37795 – [Cairo] Crash with MgOpenModerna font, with non-UTF-8 character

RESOLVED FIXED Bug 37795

[Cairo] Crash with MgOpenModerna font, with non-UTF-8 character

https://bugs.webkit.org/show_bug.cgi?id=37795

Summary [Cairo] Crash with MgOpenModerna font, with non-UTF-8 character

Gustavo Noronha (kov)

Reported 2010-04-19 05:55:21 PDT

Just going to that URL makes WebKit crash here: #0 0x00007ffff3956983 in FcPatternObjectPosition (p=0x0, object=34) at fcpat.c:333 #1 FcPatternObjectFindElt (p=0x0, object=34) at fcpat.c:334 #2 0x00007ffff3956a20 in FcPatternObjectGet (p=0x0, object=34, id=0, v=0x7fffffffc9b0) at fcpat.c:728 #3 0x00007ffff3954919 in IA__FcFontSetSort (config=<value optimized out>, sets=0x7fffffffca40, nsets=<value optimized out>, p=0x0, trim=1, csp=0x0, result=0x7fffffffcaac) at fcmatch.c:692 #4 0x00007ffff3954ecf in IA__FcFontSort (config=0x0, p=<value optimized out>, trim=<value optimized out>, csp=0x0, result=<value optimized out>) at fcmatch.c:836 #5 0x00007ffff6634924 in WebCore::FontCache::getFontDataForCharacters (this=0x734fe0, font=..., characters=0x7fffffffcb80, length=1) at ../../WebCore/platform/graphics/cairo/FontCacheCairo.cpp:43 #6 0x00007ffff6271ab0 in WebCore::Font::glyphDataForCharacter (this=0xd1b5b0, c=65533, mirror=false, forceSmallCaps=false) at ../../WebCore/platform/graphics/FontFastPath.cpp:145 I'll attach the full backtrace.

Attachments
full backtrace (15.30 KB, text/plain) 2010-04-19 05:56 PDT, Gustavo Noronha (kov)	no flags	Details
reduced testcase (567 bytes, text/html) 2010-04-19 05:58 PDT, Gustavo Noronha (kov)	no flags	Details
candidate fix (48.80 KB, patch) 2010-04-19 06:14 PDT, Gustavo Noronha (kov)	abarth: review- gustavo: commit-queue-	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Gustavo Noronha (kov)

Comment 1 2010-04-19 05:56:51 PDT

Created attachment 53672 [details] full backtrace

Gustavo Noronha (kov)

Comment 2 2010-04-19 05:58:46 PDT

Created attachment 53673 [details] reduced testcase

Gustavo Noronha (kov)

Comment 3 2010-04-19 06:14:32 PDT

Created attachment 53674 [details] candidate fix This patch fixes the crash, but I am not sure what could cause those to be null (which could lead me to a better way of testing this than the one I came up with). If anyone knows better, I'm open for suggestions.

David Levin

Comment 4 2010-05-06 14:58:02 PDT

Not a review but the license for the font doesn't appear to be one of the permitted licenses, so I doubt this patch can be taken.

Gustavo Noronha (kov)

Comment 5 2010-05-07 06:36:47 PDT

(In reply to comment #4) > Not a review but the license for the font doesn't appear to be one of the > permitted licenses, so I doubt this patch can be taken. Yeah, I believe you're right.

Adam Barth

Comment 6 2010-06-20 10:35:05 PDT

Comment on attachment 53674 [details] candidate fix If we can't accept the font license, then we can't accept the patch as written. :( Is there a way to create a reduced test case for this crash that doesn't involve license-incompatible content?

Martin Robinson

Comment 7 2011-02-11 15:54:49 PST

After all the font changes and looking at this patch, I don't think this could be an issue any longer. I'll close it for now. If I'm mistaken, please feel free to re-open this.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS OS X 10.5

Product WebKit

Component WebKitGTK

Assignee

Nobody

Reported

2010-04-19 05:55 PDT

Modified

2011-02-11 15:54 PST History

CC List

4 users Show

URL

http://osunick.com/2010/04/13/rocking-your-firefox/

Keywords

Depends on

Blocks