Closed
Bug 390470
Opened 18 years ago
Closed 17 years ago
Crash in gfxSkipCharsIterator::SetOffsets on some articles on http://www.heise.de/tp/
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: jiha.bugzilla, Unassigned)
References
()
Details
Attachments
(1 file)
28.96 KB,
text/plain
|
Details |
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007073122 Mnenhy/0.7.5.0 SeaMonkey/2.0a1pre
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/200707312222 Mnenhy/0.7.5.0 SeaMonkey/2.0a1pre (self compiled from cvs; cvs checkout start: 2007-07-31 22:31:11 CEST (+0200))
The crash does not occur always. Maybe it depends on dynamically generated content.
Reproducible: Sometimes
Steps to Reproduce:
1. Visit http://www.heise.de/tp/r4/artikel/25/25842/1.html or http://www.heise.de/tp/r4/artikel/25/25854/1.html
2. If crash does not occur immediately try to resize the browser window.
3. If crash still does not occur try to reload.
Actual Results:
Crash with
0xb58136f3 in gfxSkipCharsIterator::SetOffsets (this=0xbf8670fc, aOffset=934, aInOriginalString=1) at /media/hdb2/mozilla/moz-cvs-Arbeitskopie/mozilla/gfx/thebes/src/gfxSkipChars.cpp:129
I also reproduced the crash with an official Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007080104 Minefield/3.0a7pre. Breakpad Report should be found at:
http://crash-stats.mozilla.com/report/index/dc3620b8-4041-11dc-9bc4-001a4bd43ed6?date=2007-08-01-15
See also http://crash-stats.mozilla.com/report/list?range_unit=weeks&query_search=signature&query_type=contains&signature=gfxSkipCharsIterator%3A%3ASetOffsets%28unsigned+int%2Cint%29&query=gfxSkipCharsIterator%3A%3ASetOffsets&range_value=1
Maybe this has something to do with bug 385270 and/or bug 386584 .
However those crashes refer to gfxSkipChars.cpp, line 92.
I checked http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=HEAD&branchtype=match&dir=&file=mozilla%2Fgfx%2Fthebes%2Fsrc%2FgfxSkipChars.cpp&filetype=match&who=&whotype=match&sortby=Date&hours=2&date=all&mindate=2007-06-20&maxdate=&cvsroot=%2Fcvsroot to see if this line 92 maybe became line 129 due to recent patches but it does not look like that.
Reporter | ||
Comment 1•18 years ago
|
||
Adding stacktrace made with a SeaMonkey 20070801-debug-build.
Furthermore I found out that the crash does not occur with a 20070723_firefox-3.0a7pre.en-US.linux-i686.
I'll try to narrow the regression range.
Reporter | ||
Comment 2•18 years ago
|
||
Last good here:
cvs checkout start: Mo 2007-07-30 15:24:16 CEST (+0200)
First bad:
cvs checkout start: Tue 2007-07-31 18:36:29 CEST (+0200)
However I can not figure out a suspicious checkin at
http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=HEAD&branchtype=match&dir=&file=&filetype=match&who=&whotype=match&sortby=Date&hours=2&date=explicit&mindate=2007-07-30+06%3A00%3A00&maxdate=2007-07-31+09%3A45%3A00&cvsroot=%2Fcvsroot
Comment 3•18 years ago
|
||
I get the same stacktrace with suiterunner debug build 20070801 using Windows XP.
The problematic access is mSkipChars->mList[mListPrefixLength];
According to the VS2005 Debugger, mListPrefixLength has the value 84803983, but mSkipChars.mListLength has the value 6.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Linux → All
Comment 4•18 years ago
|
||
(In reply to comment #2)
> Last good here:
> cvs checkout start: Mo 2007-07-30 15:24:16 CEST (+0200)
>
> First bad:
> cvs checkout start: Tue 2007-07-31 18:36:29 CEST (+0200)
Could be the backout of bug 385270. If that's the case, the crash should also appear in builds from before the initial checkin of that bug (20070723).
Reporter | ||
Comment 5•18 years ago
|
||
(In reply to comment #4)
> Could be the backout of bug 385270. If that's the case, the crash should also
> appear in builds from before the initial checkin of that bug (20070723).
I checked builds with:
cvs checkout start: Fr 2007-07-20 01:00:12 CEST (+0200)
cvs checkout start: Fr 2007-07-20 14:49:34 CEST (+0200)
cvs checkout start: Mo 2007-07-23 13:45:44 CEST (+0200)
cvs checkout start: Mo 2007-07-23 19:31:51 CEST (+0200)
cvs checkout start: Mo 2007-07-23 23:50:17 CEST (+0200)
All of them don't show the crash.
Comment 6•18 years ago
|
||
Dupe of 385526?
Comment 7•17 years ago
|
||
Does this still happen on trunk now that bug 385526 is fixed?
Reporter | ||
Comment 8•17 years ago
|
||
Actually I cannot reproduce this anymore. Even with the above mentioned 'bad' builds. Maybe something was changed at the site (e.g. some dynamically embedded ads).
Marking this bug WORKSFORME
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•