Closed Bug 196484 Opened 22 years ago Closed 22 years ago

HTML table with 2-pixel Arial makes Mozilla crash [@ nsUnicodeEncodeHelper::ConvertByTable ]

Categories

(Core :: Internationalization, defect)

Product:
Core
Component:
Internationalization
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: haydar, Assigned: roland.mainz)

References

(
URL
)

Details

(Keywords: crash)

Crash Data

Attachments

(2 files, 1 obsolete file)

Stacktrace 1.3b from reporter
6.92 KB, text/plain
Details
Patch for 2003-03-20-08-trunk
3.13 KB, patch
smontagu
: review+
rbs
: superreview+
Details | Diff | Splinter Review
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20030122 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20030122 The following crashes the browser. Extracted from a real web page (http://www.nethaber.com/). May have something to do with Truetype arial font. Reproducible: Always Steps to Reproduce: 1.Load the given URL. Actual Results: Mozilla dies. Expected Results: Display the page. Theme : classic.
can you try again with 1.3 release candidate build ? http://www.mozillazine.org/articles/article2959.html
Keywords: crash, stackwanted
worksforme with linux trunk 20030308 and 1.3a
got e-mail from reporter: "Sorry, I've got only a 56k connection. But here's a stack trace : (BTW as I said in the comments, the problem appears to be heavily related to : ISO-8859-9 (Turkish) Arial font (from MS) Particular font sizes User font preferences ? as when I change any of these parameters in the page, it doesn't make Mozilla crash anymore. Maybe it's related to GTK and X11 too ?)"
Keywords: stackwanted
Summary: HTML table with 2-pixel Arial makes Mozilla crash. → HTML table with 2-pixel Arial makes Mozilla crash [@ nsUnicodeEncodeHelper::ConvertByTable ]
related: bug 50613.
Assignee: other → smontagu
Status: UNCONFIRMED → NEW
Component: Layout → Internationalization
Ever confirmed: true
QA Contact: ian → ylong
From talkback data nsUnicodeEncodeHelper::ConvertByTable() looks to me like a 1.3b topcrash.
Some URIs and comments from talkback with this crash, all with buildid 2003021008 on Linux http://www.aljazeera.net http://www.leta2000.lv http://www.typos.com.cy trying to resize characters by holding down ctrl and turning the mouse wheel http://www.iht.com/articles/87521.html From that URL, click Next http://wiadomosci.wp.pl
Annoyingly, I could reproduce this yesterday with http://www.nethaber.com but I can't reproduce it again today, and I was only half way to an understanding of what was happening when I stopped work yesterday. I know enough to produce a wallpaper patch, but I suspect there is an underlying issue which I haven't quite grasped.
Attached patch patch (obsolete) — Splinter Review
rbs, what do you think about this? I'm not even sure that I was seeing the same crash as the original reporter, but I don't see any harm in adding a bounds check here.
Comment on attachment 116867 [details] [diff] [review] patch I re-read the code and it makes sense. Better be on the safe side than to crash. Care to make a patch for everybody (GTK, Xlib, Win32)?
*** Bug 199005 has been marked as a duplicate of this bug. ***
Note that: http://abaababa.ouvaton.org/mozilla-crash.html does _not_ crash my browser, but (from duplicate 199005): http://www.gazeta.ru/sport/2003/03/kz_18598.shtml?kz18598 does.
marco wrote: > Note that: > http://abaababa.ouvaton.org/mozilla-crash.html > does _not_ crash my browser, but (from duplicate 199005): > http://www.gazeta.ru/sport/2003/03/kz_18598.shtml?kz18598 > does. Does setting the "MOZILLA_GFX_DISABLE_FAST_MEASURE" env variable prevent the crash for that page ? e.g. start Mozilla like this: % export MOZILLA_GFX_DISABLE_FAST_MEASURE=1 % ./mozilla does that help?
http://www.gazeta.ru/sport/2003/03/kz_18598.shtml?kz18598 WFM, day old trnk CVS, Linux. (Not Xft)
Roland said he would take this.
Assignee: smontagu → Roland.Mainz
Simon Montagu wrote: > Roland said he would take this. Yeah... I hate that when simple-to-fix issues are rotting in bugzilla... patch in 45secs... I hope review and superreview are similar fast... :)
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.4alpha
Attachment #116867 - Attachment is obsolete: true
Comment on attachment 118515 [details] [diff] [review] Patch for 2003-03-20-08-trunk Requesting r=/sr= ...
Attachment #118515 - Flags: superreview?(rbs)
Attachment #118515 - Flags: review?(smontagu)
Note: Tree freeze is in less than 5 hours (<=FIVE), it would be nice to get the r=/sr=/checkin= done before that... :)
Comment on attachment 118515 [details] [diff] [review] Patch for 2003-03-20-08-trunk r=smontagu
Attachment #118515 - Flags: review?(smontagu) → review+
Comment on attachment 118515 [details] [diff] [review] Patch for 2003-03-20-08-trunk sr=rbs
Attachment #118515 - Flags: superreview?(rbs) → superreview+
Patch checked in.
Target Milestone: mozilla1.4alpha → ---
Marking bug as FIXED for now (per http://bonsai.mozilla.org/cvsquery.cgi?module=MozillaTinderboxAll&branch=HEAD&cvsroot=/cvsroot&date=explicit&mindate=1048649940&maxdate=1048650660&who=smontagu%25netscape.com), reopen if this issue still occurs...
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Just to answer comment #13: if I set export MOZILLA_GFX_DISABLE_FAST_MEASURE=1 before running mozilla, and then go to: http://www.gazeta.ru/sport/2003/03/kz_18598.shtml?kz18598 the browser does not crash and shows the page OK (Mozilla 1.3 build 2003031709, see bug 199005).
*** Bug 167863 has been marked as a duplicate of this bug. ***
*** Bug 203381 has been marked as a duplicate of this bug. ***
*** Bug 199224 has been marked as a duplicate of this bug. ***
Crash Signature: [@ nsUnicodeEncodeHelper::ConvertByTable ]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: