B2G crash during opening marketplace in gfxFT2LockedFace::XScale

RESOLVED WORKSFORME

Status

()

Core
Graphics
RESOLVED WORKSFORME
5 years ago
26 days ago

People

(Reporter: gwagner, Assigned: jfkthame)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
Debug-gecko build of github-mc (https://github.com/mozilla-b2g/mozilla-central/commit/d6b79007ddbf1f9a6c5b1de4197947da343f9981) on SGS2 after opening the marketplace. 
The screen shows Communicating with server.
Maybe some memory corruption? aString=0xbeb4f1a8 "Emai\220\266"

Full BT: http://pastebin.mozilla.org/1699718
Joe can you help triage this?
Assignee: nobody → joe
Created attachment 643443 [details]
backtrace
Trying jfkthame :)
Assignee: joe → jfkthame
(Assignee)

Comment 4

5 years ago
I don't have a B2G environment set up to try and debug this... Seems like the first thing to figure out is how the string "Email" got corrupted, as seen in frame #7 etc:

#7  0x40a4921a in MakeTextRun<unsigned char> (aText=0xbeb4f1a8 "Emai\220\266", aLength=5, aFontGroup=0x1a61a58, aParams=0xbeb4f054, aFlags=17826080) at /Volumes/2mac/sgs/B2G/gecko/layout/generic/nsTextFrameThebes.cpp:534

Whatever stomped on the "l" of "Email" may well have done other damage as well.

A question (perhaps answerable by inspecting stuff in the debugger): was it just the string in the buffer being collected by BuildTextRunsScanner::BuildTextRunForFrames that got corrupted, or had the content already been damaged within the content node's text fragment?
If this is a problem with FreeType could it be reproduced in Firefox for Android? But then we don't have the same marketplace there. If this is random memory corruption it might have nothing to do with this code. We really need a reliable testcase.
Keywords: testcase-wanted
Gregor, can you reproduce in a desktop b2g build, or even FF?
(Reporter)

Comment 7

5 years ago
It seems to be fixed. I can't reproduce it on the device any more.
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → WORKSFORME

Updated

2 years ago
Group: core-security → core-security-release
Keywords: testcase-wanted
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.