Closed Bug 184045 Opened 23 years ago Closed 16 years ago

Mozilla crashes when trying to render font. [@ nsFontMetricsGTK::RealizeFont]

Categories

(Core :: Layout: Text and Fonts, defect, P3)

Product:
Core
Component:
Layout: Text and Fonts
Platform:
x86
Linux
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME
Milestone:
Future

People

(Reporter: mpeters, Unassigned)

Details

(Keywords: crash)

Crash Data

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021119 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021119 I just purchases a set of fonts from www.myfonts.com The font I purchased is http://www.myfonts.com/fonts/classic/classic/ no problems with ttmkfdir or mkfontdir (my experience is that those commands fail with bad fonts) - font is available to Mozilla in preferences. When the following html code is used Mozilla will crash: It does not crash with other fonts that I have and tried. Reproducible: Always Steps to Reproduce: 1.Install the font set (unfortunately its not a free set) 2.create a basic html page containing the following: <P> <FONT face="Classic"> Mozilla Rocks<br><b>Mozilla Rocks</b> </FONT> 3. access the page with Mozilla Actual Results: Mozilla Crashes Expected Results: Displayed a page using the specified font for the text, or at a minumum, display the text using the default font (NOT crash;) If this bug report is not labeled a duplicate of a known bug in 3 days - I will forward the bug report number to the Font Foundry and ask if they will allow you to use the font to verify/resolve the issue. If there's any steps I can take to better describe the bug, let me know. I've heard a "backtrace" can help, but I don't know what one is ...
Michael, the simplest way to get a backtrace is to use a build with talkback in it (either the stub installer or the SEA build on Linux). When the crash happens, talkback should come up and you can submit an incident ID. When you do, use some unique string as the email address (eg bug184045@mozilla.org">bug184045@mozilla.org) and say in this bug what you used. Could you do that?
bug184045@mozilla.org">bug184045@mozilla.org was used in the comments/description for the TalkBack agent from the mozilla-i686-pc-linux-gnu-1.2.1-sea.tar.gz client. mpeters@mac.com is the e-mail address attached to that talkback report. Additional Notes- On Mac OS X 10.1.5, Mozilla build 2002031005 and Chimera 0.4 (& 0.6) do not crash but do not display anything.
Severity: normal → critical
Keywords: crash
nsFontMetricsGTK::RealizeFont() [/builds/client/linux22/seamonkey/mozilla/gfx/src/gtk/nsFontMetricsGTK.cpp, line 1598] nsFontMetricsGTK::Init() [/builds/client/linux22/seamonkey/mozilla/gfx/src/gtk/nsFontMetricsGTK.cpp, line 63] nsFontCache::GetMetricsFor() [/builds/client/linux22/seamonkey/mozilla/gfx/src/nsDeviceContext.cpp, line 669] DeviceContextImpl::GetMetricsFor() [/builds/client/linux22/seamonkey/mozilla/gfx/src/nsDeviceContext.cpp, line 345] nsRenderingContextGTK::SetFont() [/builds/client/linux22/seamonkey/mozilla/gfx/src/gtk/nsRenderingContextGTK.cpp, line 676] SetFontFromStyle() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsFrame.cpp, line 414] nsTextFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsTextFrame.cpp, line 570] nsLineLayout::ReflowFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsLineLayout.cpp, line 1047] nsInlineFrame::ReflowInlineFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsInlineFrame.cpp, line 712] nsInlineFrame::ReflowFrames() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsInlineFrame.cpp, line 524] nsInlineFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsInlineFrame.cpp, line 433] nsLineLayout::ReflowFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsLineLayout.cpp, line 1047] nsBlockFrame::ReflowInlineFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3861] nsBlockFrame::DoReflowInlineFrames() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3729] nsBlockFrame::DoReflowInlineFramesAuto() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3631] nsBlockFrame::ReflowInlineFrames() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3577] nsBlockFrame::ReflowLine() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2652] nsBlockFrame::ReflowDirtyLines() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2296] nsBlockFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 942] nsBlockReflowContext::ReflowBlock() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockReflowContext.cpp, line 536] nsBlockFrame::ReflowBlockFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3335] nsBlockFrame::ReflowLine() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2514] nsBlockFrame::ReflowDirtyLines() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2296] nsBlockFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 942] nsBlockReflowContext::ReflowBlock() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockReflowContext.cpp, line 536] nsBlockFrame::ReflowBlockFrame() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 3335] nsBlockFrame::ReflowLine() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2514] nsBlockFrame::ReflowDirtyLines() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 2296] nsBlockFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsBlockFrame.cpp, line 942] nsContainerFrame::ReflowChild() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsContainerFrame.cpp, line 926] CanvasFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsHTMLFrame.cpp, line 48] nsBoxToBlockAdaptor::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBoxToBlockAdaptor.cpp, line 928] nsBoxToBlockAdaptor::DoLayout() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBoxToBlockAdaptor.cpp, line 668] nsBox::Layout() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBox.cpp, line 1066] nsScrollBoxFrame::DoLayout() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsScrollBoxFrame.cpp, line 361] nsBox::Layout() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBox.cpp, line 1066] nsContainerBox::LayoutChildAt() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsContainerBox.cpp, line 647] nsGfxScrollFrameInner::LayoutBox() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsGfxScrollFrame.cpp, line 1164] nsGfxScrollFrameInner::Layout() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsGfxScrollFrame.cpp, line 1318] nsGfxScrollFrame::DoLayout() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsGfxScrollFrame.cpp, line 1171] nsBox::Layout() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBox.cpp, line 1066] nsBoxFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 900] nsGfxScrollFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsGfxScrollFrame.cpp, line 847] nsContainerFrame::ReflowChild() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsContainerFrame.cpp, line 926] ViewportFrame::Reflow() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsViewportFrame.cpp, line 579] IncrementalReflow::Dispatch() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp, line 655] PresShell::ProcessReflowCommands() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp, line 6508] HandlePLEvent() [/builds/client/linux22/seamonkey/mozilla/layout/html/base/src/nsPresShell.cpp, line 583] PL_HandleEvent() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/plevent.c, line 644] PL_ProcessPendingEvents() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/plevent.c, line 576] nsEventQueueImpl::ProcessPendingEvents() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/nsEventQueue.cpp, line 392] event_processor_callback() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 186] our_gdk_io_invoke() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 79] libglib-1.2.so.0 + 0x11076 (0x403df076) libglib-1.2.so.0 + 0x1297e (0x403e097e) libglib-1.2.so.0 + 0x12e59 (0x403e0e59) libglib-1.2.so.0 + 0x130f4 (0x403e10f4) libgtk-1.2.so.0 + 0xa86df (0x402e06df) nsAppShell::Run() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 334] nsAppShellService::Run() [/builds/client/linux22/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 472] main1() [/builds/client/linux22/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1916] main() [/builds/client/linux22/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1902] 0x420158d4
Line 1598 is: mEmAscent = nscoord(mMaxAscent * mEmHeight / lineSpacing); And before that lineSpacing is defined as: nscoord lineSpacing = nscoord((fontInfo->ascent + fontInfo->descent) * f); ('f' is just the device-to-app unit conversion factor) So the most likely problem is that the fontInfo is giving us a descent and ascent of 0... we should really try to handle that case better (like not crash, though the visual display is still likely to be odd).
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Mozilla crashes when trying to render font. → Mozilla crashes when trying to render font. [@ nsFontMetricsGTK::RealizeFont]
Priority: -- → P3
Target Milestone: --- → Future
I got this crash with current linux trunk (CVS) build going to https://www.donotcall.gov/Register/Reg.aspx with the pref user_pref("font.scale.aa_bitmap.always", true); The fontInfo's descent and ascent were both 0.
I also experienced this bug (firefox-1.5.0.7), and I'm not using any commercial fonts. ###!!! ASSERTION: font metrics should not be null - bug 136248: 'NS_SUCCEEDED(rv)', file nsDeviceContext.cpp, line 669 The program crashes when GetNormalLineHeight(fm) is called in ComputeLineHeight(), because the FontMetrics are a NULL ptr. Here is the backtrace at the point before GetNormalLineHeight(fm) will be called (and crash): #0 ComputeLineHeight (aPresContext=0x87e24f8, aRenderingContext=0x8747ae8, aStyleContext=0x83182a0) at nsHTMLReflowState.cpp:2260 #1 0xb6b7a45a in nsHTMLReflowState::CalcLineHeight (aPresContext=0xbfcc2630, aRenderingContext=0xbfcc2630, aFrame=0x886bc7c) at nsHTMLReflowState.cpp:2274 #2 0xb6b439f7 in nsBlockReflowState (this=0xbfcc2960, aReflowState=@0xbfcc2d10, aPresContext=0x87e24f8, aFrame=0x886bc7c, aMetrics=@0xbfcc2ef4, aTopMarginRoot=0, aBottomMarginRoot=0) at nsBlockReflowState.cpp:170 #3 0xb6b2ff84 in nsBlockFrame::Reflow (this=0x886bc7c, aPresContext=0x87e24f8, aMetrics=@0xbfcc2ef4, aReflowState=@0xbfcc2d10, aStatus=@0xbfcc2cf8) at nsBlockFrame.cpp:770 #4 0xb6b42be1 in nsBlockReflowContext::ReflowBlock (this=0xbfcc2eb0, aSpace=@0x4c99b0fc, aApplyTopMargin=0, aPrevMargin=@0xbfcc2630, aClearance=0, aIsAdjacentWithTop=1, aComputedOffsets=@0xbfcc2de0, aFrameRS=@0xbfcc2d10, aFrameReflowStatus=@0xbfcc2cf8) at nsBlockReflowContext.cpp:605 #5 0xb6b360db in nsBlockFrame::ReflowBlockFrame (this=0x886b944, aState=@0xbfcc34e0, aLine={mCurrent = 0x886f14c, mListLink = 0x886b980}, aKeepReflowGoing=0xbfcc31d4) at nsBlockFrame.cpp:3465 #6 0xb6b34693 in nsBlockFrame::ReflowLine (this=0x886b944, aState=@0xbfcc34e0, aLine={mCurrent = 0x886f14c, mListLink = 0x886b980}, aKeepReflowGoing=0xbfcc31d4, aDamageDirtyArea=1) at nsBlockFrame.cpp:2628 #7 0xb6b334ec in nsBlockFrame::ReflowDirtyLines (this=0x886b944, aState=@0xbfcc34e0, aTryPull=1) at nsBlockFrame.cpp:2280 #8 0xb6b30065 in nsBlockFrame::Reflow (this=0x886b944, aPresContext=0x87e24f8, aMetrics=@0xbfcc3a74, aReflowState=@0xbfcc3890, aStatus=@0xbfcc3878) at nsBlockFrame.cpp:902 #9 0xb6b42be1 in nsBlockReflowContext::ReflowBlock (this=0xbfcc3a30, aSpace=@0x4c99b0fc, aApplyTopMargin=0, aPrevMargin=@0xbfcc2630, aClearance=0, aIsAdjacentWithTop=1, aComputedOffsets=@0xbfcc3960, aFrameRS=@0xbfcc3890, aFrameReflowStatus=@0xbfcc3878) at nsBlockReflowContext.cpp:605 #10 0xb6b360db in nsBlockFrame::ReflowBlockFrame (this=0x88483d4, aState=@0xbfcc4060, aLine={mCurrent = 0x886f7e0, mListLink = 0x8848410}, aKeepReflowGoing=0xbfcc3d54) at nsBlockFrame.cpp:3465 #11 0xb6b34693 in nsBlockFrame::ReflowLine (this=0x88483d4, aState=@0xbfcc4060, aLine={mCurrent = 0x886f7e0, mListLink = 0x8848410}, aKeepReflowGoing=0xbfcc3d54, aDamageDirtyArea=1) at nsBlockFrame.cpp:2628 #12 0xb6b334ec in nsBlockFrame::ReflowDirtyLines (this=0x88483d4, aState=@0xbfcc4060, aTryPull=1) at nsBlockFrame.cpp:2280 [Rest omitted] I'm currently still learning to how to master GDB; I hope I'll be able to provide more useful information when I'm more proficient with the debugger.
Assignee: layout.fonts-and-text → nobody
QA Contact: ian → layout.fonts-and-text
nsFontMetricsGTK::RealizeFont and the lines in comment 4 no longer exist. I think the pref in comment 5 is obsolete, too. Comment 6 looks like something else.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
Crash Signature: [@ nsFontMetricsGTK::RealizeFont]
You need to log in before you can comment on or make changes to this bug.