Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 75719 - Mozilla-based browsers crash on various sites
Summary: Mozilla-based browsers crash on various sites
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Mozilla Gentoo Team
URL: http://www.davep.org/mutt/screenshots/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-12-26 10:15 UTC by Tobias Klausmann (RETIRED)
Modified: 2005-06-13 02:00 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Klausmann (RETIRED) gentoo-dev 2004-12-26 10:15:41 UTC 
Loading above URL results in segfault for mozilla-firefox-bin, mozilla and galeon. Same happens with http://www.ati.com/ and probably others. Disabling JavaScript and/or Java does not help

Versions:
net-www/galeon-1.3.18
net-www/mozilla-1.7.3-r3
net-www/mozilla-firefox-bin-1.0

emerge info:
Portage 2.0.51-r8 (default-linux/x86/2004.0, gcc-3.4.3, glibc-2.3.4.20041102-r0, 2.6.10 i686)
=================================================================
System uname: 2.6.10 i686 AMD Athlon(tm) XP 2500+
Gentoo Base System version 1.6.8
Python:              dev-lang/python-2.3.4 [2.3.4 (#1, Aug 28 2004, 15:40:35)]
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
dev-lang/python:     2.3.4
sys-devel/autoconf:  2.59-r6, 2.13
sys-devel/automake:  1.7.9, 1.4_p6, 1.8.5-r2, 1.6.3, 1.5, 1.9.3
sys-devel/binutils:  2.15.92.0.2-r2
sys-devel/libtool:   1.5.10-r2
virtual/os-headers:  2.6.8.1-r1
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-march=athlon-xp -O3 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-march=athlon-xp -O3 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distcc distlocks sandbox sfperms"
GENTOO_MIRRORS="http://gentoo.tiscali.nl/gentoo/ http://gyroscope.acm.cs.rpi.edu/gentoo/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync5.de.gentoo.org/gentoo-portage"
USE="x86 X aalib acl alsa apache2 apm avi berkdb bitmap-fonts bonobo cdr crypt cscope cups dga dvd encode esd exif fam flac foomaticdb fortran gd gdbm ggi gif gphoto2 gpm gstreamer gtk gtk2 guile imagemagick imlib ipv6 jack jpeg libwww mad mikmod mmx motif mozilla moznocompose moznoirc moznomail mp3 mpeg mysql ncurses nls nptl nptlonly oggvorbis opengl oss pam pdflib perl png python quicktime readline scanner sdl slang speex spell ssl tcltk tcpd tetex tiff truetype unicode usb userlocales v4l v4l2 xml xml2 xmms xv zlib"

I have the strong suspicion that it's actually a bug in one of the used shlibs. Which one, I don't know. Currently, I'm compiling mozilla and galeon with debugging enabled. I hope to coax some info out of the core files with gdb.
Comment 1 Tobias Klausmann (RETIRED) gentoo-dev 2004-12-26 11:25:36 UTC 
Just before dying, galeon emits:

###!!! ASSERTION: font metrics should not be null - bug 136248: 'NS_SUCCEEDED(rv)', file nsDeviceContext.cpp, line 668

So I set "Always use these fonts" in the Prefs. And voila: I can view www.ati.com.

I guess it's either an evil fontspec or some garbled CSS parsing. There are lots of warnings of the form:

CSS Error (http://www.ati.com/ :1.7): Error in parsing value for property 'border'.  Declaration dropped.

and:

WARNING: Couldn't add reflow command, so splitting.

If there's any more info I can provide, just drop me a line.

PS: even with USE=debug, galeon does not produce core files.
Comment 2 Tobias Klausmann (RETIRED) gentoo-dev 2004-12-26 12:00:10 UTC 
Okay, here's the mozilla backtrace

(gdb) bt
#0  0xffffe410 in ?? ()
#1  0x0806c3b3 in ah_crap_handler(int) ()
#2  0xb5db3f20 in nsProfileLock::FatalSignalHandler(int) () from /usr/lib/mozilla/components/libprofile.so
#3  <signal handler called>
#4  0xb6bcc73d in nsTextFrame::TextStyle::TextStyle(nsIPresContext*, nsIRenderingContext&, nsStyleContext*) () from /usr/lib/mozilla/components/libgklayout.so
#5  0xb6bcb683 in nsTextFrame::MeasureText(nsIPresContext*, nsHTMLReflowState const&, nsTextTransformer&, nsILineBreaker*, nsTextFrame::TextStyle&, nsTextFrame::TextReflowData&) ()
   from /usr/lib/mozilla/components/libgklayout.so
#6  0xb6b7e428 in nsLineLayout::ReflowFrame(nsIFrame*, unsigned&, nsHTMLReflowMetrics*, int&) () from /usr/lib/mozilla/components/libgklayout.so
#7  0xb6b24c49 in nsBlockFrame::ReflowInlineFrame(nsBlockReflowState&, nsLineLayout&, nsLineList_iterator, nsIFrame*, unsigned char*) () from /usr/lib/mozilla/components/libgklayout.so
#8  0xb6b26857 in nsBlockFrame::DoReflowInlineFrames(nsBlockReflowState&, nsLineLayout&, nsLineList_iterator, int*, unsigned char*, int, int) ()
   from /usr/lib/mozilla/components/libgklayout.so
#9  0xb6b26cc1 in nsBlockFrame::DoReflowInlineFramesAuto(nsBlockReflowState&, nsLineList_iterator, int*, unsigned char*, int, int) () from /usr/lib/mozilla/components/libgklayout.so
#10 0xb6b26eb4 in nsBlockFrame::ReflowInlineFrames(nsBlockReflowState&, nsLineList_iterator, int*, int, int) () from /usr/lib/mozilla/components/libgklayout.so
#11 0xb6b27e44 in nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*, int) () from /usr/lib/mozilla/components/libgklayout.so
#12 0xb6b28b05 in nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&) () from /usr/lib/mozilla/components/libgklayout.so
#13 0xb6b2e30c in nsBlockFrame::RenumberLists(nsIPresContext*) () from /usr/lib/mozilla/components/libgklayout.so
#14 0xb6b348c0 in nsBlockReflowContext::ReflowBlock(nsRect const&, int, nsCollapsingMargin&, int, nsMargin&, nsHTMLReflowState&, unsigned&) ()
   from /usr/lib/mozilla/components/libgklayout.so
#15 0xb6b2726c in nsBlockFrame::ReflowBlockFrame(nsBlockReflowState&, nsLineList_iterator, int*) () from /usr/lib/mozilla/components/libgklayout.so
#16 0xb6b27cf1 in nsBlockFrame::ReflowLine(nsBlockReflowState&, nsLineList_iterator, int*, int) () from /usr/lib/mozilla/components/libgklayout.so
#17 0xb6b28b05 in nsBlockFrame::ReflowDirtyLines(nsBlockReflowState&) () from /usr/lib/mozilla/components/libgklayout.so
#18 0xb6b2e30c in nsBlockFrame::RenumberLists(nsIPresContext*) () from /usr/lib/mozilla/components/libgklayout.so
#19 0xb6b3e877 in nsContainerFrame::ReflowChild(nsIFrame*, nsIPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) ()
   from /usr/lib/mozilla/components/libgklayout.so
#20 0xb6b60100 in NS_NewCanvasFrame(nsIPresShell*, nsIFrame**) () from /usr/lib/mozilla/components/libgklayout.so
#21 0xb6c82056 in nsBoxToBlockAdaptor::Reflow(nsBoxLayoutState&, nsIPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&, int, int, int, int, int) ()
   from /usr/lib/mozilla/components/libgklayout.so
#22 0xb6c82708 in nsBoxToBlockAdaptor::Reflow(nsBoxLayoutState&, nsIPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&, int, int, int, int, int) ()
   from /usr/lib/mozilla/components/libgklayout.so
#23 0xb6c78550 in nsIBox::AddCSSCollapsed(nsBoxLayoutState&, nsIBox*, int&) () from /usr/lib/mozilla/components/libgklayout.so
#24 0xb6c74f86 in nsScrollBoxFrame::CreateScrollingView(nsIPresContext*) () from /usr/lib/mozilla/components/libgklayout.so
#25 0xb6c78550 in nsIBox::AddCSSCollapsed(nsBoxLayoutState&, nsIBox*, int&) () from /usr/lib/mozilla/components/libgklayout.so
#26 0xb6c83b19 in nsContainerBox::LayoutChildAt(nsBoxLayoutState&, nsIBox*, nsRect const&) () from /usr/lib/mozilla/components/libgklayout.so
#27 0xb6b5a2fb in nsGfxScrollFrameInner::LayoutBox(nsBoxLayoutState&, nsIBox*, nsRect const&) () from /usr/lib/mozilla/components/libgklayout.so
#28 0xb6b5be8d in nsGfxScrollFrameInner::Layout(nsBoxLayoutState&) () from /usr/lib/mozilla/components/libgklayout.so
#29 0xb6b5cd31 in nsGfxScrollFrameInner::Layout(nsBoxLayoutState&) () from /usr/lib/mozilla/components/libgklayout.so
#30 0xb6c78550 in nsIBox::AddCSSCollapsed(nsBoxLayoutState&, nsIBox*, int&) () from /usr/lib/mozilla/components/libgklayout.so
#31 0xb6c7f809 in nsBoxFrame::IsInitialReflowForPrintPreview(nsBoxLayoutState&, int&) () from /usr/lib/mozilla/components/libgklayout.so
#32 0xb6b59b9b in nsGfxScrollFrame::GetScrollbarStyles() const () from /usr/lib/mozilla/components/libgklayout.so
#33 0xb6b3e877 in nsContainerFrame::ReflowChild(nsIFrame*, nsIPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) ()
   from /usr/lib/mozilla/components/libgklayout.so
#34 0xb6bd2438 in ViewportFrame::AdjustReflowStateForScrollbars(nsHTMLReflowState*) const () from /usr/lib/mozilla/components/libgklayout.so
#35 0xb6b9cae6 in IncrementalReflow::Dispatch(nsIPresContext*, nsHTMLReflowMetrics&, nsSize const&, nsIRenderingContext&) () from /usr/lib/mozilla/components/libgklayout.so
#36 0xb6bad81d in PresShell::ProcessReflowCommands(int) () from /usr/lib/mozilla/components/libgklayout.so
#37 0xb6bb8b68 in ReflowEvent::HandleEvent() () from /usr/lib/mozilla/components/libgklayout.so
#38 0xb6badb3d in PresShell::ProcessReflowCommands(int) () from /usr/lib/mozilla/components/libgklayout.so
#39 0xb751c68b in PL_HandleEvent () from /usr/lib/mozilla/libxpcom.so
#40 0xb751d120 in PL_ProcessPendingEvents () from /usr/lib/mozilla/libxpcom.so
#41 0xb751f87b in nsEventQueueImpl::nsEventQueueImpl() () from /usr/lib/mozilla/libxpcom.so
#42 0xb5e0dca5 in nsCOMPtr<nsIEnumerator>::nsCOMPtr(already_AddRefed<nsIEnumerator> const&) () from /usr/lib/mozilla/components/libwidget_gtk2.so
#43 0xb7aa0b1d in g_vasprintf () from /usr/lib/libglib-2.0.so.0
#44 0xb7a718a4 in g_source_remove_poll () from /usr/lib/libglib-2.0.so.0
#45 0xb7a741d0 in g_main_context_acquire () from /usr/lib/libglib-2.0.so.0
#46 0xb7a7455a in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#47 0xb7d23c53 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#48 0xb5e0e6d2 in nsAppShell::ReleaseGlobals() () from /usr/lib/mozilla/components/libwidget_gtk2.so
#49 0xb5f0dcd8 in nsAppShellService::HandleExitEvent(PLEvent*) () from /usr/lib/mozilla/components/libnsappshell.so
#50 0x0806300a in DoCommandLines(nsICmdLineService*, int, int*) ()
#51 0x080637e5 in main ()
#52 0xb7763000 in __libc_start_main () from /lib/libc.so.6
Comment 3 gent_bz 2004-12-26 16:31:20 UTC 
The problem seems to lie with freetype-2.1.9

emerge =freetype-2.1.5-r1 made the problem go away.  Not a fix, but a workaround.
Comment 4 Tobias Klausmann (RETIRED) gentoo-dev 2004-12-27 01:57:40 UTC 
This also seems to be architecture-specific. I have two machines with nearly identical package sets (both on ~x86), but only one exhibits this problem. The affected machine is an Athlon XP, the unaffected a P4.
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2005-03-12 06:11:01 UTC 
With freetype-2.1.9-r1 this seems fixed. From my POV the bug can be closed.

Sorry for taking so long reporting back :-/
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2005-06-13 02:00:56 UTC 
I'll close it, then.