Ubuntu
firefox package

Firefox segfaults when opening some webpages

Bug #11567 reported by Johannes H. Jensen
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Invalid
Critical
Thom May

Bug Description

Mozilla Firefox segfaults when opening some webpages. This happens on many webpages.
I'm running hoary.

Example:
$ firefox http://phpdoc.org/tutorial.php
Segmentation fault

I've tried to debug this with gdb, but without success. If someone could give me
some instructions on how to debug firefox, I will gladly help.
Also, I've tried this on other ubuntu hoary systems, where firefox does not
crash at all. This leads me to think that this is a problem caused by a library
firefox is linked with.

These are the dynamic libraries my firefox-bin is linked with:
$ ldd /usr/lib/mozilla-firefox/firefox-bin
        libmozjs.so => /usr/lib/libmozjs.so (0x40026000)
        libxpcom.so => /usr/lib/libxpcom.so (0x400a6000)
        libplds4.so => /usr/lib/libplds4.so (0x4015e000)
        libplc4.so => /usr/lib/libplc4.so (0x40161000)
        libnspr4.so => /usr/lib/libnspr4.so (0x40167000)
        libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x4019b000)
        libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x401ab000)
        libgtk-x11-2.0.so.0 => /usr/lib/libgtk-x11-2.0.so.0 (0x401ae000)
        libgdk-x11-2.0.so.0 => /usr/lib/libgdk-x11-2.0.so.0 (0x40471000)
        libatk-1.0.so.0 => /usr/lib/libatk-1.0.so.0 (0x404db000)
        libgdk_pixbuf-2.0.so.0 => /usr/lib/libgdk_pixbuf-2.0.so.0 (0x404f8000)
        libpangoxft-1.0.so.0 => /usr/lib/libpangoxft-1.0.so.0 (0x4050d000)
        libpangox-1.0.so.0 => /usr/lib/libpangox-1.0.so.0 (0x40514000)
        libpango-1.0.so.0 => /usr/lib/libpango-1.0.so.0 (0x4051f000)
        libgobject-2.0.so.0 => /usr/lib/libgobject-2.0.so.0 (0x40556000)
        libgmodule-2.0.so.0 => /usr/lib/libgmodule-2.0.so.0 (0x40587000)
        libglib-2.0.so.0 => /usr/lib/libglib-2.0.so.0 (0x4058c000)
        libX11.so.6 => /usr/X11R6/lib/libX11.so.6 (0x40608000)
        libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x406cd000)
        libstdc++.so.5 => /usr/lib/libstdc++.so.5 (0x406ee000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x407a8000)
        libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x407b1000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
        libXrandr.so.2 => /usr/X11R6/lib/libXrandr.so.2 (0x408df000)
        libXi.so.6 => /usr/X11R6/lib/libXi.so.6 (0x408e3000)
        libXext.so.6 => /usr/X11R6/lib/libXext.so.6 (0x408eb000)
        libXft.so.2 => /usr/lib/libXft.so.2 (0x408f8000)
        libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x4090a000)
        libz.so.1 => /usr/lib/libz.so.1 (0x40977000)
        libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x40989000)
        libXcursor.so.1 => /usr/lib/libXcursor.so.1 (0x409b0000)
        libXrender.so.1 => /usr/lib/libXrender.so.1 (0x409b9000)
        libpangoft2-1.0.so.0 => /usr/lib/libpangoft2-1.0.so.0 (0x409c1000)
        libexpat.so.1 => /usr/lib/libexpat.so.1 (0x409e7000)

If you want, I can give you any information regarding the versions/etc of these
libraries I have installed.

Thank you,
Johannes H. Jensen

Revision history for this message
Johannes H. Jensen (joh-pub) wrote :
Download full text (4.6 KiB)

Found that this also happens with mozilla.

I managed to debug mozilla (found instructions here:
https://bugzilla.mozilla.org/show_bug.cgi?id=207197#c4) and it appears this is a
problem with the libgklayout.so library. The backtrace from gdb follows below:

#0 0x40f38edc in nsHTMLReflowState::UseComputedHeight ()
   from /usr/lib/mozilla/components/libgklayout.so
#1 0x40f39022 in nsHTMLReflowState::UseComputedHeight ()
   from /usr/lib/mozilla/components/libgklayout.so
#2 0x40f39101 in nsHTMLReflowState::CalcLineHeight ()
   from /usr/lib/mozilla/components/libgklayout.so
#3 0x40f1d7f8 in nsBlockReflowState::nsBlockReflowState ()
   from /usr/lib/mozilla/components/libgklayout.so
#4 0x40f135cf in nsBlockFrame::IsContainingBlock ()
   from /usr/lib/mozilla/components/libgklayout.so
#5 0x40f1ca20 in nsBlockReflowContext::ReflowBlock ()
   from /usr/lib/mozilla/components/libgklayout.so
#6 0x40f16944 in nsBlockFrame::ReflowBlockFrame () from
/usr/lib/mozilla/components/libgklayout.so
#7 0x40f159c2 in nsBlockFrame::ReflowLine () from
/usr/lib/mozilla/components/libgklayout.so
#8 0x40f154a3 in nsBlockFrame::ReflowDirtyLines () from
/usr/lib/mozilla/components/libgklayout.so
#9 0x40f13676 in nsBlockFrame::IsContainingBlock ()
   from /usr/lib/mozilla/components/libgklayout.so
#10 0x40f23638 in nsContainerFrame::ReflowChild () from
/usr/lib/mozilla/components/libgklayout.so
#11 0x40f353c2 in NS_NewCanvasFrame () from
/usr/lib/mozilla/components/libgklayout.so
#12 0x41006f99 in nsBoxToBlockAdaptor::Reflow () from
/usr/lib/mozilla/components/libgklayout.so
#13 0x41006b1a in nsBoxToBlockAdaptor::RefreshSizeCache ()
   from /usr/lib/mozilla/components/libgklayout.so
#14 0x40ffe120 in nsBox::UnCollapseChild () from
/usr/lib/mozilla/components/libgklayout.so
---Type <return> to continue, or q <return> to quit---
#15 0x40ffa65b in nsScrollBoxFrame::CreateScrollingView ()
   from /usr/lib/mozilla/components/libgklayout.so
#16 0x40ffe120 in nsBox::UnCollapseChild () from
/usr/lib/mozilla/components/libgklayout.so
#17 0x41008b08 in nsContainerBox::LayoutChildAt () from
/usr/lib/mozilla/components/libgklayout.so
#18 0x40f326dd in nsGfxScrollFrameInner::LayoutBox ()
   from /usr/lib/mozilla/components/libgklayout.so
#19 0x40f329ae in nsGfxScrollFrameInner::Layout () from
/usr/lib/mozilla/components/libgklayout.so
#20 0x40f32741 in nsGfxScrollFrameInner::LayoutBox ()
   from /usr/lib/mozilla/components/libgklayout.so
#21 0x40ffe120 in nsBox::UnCollapseChild () from
/usr/lib/mozilla/components/libgklayout.so
#22 0x41001d20 in nsBoxFrame::IsInitialReflowForPrintPreview ()
   from /usr/lib/mozilla/components/libgklayout.so
#23 0x40f31998 in nsGfxScrollFrame::GetScrollbarStyles ()
   from /usr/lib/mozilla/components/libgklayout.so
#24 0x40f23638 in nsContainerFrame::ReflowChild () from
/usr/lib/mozilla/components/libgklayout.so
#25 0x40f79488 in ViewportFrame::AdjustReflowStateForScrollbars ()
   from /usr/lib/mozilla/components/libgklayout.so
#26 0x40f58607 in IncrementalReflow::Dispatch () from
/usr/lib/mozilla/components/libgklayout.so
#27 0x40f64b94 in PresShell::ProcessReflowCommands ()
   from /usr/lib/mozilla/components/libgklayout.so
#28 0x40f65ef1...

Read more...

Revision history for this message
Johannes H. Jensen (joh-pub) wrote :

Created an attachment (id=974)
md5sum of all libraries /usr/lib/mozilla/mozilla-bin is linked with.

These are the md5sums of all libraries /usr/lib/mozilla/mozilla-bin is linked
with. The list was created with the following command:

IFS=$'\n'; for l in `ldd /usr/lib/mozilla/mozilla-bin | awk '{print $3}' |
sort`; do md5sum $l >> mozilla-bin-dl.md5sum; done

Revision history for this message
Johannes H. Jensen (joh-pub) wrote :

I found that the page firefox segfaulted on was
http://manual.phpdoc.org/HTMLSmartyConverter/HandS/phpDocumentor/tutorial_phpDocumentor.pkg.html,
so I downloaded it along with images and css files. After removing all images
and removed line after line from the css file, I discovered that firefox crashed
on the following line:

font-family: tahoma, verdana, arial, sans-serif;

I tried removing the "tahoma, " bit, which fixed the problem.
I found out that I had put a tahoma.ttf in /usr/share/fonts/truetype/ some time
back when testing something in wine. Moving tahoma.ttf away also fixed the
problem. The problem is: I'm now unable to reproduce the segfault after moving
tahoma.ttf back!

Revision history for this message
Thom May (thombot) wrote :

It's possible that your fontserver had not fully installed your font file, and
this was causing firefox problems.
Anyway, now that you can't reproduce this problem and I can't, I'm going to
close this bug. If you can reproduce this with a simpler (and reproducible) test
case (ie, a trivial gtk app, since IIRC firefox uses gtk's font loader support),
please feel free to reopen this bug.

Revision history for this message
Meghan Anne McGill (meghan-anne-mcgill) wrote :

I too am getting lots and lots of crashes when using firefox.
the example above
>firefox http://phpdoc.org/tutorial.php
 works for me, but
firefox http://www.cnn.com
always crashes instantly (with a segmentation fault as well)

I'm using firefox -versions 3.6.3 Mozilla Firefox for Ubuntu canonical - 1.0

I've already tried removing the
 sudo apt-get purge moonlight-plugin-core moonlight-plugin-mozilla (posted elsewhere as a fix)
but since it wasn't installed it couldn't be removed,so that wasn't the issue.
firefox itself reported a conflict with the "flashblock" package so I un-installed it and still get the error.
I'm using the shockwave flash package, which works great before lucid (on heron).
I don't want to start randomly trying new packages, so am waiting for some kind of fix.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.