Open
Bug 1240158
Opened 8 years ago
Updated 2 years ago
Cairo crash in _cairo_scaled_glyph_set_metrics() when visiting certain O'Reilly blog article
Categories
(Core :: Graphics: Text, defect, P3)
Tracking
()
People
(Reporter: andre.jaenisch, Unassigned)
Details
(Keywords: crash, Whiteboard: [gfx-noted])
Attachments
(3 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 Steps to reproduce: Open https://www.oreilly.com/ideas/5-ways-web-apps-and-sites-are-the-same-and-different in Firefox 43 on Sabayon Linux. I tried open the same page in both, private mode and without enabled add-ons (aka safe-mode). Same result. $ uname -a Linux sabayonx86-64 4.3.0-sabayon #1 SMP Wed Dec 16 22:02:39 UTC 2015 x86_64 Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz GenuineIntel GNU/Linux Actual results: The browser just closes and in a console I can see a line stating "Segmentation Fault". Nothing else. Every.Single.Time. Expected results: I want to be able to read that article
Reporter | ||
Comment 1•8 years ago
|
||
Oh, and in ~/.mozilla/firefox/Crash Reports/ there is no new file, so I cannot even upload that one :-( I hate C/C++ especially because of SegFaults :-/
https://developer.mozilla.org/en-US/docs/How_to_get_a_stacktrace_for_a_bug_report follow it for a crash stacktrace.
Reporter | ||
Comment 3•8 years ago
|
||
Bummer. Sabayon is based on Gentoo, but with binaries. Hence no emerging for me. That means, no debugging symbols in the binary :-/ Attached is a strace.
Reporter | ||
Comment 4•8 years ago
|
||
Bummer. Sabayon is based on Gentoo, but with binaries. Hence no emerging for me. That means, no debugging symbols in the binary :-/ Attached is a gdb dump.
Comment 5•8 years ago
|
||
Andre, can you try download and testing an official Mozilla build? It might have more useful debug information than your distro's Firefox build. This crash looks like it's in freetype, though I don't know the stack trace would include vpx_get_mb_ss_mmx(), a libvpx (VP8/VP9) video function. Program received signal SIGSEGV, Segmentation fault. 0x00007ffff6e60f2d in ?? () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff6e60f2d in ?? () from /lib64/libc.so.6 #1 0x00007ffff0064e83 in ?? () from /usr/lib64/libfreetype.so.6 #2 0x00007ffff006524c in ?? () from /usr/lib64/libfreetype.so.6 #3 0x00007ffff00b189f in ?? () from /usr/lib64/libfreetype.so.6 #4 0x00007ffff00afe12 in ?? () from /usr/lib64/libfreetype.so.6 #5 0x00007ffff00b27ba in ?? () from /usr/lib64/libfreetype.so.6 #6 0x00007ffff006dd95 in FT_Load_Glyph () from /usr/lib64/libfreetype.so.6 #7 0x00007ffff3a9dbd0 in vpx_get_mb_ss_mmx () from /usr/lib64/firefox/libxul.so #8 0x00007ffff3ad7efd in vpx_get_mb_ss_mmx () from /usr/lib64/firefox/libxul.so #9 0x00007ffff3ad8508 in vpx_get_mb_ss_mmx () from /usr/lib64/firefox/libxul.so #10 0x00007ffff2845d30 in ?? () from /usr/lib64/firefox/libxul.so #11 0x00007ffff284622f in ?? () from /usr/lib64/firefox/libxul.so #12 0x00007ffff284650e in ?? () from /usr/lib64/firefox/libxul.so #13 0x00007ffff2845f6c in ?? () from /usr/lib64/firefox/libxul.so
Product: Firefox → Core
Updated•8 years ago
|
Flags: needinfo?(andre.jaenisch)
Reporter | ||
Comment 6•8 years ago
|
||
Produced with Firefox 45.0a1 (Developer Edition) on 16th Jan 2016: https://crash-stats.mozilla.com/report/index/bb24dc80-33c3-4ca9-bcdb-cb92f2160116 On Chromium the tab crashes, too. Interestingly I could read it with Firefox executed with root privileges o_O
Flags: needinfo?(andre.jaenisch)
Reporter | ||
Comment 7•8 years ago
|
||
My graphics card: $ sudo lspci -nnk | grep -i VGA -A2 00:02.0 VGA compatible controller [0300]: Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller [8086:0126] (rev 09) Subsystem: Lenovo 2nd Generation Core Processor Family Integrated Graphics Controller [17aa:21cf] Kernel driver in use: i915 driver name and version: $ glxinfo | grep 'OpenGL version string' OpenGL version string: 3.0 Mesa 11.1.0
Reporter | ||
Comment 8•8 years ago
|
||
um, 45.0a2, My bad.
Reporter | ||
Comment 9•8 years ago
|
||
Stracelog with Firefox Developer Edition v45.0a2.
Comment 10•8 years ago
|
||
Thanks, Andre. The crash report is very helpful! Its stack trace is much clearer than the one from Sabayon build. This is a null pointer crash deep inside libfreetype.so, called from our Cairo code.
Status: UNCONFIRMED → NEW
status-firefox43:
--- → affected
status-firefox44:
--- → ?
status-firefox45:
--- → affected
status-firefox46:
--- → ?
Component: Untriaged → Graphics: Text
Ever confirmed: true
Summary: Segfault when visiting certain O'Reilly blog article → Cairo crash in _cairo_scaled_glyph_set_metrics() when visiting certain O'Reilly blog article
Whiteboard: [gfx-noted]
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•