Closed Bug 71080 Opened 23 years ago Closed 23 years ago

changing font size > 150% crashes mozilla

Categories

(Core :: XUL, defect)

x86
Linux
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 59355

People

(Reporter: renelanz, Assigned: jag+mozbugs)

References

()

Details

(Keywords: crash)

From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (X11; U; Linux 2.2.10 i686)
BuildID:    pulled tree on march 5

The above URL is just the startup page. Just let mozilla start up, then try to
change the font size:

View -> Text Size -> 150%

crashes mozilla. Surprisingly, increasing the font size gradually does not crash
it! Decreasing also results in a crash (increased to 300%, tried to decrease).

Reproducible: Always
Steps to Reproduce:
1.Let mozilla start up, defaultpage is http://www.bluewin.ch
2.View -> Text Size -> 150%


Actual Results:  3.crash

Expected Results:  Display the page with the new font size :)

This problem was filed under 65542 on a BSD system but closed already.
I get no crash on a debug build from 2001-03-06, but lots of:

###!!! ASSERTION: Negative Height Result- very bad: 'mComputedHeight>=0', file
nsHTMLReflowState.cpp, line 2444
I also get no crash on 20001030605.
->jag
Assignee: trudelle → disttsc
1) pulled the tree on March 6 again. Still have the crash!!! Compiled with gcc
2.95.2:

./configure --disable-debug --disable-tests --disable-dtd-debug
--disable-mailnews --with-extensions=default,irc --enable-bidi
--enable-strip-libs --enable-lea --enable-elf-dynstr-gc --enable-optimize=-O2

2) The crash also occours if I create a new profile (the default page is blank
then)

3) Messages BEFORE I change the fontsize, right after startup:
JavaScript error: 
chrome://communicator/content/securityUI.js line 29:
Components.classes['@mozilla.org/secure_browser_ui;1'] has no properties

Document about:blank loaded successfully

4) Now, changing font size results in:
pure virtual method called
/usr/src/mozilla/dist/bin/run-mozilla.sh: line 72: 11675 Aborted                
$prog ${1+"$@"}
Could you see if a nightly also crashes for you? 

Also, if you have the time, could you try compiling without the
--enable-optimize=-O2 (which has caused trouble for us with 2.95.2 before)
and/or --disable-debug (for additional feedback) and see if you still crash?
I pulled the tree again on March 10th. This time I compiled with

./configure --disable-tests --disable-mailnews --with-extensions=default,irc 

(omitting -O2) and there was no crash anymore. Hence the problems seems to
appear only with O2. Should I compile with -O2 and debug infos this time or are
you not interested in crash data from optimized builds yet?
Well, if it's the -O2 it sounds like the problem is your compiler, not Mozilla.
I think ultimately our advice would be "don't do that" or "get a better
compiler", but there may be a work-around, so I'm cc'ing some people who might
know more about -O2 problems with gcc.
I compared compiles with the following options on recent pulls:

OK
./configure --disable-tests --disable-mailnews --with-extensions=default,irc
--enable-new-cache --enable-optimize=-O2

OK
./configure --disable-tests --disable-mailnews --with-extensions=default,irc
--enable-strip-libs --enable-lea --enable-elf-dynstr-gc --enable-optimize=-O2

==============

crash when changing textsize afterwards
./configure --disable-debug --disable-tests --disable-dtd-debug
--disable-mailnews --with-extensions=default,irc --enable-strip-libs
--enable-lea --enable-elf-dynstr-gc --enable-optimize=-O2

OK
./configure --disable-tests --disable-dtd-debug --disable-mailnews
--with-extensions=default,irc --enable-strip-libs --enable-lea
--enable-elf-dynstr-gc --enable-optimize=-O2

=============
Please compare the last 2 compiles: In the first one, --disable-debug is an
additional flag, everything else is the same.

o If you compile with debugging turned on but strip the symbols afterwards, the
build will work.

o If you tune the build (switch debugging off completely), the crash happens
when you change the text size.

1) Did anybody else see incorrect builds with the above options?
2) If I am the only one having this, I stop using optimized builds. But if there
is a chance to find a mysterious bug (either in mozilla or gcc 2.95.2) related
to --disable-debug, it may be worth following it.
Can you get a stack trace of your crash?
<shaver> jag: he could try just disabling debug for the component in which he
crashes
<shaver> jag: and he could try with gcc 2.95.3

So what you could do is try and find out which module the crash is in (if it's
the actual zoom code that's probably "docshell") and compile with
--disable-debug --with-debug-modules=docshell -O2 (etc.). Not sure if that works
though.
Keywords: crash
Compiled as follows:

./configure --disable-debug --disable-tests --disable-dtd-debug
--disable-mailnews --enable-lea --enable-elf-dynstr-gc --enable-optimize=-O2

Setting a breakpoint at abort() causes a display lockup hence I started my debug
session on a text terminal:

1) Changed "moz_get_debugger()" in run-mozilla.sh to start gdb instead of ddd
session
2) setting DISPLAY in terminal
3) mozilla -g starts my lovely gdb now
4) (gdb) b abort
5) (gdb) pru, starts mozilla on X console
6) View -> TextSize -> 150, switch back to console

Now see attached log.

How do I get 2.95.3? GCC homepage seems not to be ready as yet as the download
section presents only the 2.92.2 version...

------
dist/bin/run-mozilla.sh -g dist/bin/mozilla-bin
MOZILLA_FIVE_HOME=/usr/src/mozilla/dist/bin
  LD_LIBRARY_PATH=/usr/src/mozilla/dist/bin
     LIBRARY_PATH=/usr/src/mozilla/dist/bin:/usr/src/mozilla/dist/bin/components
       SHLIB_PATH=/usr/src/mozilla/dist/bin
          LIBPATH=/usr/src/mozilla/dist/bin
       ADDON_PATH=/usr/src/mozilla/dist/bin
      MOZ_PROGRAM=dist/bin/mozilla-bin
      MOZ_TOOLKIT=
        moz_debug=1
     moz_debugger=
/usr/local/bin/gdb dist/bin/mozilla-bin -x /tmp/mozargs1202
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(gdb) b abort
(gdb) pru
Breakpoint 1 at 0x804f0dd
0x804f0dd in main ()
Registering plugin 0 for: "*","All types",".*"
Registering plugin 0 for: "*","All types",".*"
Error loading URL http://www.bluewin.ch/: 804b001e 
Gdk-Message: Got event for unknown window: 0x3c00070
.....

Gdk-Message: Got event for unknown window: 0x3c00070

[New Thread 1214 (manager thread)]
[New Thread 1212 (initial thread)]
....
[New Thread 1237]

Program received signal SIGABRT, Aborted.
0x4022bab1 in __kill () from /lib/libc.so.6
(gdb) shar
....
Loaded symbols for /usr/src/mozilla/dist/bin/components/liblwbrk.so
(gdb) 
(gdb) where
#0  0x4022bab1 in __kill () from /lib/libc.so.6
#1  0x401e13f7 in pthread_kill (thread=1024, signo=6) at signals.c:63
#2  0x401e17c0 in raise (sig=6) at signals.c:189
#3  0x4022cef3 in abort () at ../sysdeps/generic/abort.c:88
#4  0x400f5dbb in __default_terminate ()
   from /usr/src/mozilla/dist/bin/libxpcom.so
#5  0x400f5ddc in __terminate () from /usr/src/mozilla/dist/bin/libxpcom.so
#6  0x400f5796 in __pure_virtual () from /usr/src/mozilla/dist/bin/libxpcom.so
#7  0x40f68d3f in int Compare<unsigned short> ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#8  0x40f690ba in basic_nsAReadableString<unsigned short>::Compare ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#9  0x40f3e712 in nsMenuFrame::UpdateMenuSpecialState ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#10 0x40f3c6d3 in nsMenuFrame::AttributeChanged ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#11 0x40ede582 in nsCSSFrameConstructor::AttributeChanged ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#12 0x40bdbb75 in StyleSetImpl::AttributeChanged ()
   from /usr/src/mozilla/dist/bin/components/libgkcontent.so
#13 0x40e8015c in PresShell::AttributeChanged ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#14 0x40b3defa in nsXULDocument::AttributeChanged ()
   from /usr/src/mozilla/dist/bin/components/libgkcontent.so
#15 0x40b28765 in nsXULElement::SetAttribute ()
   from /usr/src/mozilla/dist/bin/components/libgkcontent.so
#16 0x40b28897 in nsXULElement::SetAttribute ()
   from /usr/src/mozilla/dist/bin/components/libgkcontent.so
#17 0x40f3bd34 in nsMenuFrame::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#18 0x40e8102d in PresShell::HandleEventInternal ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#19 0x40e80e27 in PresShell::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgklayout.so
#20 0x40fbcad3 in nsView::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#21 0x40fbca55 in nsView::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#22 0x40fbca55 in nsView::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#23 0x40fbca55 in nsView::HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#24 0x40fcd484 in nsViewManager2::DispatchEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#25 0x40fbc448 in HandleEvent ()
   from /usr/src/mozilla/dist/bin/components/libgkview.so
#26 0x404e5071 in nsWidget::DispatchEvent ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#27 0x404e4f78 in nsWidget::DispatchWindowEvent ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#28 0x404e50fd in nsWidget::DispatchMouseEvent ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#29 0x404e5eaf in nsWidget::OnButtonReleaseSignal ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#30 0x404ea0a6 in nsWindow::HandleGDKEvent ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#31 0x404df58a in dispatch_superwin_event ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#32 0x404df31d in handle_gdk_event ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#33 0x40652cab in gdk_event_dispatch (source_data=0x0, 
    current_time=0xbffff574, user_data=0x0) at gdkevents.c:2098
#34 0x4067f4d3 in g_main_dispatch (current_time=0xbffff574) at gmain.c:652
#35 0x4067fb0b in g_main_iterate (block=1, dispatch=1) at gmain.c:870
#36 0x4067fcc1 in g_main_run (loop=0x81aff70) at gmain.c:928
#37 0x405a1f0b in gtk_main () at gtkmain.c:475
#38 0x404d6845 in nsAppShell::Run ()
   from /usr/src/mozilla/dist/bin/components/libwidget_gtk.so
#39 0x4036ab13 in nsAppShellService::Run ()
   from /usr/src/mozilla/dist/bin/components/libnsappshell.so
#40 0x804e8dd in main1 ()
#41 0x804f21c in main ()
#42 0x40225213 in __libc_start_main (main=0x804f0d4 <main>, argc=1, 
    argv=0xbffff7b4, init=0x804b100 <_init>, fini=0x8054fc0 <_fini>, 
    rtld_fini=0x4000ac30 <_dl_fini>, stack_end=0xbffff7ac)
    at ../sysdeps/generic/libc-start.c:90

(gdb) info threads
  25 Thread 1237  0x4022bb6e in __sigsuspend (set=0xbcbffb78)
    at ../sysdeps/unix/sysv/linux/sigsuspend.c:48
  4 Thread 1216  0x4022bb6e in __sigsuspend (set=0xbf5ffb78)
    at ../sysdeps/unix/sysv/linux/sigsuspend.c:48
  3 Thread 1215  0x402bbd4d in __poll (fds=0xbf7ffc6c, nfds=1, timeout=20955)
    at ../sysdeps/unix/sysv/linux/poll.c:45
* 2 Thread 1212 (initial thread)  0x4022bab1 in __kill () from /lib/libc.so.6
  1 Thread 1214 (manager thread)  0x402bbd4d in __poll (fds=0x80fd478, nfds=1, 
    timeout=2000) at ../sysdeps/unix/sysv/linux/poll.c:45
This looks an aweful lot like bug 59355..what do you guys think?
Yes.. i think it's the same problem as 59355.. and many others:
Font resizing crash-bugs are reported regularly. Some of the nasty ones
"vanished" as dups of bugs now marked fixed.
Bug 49674 and bug 61117 were for instance dup'ed against bug 54963, but they
still crash.
and maybe related to bug 68208

*** This bug has been marked as a duplicate of 59355 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.