Closed Bug 88927 Opened 23 years ago Closed 23 years ago

Crash in nsFontGTKNormal::GetWidth

Categories

(Core Graveyard :: GFX, defect)

Product:
Core Graveyard
Component:
GFX
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 88486

People

(Reporter: akkzilla, Assigned: bstell)

Details

I was trying to test bug 52441; I added a new mime type and extensions in
~/.mime.types, and a handler in .mailcap, went to a page and clicked on a link
with that extension, and crashed in font code (which I don't think has anything
to do with the mime stuff).  Here's the top of the stack trace:
#0  0x41642d7e in nsFontGTKNormal::GetWidth (this=0x8841c60, 
    aString=0x8569a50, aLength=1) at nsFontMetricsGTK.cpp:2012
#1  0x41651884 in nsRenderingContextGTK::GetWidth (this=0x8541c38, 
    aString=0x85699b8, aLength=143, aWidth=@0xbfffb2dc, aFontID=0x0)
    at nsRenderingContextGTK.cpp:1327
#2  0x41d0dd00 in nsTextFrame::MeasureText (this=0x87b6a34, 
    aPresContext=0x87ab440, aReflowState=@0xbfffbbb0, aTx=@0xbfffb740, 
    aLb=0x8507570, aTs=@0xbfffb8c0, aTextData=@0xbfffb870)
    at nsTextFrame.cpp:4568
#3  0x41d0ef72 in nsTextFrame::Reflow (this=0x87b6a34, aPresContext=0x87ab440, 
    aMetrics=@0xbfffbb50, aReflowState=@0xbfffbbb0, aStatus=@0xbfffbcf8)
    at nsTextFrame.cpp:618
#4  0x41ccca99 in nsLineLayout::ReflowFrame (this=0xbfffbdc0, 
    aFrame=0x87b6a34, aNextRCFrame=0xbfffc7bc, aReflowStatus=@0xbfffbcf8, 
    aMetrics=0x0, aPushedFrame=@0xbfffbcfc) at nsLineLayout.cpp:955
#5  0x41c8c06b in nsBlockFrame::ReflowInlineFrame (this=0x87b65b8, 
    aState=@0xbfffc740, aLineLayout=@0xbfffbdc0, aLine=0x87b6a78, 
    aFrame=0x87b6a34, aLineReflowStatus=0xbfffbd8b "") at nsBlockFrame.cpp:3447
#6  0x41c8be28 in nsBlockFrame::DoReflowInlineFrames (this=0x87b65b8, 
    aState=@0xbfffc740, aLineLayout=@0xbfffbdc0, aLine=0x87b6a78, 
    aKeepReflowGoing=0xbfffc420, 
    aLineReflowStatus=0xbfffc26f
"\002\020\303\377\277\210c{\bH\303\377\277j\2426A\020\303\377\277\002",
aUpdateMaximumWidth=0, aDamageDirtyArea=0)
    at nsBlockFrame.cpp:3332
#7  0x41c8bc73 in nsBlockFrame::DoReflowInlineFramesAuto (this=0x87b65b8, 
    aState=@0xbfffc740, aLine=0x87b6a78, aKeepReflowGoing=0xbfffc420, 
    aLineReflowStatus=0xbfffc26f
"\002\020\303\377\277\210c{\bH\303\377\277j\2426A\020\303\377\277\002",
aUpdateMaximumWidth=0, aDamageDirtyArea=0)
    at nsBlockFrame.cpp:3255
#8  0x41c8ba4d in nsBlockFrame::ReflowInlineFrames (this=0x87b65b8, 
    aState=@0xbfffc740, aLine=0x87b6a78, aKeepReflowGoing=0xbfffc420, 
    aDamageDirtyArea=0, aUpdateMaximumWidth=0) at nsBlockFrame.cpp:3202
#9  0x41c8a2c5 in nsBlockFrame::ReflowLine (this=0x87b65b8, 
    aState=@0xbfffc740, aLine=0x87b6a78, aKeepReflowGoing=0xbfffc420, 
    aDamageDirtyArea=0) at nsBlockFrame.cpp:2325
#10 0x41c8973a in nsBlockFrame::ReflowDirtyLines (this=0x87b65b8, 
    aState=@0xbfffc740) at nsBlockFrame.cpp:2015
#11 0x41c86edf in nsBlockFrame::Reflow (this=0x87b65b8, 
    aPresContext=0x87ab440, aMetrics=@0xbfffce78, aReflowState=@0xbfffcc00, 
    aStatus=@0xbfffcd50) at nsBlockFrame.cpp:793
#12 0x41c92a27 in nsBlockReflowContext::DoReflowBlock (this=0xbfffce30, 
    aReflowState=@0xbfffcc00, aReason=eReflowReason_Initial, aFrame=0x87b65b8, 
    aSpace=@0xbfffcd60, aApplyTopMargin=0, aPrevBottomMargin=0, 
    aIsAdjacentWithTop=1, aComputedOffsets=@0xbfffcd70, 
    aFrameReflowStatus=@0xbfffcd50) at nsBlockReflowContext.cpp:572
#13 0x41c92495 in nsBlockReflowContext::ReflowBlock (this=0xbfffce30, 
    aFrame=0x87b65b8, aSpace=@0xbfffcd60, aApplyTopMargin=0, 
    aPrevBottomMargin=0, aIsAdjacentWithTop=1, aComputedOffsets=@0xbfffcd70, 
    aFrameReflowStatus=@0xbfffcd50) at nsBlockReflowContext.cpp:340
Yes, you're right, all three are almost certainly the same bug.  But it's not
clear which of those is the master bug, nor whether anyone's looked at them, and
Brian knows more about font stuff than I do, so I'll leave it to him to decide
whether to dup this, and if so, to which one.
this is a dup of 88486 where ENCODER_BUFFER_ALLOC_IF_NEEDED needs to test for
a null pointer before dereferencing it

*** This bug has been marked as a duplicate of 88486 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.