
|
||
Comment 10•13 years ago
|
||
I just backed out bug 769194 on inbound, so I'm expecting these crashes to stop happening once that goes out in nightlies.
|
|
||
Updated•13 years ago
|
Crash Signature: libxul.so@0xebdc08 ]
[@ libxul.so@0xebdc08 | _cairo_ft_font_face_scaled_font_create ] → libxul.so@0xebdc08 ]
[@ libxul.so@0xebdc08 | _cairo_ft_font_face_scaled_font_create ]
[@ libxul.so@0xec5610 ]
[@ libxul.so@0xec795c ]
[@ libxul.so@0xec8edc ]
[@ libxul.so@0xec93b4 ]
Summary: crash in libxul.so@0xeb... when opening links on http://www.golem.de/ticker/ → crash in _cairo_ft_font_face_scaled_font_create @ libxul.so@0xe... when opening links on http://www.golem.de/ticker/
|
||
Updated•13 years ago
|
tracking-fennec: ? → 16+
|
|
||
Comment 11•13 years ago
|
||
AFAICT from crash-stats, this no longer occurs since the backout of 769194, so we can resolve it as FIXED; archaeopteryx, scoobidiver, would you agree?
|
|
||
Comment 12•13 years ago
|
||
(In reply to Jonathan Kew (:jfkthame) from comment #11)
> AFAICT from crash-stats, this no longer occurs since the backout of 769194,
> so we can resolve it as FIXED; archaeopteryx, scoobidiver, would you agree?
That's right.
Target Milestone: --- → mozilla16
|
|
Reporter | |
Comment 13•13 years ago
|
||
It's fixed for me in Fennec trunk nightly 2012-07-20.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•