Closed
Bug 252819
Opened 20 years ago
Closed 20 years ago
Mozilla 1.7.1 crashing on certain web pages with memory fault
Categories
(Core Graveyard :: GFX: Gtk, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 253801
People
(Reporter: kde, Assigned: blizzard)
References
()
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.7.1) Gecko/20040718
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.7.1) Gecko/20040718
After installing 1.7.1, mozilla started crashing when entering certain web
sites. http://freenode.net/ is one example (it also hogs cpu for a couple of
seconds when loading). It appears to be ok, but crashes when page is scrolled
down. Another one is http://free.art.pl/czersky/gg/. This one is instant crash.
The problem did not occured in mozilla 1.7.
I've ran mozilla with freenode.net through valgrind and have the following
results (sorry, I don't have debug build of mozilla):
==9341== Invalid read of size 4
==9341== at 0x1C9A8BC1: nsTextFrame::TextStyle::TextStyle(nsIPresContext*,
nsIRenderingContext&, nsStyleContext*) (in
/usr/lib/mozilla/components/libgklayout.so)
==9341== by 0x1C99ED3C: (within /usr/lib/mozilla/components/libgklayout.so)
==9341== by 0x1C9567CD: nsContainerFrame::PaintChild(nsIPresContext*,
nsIRenderingContext&, nsRect const&, nsIFrame*, nsFramePaintLayer, unsigned) (in
/usr/lib/mozilla/components/libgklayout.so)
==9341== by 0x1C9566B1: nsContainerFrame::PaintChildren(nsIPresContext*,
nsIRenderingContext&, nsRect const&, nsFramePaintLayer, unsigned) (in
/usr/lib/mozilla/components/libgklayout.so)
==9341== Address 0x0 is not stack'd, malloc'd or (recently) free'd
Reading from 0 of course causes segmentation violation.
Reproducible: Always
Steps to Reproduce:
1. Open mozilla 1.7.1
2. Go to http://freenode.net/
3. Scroll down (or probably just witness crash, if you have big enough resolution)
Actual Results:
Memory fault.
Expected Results:
Obviously, not crash.
From about:buildconfig:
Compiler:
athlon-pld-linux-gcc gcc version 3.3.4 (PLD Linux) -Wall -W -Wno-unused
-Wpointer-arith -Wcast-align -Wno-long-long -O2 -march=athlon -ggdb -pthread -pipe
athlon-pld-linux-g++ gcc version 3.3.4 (PLD Linux) -fno-rtti -fno-exceptions
-Wall -Wconversion -Wpointer-arith -Wcast-align -Woverloaded-virtual -Wsynth
-Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-long-long -Wno-deprecated
-fshort-wchar -pthread -pipe -I/usr/X11R6/include
Configure arguments:
--host=athlon-pld-linux --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin
--sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share
--includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/lib
--localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man
--infodir=/usr/share/info --x-libraries=/usr/X11R6/lib --disable-debug
--disable-elf-dynstr-gc --disable-pedantic --disable-tests --enable-calendar
--enable-crypto --enable-extensions --enable-ldap --enable-mathml
'--enable-optimize=-O2\ -march=athlon\ -ggdb' --enable-postscript --enable-strip
--enable-svg --enable-svg-renderer-cairo --disable-toolkit-gtk
--enable-default-toolkit=gtk2 --enable-xft --enable-xinerama --enable-xprint
--disable-xterm-updates --enable-old-abi-compat-wrappers
--with-default-mozilla-five-home=/usr/lib/mozilla --with-pthreads
--with-system-jpeg --with-system-nspr --with-system-png --with-system-zlib --with-x
|
Reporter | |
Comment 1•20 years ago
|
||
Update: Mozilla 1.7 also crashes on these sites, so this has to be something
other on my system, as it were OK just couple of days ago. I recently changed
from XFree86 to X.org, so this could be cause of the problem. Rebuilding mozilla
with X.org libs doesn't change anything.
|
|
Reporter | |
Comment 2•20 years ago
|
||
After building with debug enabled:
(...)
CSS Error (http://freenode.net/tweaks.css :454.2): Expected declaration but
found 'Â '. Skipped to next declaration.
Document http://freenode.net/ loaded successfully
###!!! ASSERTION: font metrics should not be null - bug 136248:
'NS_SUCCEEDED(rv)', file nsDeviceContext.cpp, line 668
Break: at file nsDeviceContext.cpp, line 668
Program mozilla-bin (pid = 13195) received signal 11.
(...)
|
||
Comment 3•20 years ago
|
||
Bartosz Taudul: Could you provide TalkBack incident ID (of official build crash)?
|
|
Reporter | |
Comment 4•20 years ago
|
||
Official build doesn't crash. But it uses gtk1 and my build uses gtk2 and freetype.
My mozilla is built from this spec file:
http://cvs.pld-linux.org/cgi-bin/cvsweb/SPECS/mozilla.spec?rev=1.316
I have freetype 2.1.9 installed.
|
|
Reporter | |
Comment 5•20 years ago
|
||
Afrer downgrading freetype to 2.1.7 all works ok. Without rebuilding mozilla.
There's one more thing connected with that bug. On the web page
http://www.homelanfed.com/index.php?id=24814 mozilla with freetype 2.1.7
displays some, probably incorrectly encoded, characters as question marks in
white rhombs. And mozilla with freetype 2.1.9 doesn't show anything to the right
of the place where the question mark should be.
Assignee: general → blizzard
Component: Browser-General → GFX: Gtk
QA Contact: general → ian
Whiteboard: DUPEME
*** This bug has been marked as a duplicate of 253801 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
|
||
Updated•16 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•