[mac] Firefox crashing while trying to view http://www.opera.com/features/svg/index.dml

RESOLVED FIXED

Status

()

Core
SVG
--
major
RESOLVED FIXED
13 years ago
13 years ago

People

(Reporter: Frederic Bezies, Assigned: tor)

Tracking

Trunk
PowerPC
Mac OS X
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: talkbackid:7020422X, has reviews, needs to land, URL)

Attachments

(1 attachment, 1 obsolete attachment)

1.75 KB, patch
jhp (no longer active)
: review+
Benjamin Smedberg
: approval1.8b3+
Details | Diff | Splinter Review
(Reporter)

Description

13 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050627 Firefox/1.0+
Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050627 Firefox/1.0+

Simple. Go to http://www.opera.com/features/svg/index.dml (Opera SVG sample
page), and try to see it...

Talkback sent : 7020422X

Reproducible: Always

Steps to Reproduce:
1.Go to http://www.opera.com/features/svg/index.dml

Actual Results:  
Crashing.

Expected Results:  
Viewing page.

SVG will be a "die-hard" feature for firefox 1.1... Seeing firefox crashing on a
SVG enabled page is sad :(
(Reporter)

Updated

13 years ago
Flags: blocking1.8b4?
Flags: blocking1.8b3?
Flags: blocking-aviary1.1?
Whiteboard: talkbackid:7020422X
WFM on WinXP.

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b2) Gecko/20050627
Firefox/1.0+ ID:2005062701
(Reporter)

Comment 2

13 years ago
So, it seems to be a mac only bug ?

Tweaking summary.
Summary: Firefox crashing while trying to view http://www.opera.com/features/svg/index.dml → [mac] Firefox crashing while trying to view http://www.opera.com/features/svg/index.dml

Comment 3

13 years ago
The talkback stack looks useless :/, looks like symbols are missing. But for
Mac-only would speak this (from the stacktrace):
QD.186.0.0 + 0x36fa4 (0x916d0fa4)
QD.186.0.0 + 0x39df4 (0x916d3df4)
firefox-bin + 0x869d30 (0x00869d30)
[...]

I assume QD stands for Carbon QuickDraw here?
I can confirm on Mac OS X 10.3 with latest trunk.  Here is the top of the stack:
Thread 0 Crashed:
0   <<00000000>> 	0x91669fbc 0 + 0x91669fbc
1   <<00000000>> 	0x91669c04 0 + 0x91669c04
2   libgklayout.dylib     	0x1dc509d0 _cairo_atsui_font_text_to_glyphs + 0x124
(cairo-atsui-font.c:288)
3   libgklayout.dylib     	0x1dc3a840 _cairo_scaled_font_text_to_glyphs + 0x4c
(cairo-font.c:760)
4   libgklayout.dylib     	0x1dc237ac _cairo_gstate_text_to_glyphs + 0x6c
(cairo-gstate.c:1958)
5   libgklayout.dylib     	0x1dc11d8c cairo_text_extents + 0x140 (cairo.c:1711)
6   libgklayout.dylib     	0x1dc0a428 nsSVGCairoGlyphMetrics::Update(unsigned
int, int*) + 0x104 (nsSVGCairoGlyphMetrics.cpp:293)
7   libgklayout.dylib     	0x1db79dc4
nsSVGGlyphFrame::NotifyMetricsUnsuspended() + 0xc0 (nsSVGGlyphFrame.cpp:1241)
8   libgklayout.dylib     	0x1dba0360 nsSVGTextFrame::NotifyRedrawUnsuspended()
+ 0x1e8 (nsSVGTextFrame.cpp:694)
9   libgklayout.dylib     	0x1db8d64c nsSVGOuterSVGFrame::UnsuspendRedraw() +
0x140 (nsSVGOuterSVGFrame.cpp:1079)
10  libgklayout.dylib     	0x1db8c298
nsSVGOuterSVGFrame::DidReflow(nsPresContext*, nsHTMLReflowState const*, int) +
0x11c (nsSVGOuterSVGFrame.cpp:672)
Crash happens at |::ATSUDirectGetLayoutDataArrayPtrFromTextLayout()|.

Comment 6

13 years ago
i think two blocking requests are enough :)
Flags: blocking-aviary1.1?
(Assignee)

Comment 7

13 years ago
Created attachment 187467 [details] [diff] [review]
ATSUI doesn't like empty strings
Assignee: general → tor
Status: NEW → ASSIGNED
Attachment #187467 - Flags: review?(jhpedemonte)

Updated

13 years ago
Attachment #187467 - Flags: review?(jhpedemonte) → review+
(Assignee)

Comment 8

13 years ago
Created attachment 187469 [details] [diff] [review]
avoid leaks in bailout
(Assignee)

Updated

13 years ago
Attachment #187467 - Attachment is obsolete: true
Attachment #187469 - Flags: review?(jhpedemonte)
Comment on attachment 187469 [details] [diff] [review]
avoid leaks in bailout

Are the |#if 1| and |#if 0| necessary, or can they just be removed?  Otherwise,
looks fine.
Attachment #187469 - Flags: review?(jhpedemonte) → review+
(Assignee)

Updated

13 years ago
Attachment #187469 - Flags: approval1.8b3?

Updated

13 years ago
Attachment #187469 - Flags: approval1.8b3? → approval1.8b3+

Updated

13 years ago
Flags: blocking1.8b4?
Flags: blocking1.8b3?
Flags: blocking1.8b3+
Whiteboard: talkbackid:7020422X → talkbackid:7020422X, has reviews, needs to land
(Assignee)

Comment 10

13 years ago
Checked in.
(Assignee)

Comment 11

13 years ago
... and closed.
Status: ASSIGNED → RESOLVED
Last Resolved: 13 years ago
Flags: blocking1.8b3+ → blocking1.8b3?
Resolution: --- → FIXED
(Assignee)

Updated

13 years ago
Flags: blocking1.8b3?
You need to log in before you can comment on or make changes to this bug.