[RR]mozilla crashes on resizing fonts




16 years ago
16 years ago


(Reporter: Lev Povalahev, Assigned: karnaze (gone))


({crash, regression, testcase})

crash, regression, testcase

Firefox Tracking Flags

(Not tracked)




(3 attachments)



16 years ago
Go to www.opengl.org, wait for the page to load, press (ctrl -), the fonts get
smaller, press it one more time and mozilla crashes (every time).

using the latest build(2002070404)

Comment 1

16 years ago
I'm seeing this too on Win2k 0704.  I had to increase font size with ctrl + 
before decreasing in order to see the crash.

Talkback TB8037943G
Ever confirmed: true

Comment 2

16 years ago
Also crashed in 2002070408 PC/Win98.  Talkback ID TB8038956H

Interestingly, I was able to size the fonts down 4 or 5 times without a problem.
 As soon as I went back up one font size, it crashed.

Comment 3

16 years ago
sounds like bug 155445, although that bug is crashing in Linux-specific territory.
Keywords: crash, stackwanted

Comment 4

16 years ago
top of (long) stack from a day old linux CVS, non-debug with symbols:

#0  0x00000083 in ?? ()
#1  0x416114ac in nsLineLayout::ReflowFrame () from libgklayout.so
#2  0x4160db7f in nsInlineFrame::ReflowInlineFrame () from libgklayout.so
#3  0x4160d817 in nsInlineFrame::ReflowFrames () from libgklayout.so
#4  0x4160d69c in nsInlineFrame::Reflow () from libgklayout.so
#5  0x41610ec1 in nsLineLayout::ReflowFrame () from libgklayout.so
#6  0x415e47e0 in nsBlockFrame::ReflowInlineFrame () from libgklayout.so
#7  0x415e45e8 in nsBlockFrame::DoReflowInlineFrames () from libgklayout.so

seems to happen in layout - changing component
Assignee: Matti → attinasi
Component: Browser-General → Layout
QA Contact: asa → petersen

Comment 5

16 years ago
Created attachment 90352 [details]
full non-dbug backtrace. Day old CVS, Linux

Comment 6

16 years ago
forgot: got the crash first when i sized the fonts UP again
(hitting "ctrl +" after some "ctrl -")
Summary: mozilla crashes on resizing fonts → [RR]mozilla crashes on resizing fonts
I've run into this problem on a FreeBSD 4.6-STABLE box using the latest nightlies.
I ran mozilla through gdb and managed to get a backtrace. I put the log up at

I've managed to reproduce this crash on XP, NT, 2k, Linux and FreeBSD.

Comment 8

16 years ago
Created attachment 90437 [details]
stack with symbols

debug build complains as follows while loading the page:
WARNING: aFrame is already associated with a region, file nsSpaceManager.cpp,
line 792
###!!! ASSERTION: bad floater placement: 'NS_SUCCEEDED(rv)', file
nsBlockReflowState.cpp, line 1029   (a lot of this)

when I increase font size, it says:
###!!! ASSERTION: unexpected flow: 'mFrames.ContainsFrame(nextInFlow)', file
nsInlineFrame.cpp, line 518
###!!! ASSERTION: failed to remove frame: 'result', file nsContainerFrame.cpp,
line 983
###!!! ASSERTION: non null next-in-flow: 'nsnull == nextInFlow', file
nsContainerFrame.cpp, line 997

Comment 9

16 years ago
Created attachment 90440 [details]

make fonts bigger (ctrl +), make fonts smaller (ctrl -) ==> crash

Comment 10

16 years ago
regression between linux trunk build 2002061304 and 2002061408
(branch 20020703 is ok)
Keywords: stackwanted → regression, testcase
OS: Windows XP → All

Comment 11

16 years ago
backing out 1 line from the patch for bug 148399 (the change to line 528 of
nsInlineFrame.cpp) fixes the testcase and the URL.  however, it also brings back
148399, so it is probably correct and the problem lies elsewhere.

with that one line changed, the ASSERTIONs still appear during page load, but
there are no ASSERTIONs when the font size is changed.

Comment 12

16 years ago
Reproduces on OS X trunk (2002-07-10-08).
Priority: -- → P2

Comment 13

16 years ago
this seems to be a regression from bug 145305 + bug 148399

CVS build 20020529 - patch for bug 145305 does not crash.
CVS build 20020529 does not crash.
CVS build 20020529 + patch for bug 148399 does crash.

cc'ing karnaze
Depends on: 145305
-> karnaze
Assignee: attinasi → karnaze

Comment 15

16 years ago
very suprised
I didn't find crash in solaris 5.8 + trunk20020718

Comment 16

16 years ago
It does not crash for me also with 20020727 on WinXP, seems fixed?? 

Comment 17

16 years ago
the testcase was fixed by bug 154741
the URL does not crash current builds, but also does not crash older builds that
used to crash, so the URL probably changed.

marking FIXED by bug 154741
Last Resolved: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.