Go to www.opengl.org, wait for the page to load, press (ctrl -), the fonts get smaller, press it one more time and mozilla crashes (every time). using the latest build(2002070404)
I'm seeing this too on Win2k 0704. I had to increase font size with ctrl + before decreasing in order to see the crash. Talkback TB8037943G
Also crashed in 2002070408 PC/Win98. Talkback ID TB8038956H Interestingly, I was able to size the fonts down 4 or 5 times without a problem. As soon as I went back up one font size, it crashed.
sounds like bug 155445, although that bug is crashing in Linux-specific territory.
top of (long) stack from a day old linux CVS, non-debug with symbols: #0 0x00000083 in ?? () #1 0x416114ac in nsLineLayout::ReflowFrame () from libgklayout.so #2 0x4160db7f in nsInlineFrame::ReflowInlineFrame () from libgklayout.so #3 0x4160d817 in nsInlineFrame::ReflowFrames () from libgklayout.so #4 0x4160d69c in nsInlineFrame::Reflow () from libgklayout.so #5 0x41610ec1 in nsLineLayout::ReflowFrame () from libgklayout.so #6 0x415e47e0 in nsBlockFrame::ReflowInlineFrame () from libgklayout.so #7 0x415e45e8 in nsBlockFrame::DoReflowInlineFrames () from libgklayout.so seems to happen in layout - changing component
forgot: got the crash first when i sized the fonts UP again (hitting "ctrl +" after some "ctrl -")
I've run into this problem on a FreeBSD 4.6-STABLE box using the latest nightlies. I ran mozilla through gdb and managed to get a backtrace. I put the log up at http://siliconlandmark.com/staff/andre/mozilla-slashdot.org-fontresize.sigbus.txt I've managed to reproduce this crash on XP, NT, 2k, Linux and FreeBSD.
Created attachment 90437 [details] stack with symbols debug build complains as follows while loading the page: WARNING: aFrame is already associated with a region, file nsSpaceManager.cpp, line 792 ###!!! ASSERTION: bad floater placement: 'NS_SUCCEEDED(rv)', file nsBlockReflowState.cpp, line 1029 (a lot of this) when I increase font size, it says: ###!!! ASSERTION: unexpected flow: 'mFrames.ContainsFrame(nextInFlow)', file nsInlineFrame.cpp, line 518 ###!!! ASSERTION: failed to remove frame: 'result', file nsContainerFrame.cpp, line 983 ###!!! ASSERTION: non null next-in-flow: 'nsnull == nextInFlow', file nsContainerFrame.cpp, line 997
Created attachment 90440 [details] testcase make fonts bigger (ctrl +), make fonts smaller (ctrl -) ==> crash
regression between linux trunk build 2002061304 and 2002061408 (branch 20020703 is ok) OS=>All
backing out 1 line from the patch for bug 148399 (the change to line 528 of nsInlineFrame.cpp) fixes the testcase and the URL. however, it also brings back 148399, so it is probably correct and the problem lies elsewhere. with that one line changed, the ASSERTIONs still appear during page load, but there are no ASSERTIONs when the font size is changed.
Reproduces on OS X trunk (2002-07-10-08).
this seems to be a regression from bug 145305 + bug 148399 CVS build 20020529 - patch for bug 145305 does not crash. CVS build 20020529 does not crash. CVS build 20020529 + patch for bug 148399 does crash. cc'ing karnaze
very suprised I didn't find crash in solaris 5.8 + trunk20020718
It does not crash for me also with 20020727 on WinXP, seems fixed??
the testcase was fixed by bug 154741 the URL does not crash current builds, but also does not crash older builds that used to crash, so the URL probably changed. marking FIXED by bug 154741