181361 – fontconfig crashes when reading font cache files

Bug 181361 - fontconfig crashes when reading font cache files

Summary: fontconfig crashes when reading font cache files

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	fontconfig
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Matthias Clasen
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FC5Blocker
TreeView+	depends on / blocked

Reported:	2006-02-13 17:17 UTC by Dave Jones
Modified:	2015-01-04 22:25 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-02-27 06:45:30 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Dave Jones 2006-02-13 17:17:00 UTC

even after rm -rf ~/.mozilla I get this..

Core was generated by `/usr/lib64/firefox-1.5.0.1/firefox-bin -UILocale en-US'.
Program terminated with signal 11, Segmentation fault.

(gdb) bt
#0  0x00000038f350cbcd in raise () from /lib64/libpthread.so.0
#1  0x00000000004135ab in nsProfileLock::FatalSignalHandler (signo=11) at
nsProfileLock.cpp:206
#2  <signal handler called>
#3  0x00002af1df2faa03 in FcCharSetIsSubset (a=0x2aaaab6e7480, b=0xbb10a0) at
fccharset.c:674
#4  0x00002af1df3056de in FcFontSetSort (config=Variable "config" is not available.
) at fcmatch.c:809
#5  0x00002af1df305a06 in FcFontSort (config=0x0, p=0xb15fc0, trim=1, csp=0x0,
result=0x7fffff8c8e8c) at fcmatch.c:1032
#6  0x00002af1dfb6ab88 in pango_fc_font_map_get_type () from
/usr/lib64/libpangoft2-1.0.so.0
#7  0x00002af1de877dbd in pango_context_get_font_description () from
/usr/lib64/libpango-1.0.so.0
#8  0x00002af1de8780fd in pango_itemize_with_base_dir () from
/usr/lib64/libpango-1.0.so.0
#9  0x00002af1de878181 in pango_itemize () from /usr/lib64/libpango-1.0.so.0
#10 0x00002af1ea819c9d in nsFontMetricsPango::CacheFontMetrics
(this=0x2aaaaaf0d620) at nsFontMetricsPango.cpp:265
#11 0x00002af1ea81bafd in nsFontMetricsPango::Init (this=0x2aaaaaf0d620,
aFont=Variable "aFont" is not available.
) at nsFontMetricsPango.cpp:251
#12 0x00002af1e3d98a51 in nsFontCache::GetMetricsFor (this=0x2aaaaaf125e0,
aFont=@0x2aaaaaf0a838, aLangGroup=0xa79bb0, aMetrics=@0x7fffff8c9250) at
nsDeviceContext.cpp:631
#13 0x00002af1e5579f5e in nsHTMLReflowState::CalcLineHeight
(aPresContext=Variable "aPresContext" is not available.
) at nsHTMLReflowState.cpp:2263
#14 0x00002af1e556193d in nsBlockReflowState (this=0x7fffff8c93b0,
aReflowState=@0x7fffff8c9700, aPresContext=0xacf130, aFrame=0x2aaaaaf087d0,
aMetrics=@0x7fffff8c9810, aTopMarginRoot=4194304,
    aBottomMarginRoot=4194304) at nsBlockReflowState.cpp:172
#15 0x00002af1e555ebb9 in nsBlockFrame::Reflow (this=0x2aaaaaf087d0,
aPresContext=0xacf130, aMetrics=@0x7fffff8c9810, aReflowState=@0x7fffff8c9700,
aStatus=@0x7fffff8c9a7c)
    at nsBlockFrame.cpp:770
#16 0x00002af1e55655fc in nsContainerFrame::ReflowChild (this=Variable "this" is
not available.
) at nsContainerFrame.cpp:904
#17 0x00002af1e557922e in CanvasFrame::Reflow (this=0xad6040,
aPresContext=0xacf130, aDesiredSize=@0x7fffff8c9b20,
aReflowState=@0x7fffff8c9930, aStatus=@0x7fffff8c9a7c) at nsHTMLFrame.cpp:531
#18 0x00002af1e55655fc in nsContainerFrame::ReflowChild (this=Variable "this" is
not available.
) at nsContainerFrame.cpp:904
#19 0x00002af1e5576055 in nsHTMLScrollFrame::ReflowScrolledFrame (this=0xad6288,
aState=@0x7fffff8c9bf0, aAssumeHScroll=Variable "aAssumeHScroll" is not available.
) at nsGfxScrollFrame.cpp:515
#20 0x00002af1e5576160 in nsHTMLScrollFrame::ReflowContents (this=0xad6288,
aState=0x7fffff8c9bf0, aDesiredSize=@0x7fffff8ca030) at nsGfxScrollFrame.cpp:570
#21 0x00002af1e5576de6 in nsHTMLScrollFrame::Reflow (this=0xad6288,
aPresContext=Variable "aPresContext" is not available.
) at nsGfxScrollFrame.cpp:768
#22 0x00002af1e55655fc in nsContainerFrame::ReflowChild (this=Variable "this" is
not available.
) at nsContainerFrame.cpp:904
#23 0x00002af1e55ad1b1 in ViewportFrame::Reflow (this=0xad5f40,
aPresContext=0xacf130, aDesiredSize=@0x7fffff8ca210,
aReflowState=@0x7fffff8ca100, aStatus=@0x7fffff8ca2bc)
    at nsViewportFrame.cpp:239
#24 0x00002af1e5547f17 in PresShell::InitialReflow (this=0xad4ce0,
aWidth=Variable "aWidth" is not available.
) at nsPresShell.cpp:2865
#25 0x00002af1e56735a0 in nsContentSink::StartLayout (this=0xacad70,
aIsFrameset=Variable "aIsFrameset" is not available.
) at nsContentSink.cpp:921
#26 0x00002af1e57157c6 in HTMLContentSink::OpenBody (this=0xacad70,
aNode=@0xad8100) at nsHTMLContentSink.cpp:2633
#27 0x00002af1e51d3992 in CNavDTD::OpenBody (this=0xad7cd0, aNode=0xad8100) at
CNavDTD.cpp:2968
#28 0x00002af1e51d6255 in CNavDTD::HandleDefaultStartToken (this=0xad7cd0,
aToken=0xac94a0, aChildTag=eHTMLTag_body, aNode=0xad8100) at CNavDTD.cpp:1281
#29 0x00002af1e51d6c07 in CNavDTD::HandleStartToken (this=0xad7cd0,
aToken=0xac94a0) at CNavDTD.cpp:1668
#30 0x00002af1e51d701c in CNavDTD::HandleToken (this=0xad7cd0, aToken=0xac94a0,
aParser=0xac9140) at CNavDTD.cpp:955
#31 0x00002af1e51d7439 in CNavDTD::BuildModel (this=0xad7cd0, aParser=0xac9140,
aTokenizer=Variable "aTokenizer" is not available.
) at CNavDTD.cpp:458
#32 0x00002af1e51e1eb7 in nsParser::BuildModel (this=0xac9140) at nsParser.cpp:2127
#33 0x00002af1e51e4e71 in nsParser::ResumeParse (this=0xac9140,
allowIteration=1, aIsFinalChunk=0, aCanInterrupt=1) at nsParser.cpp:1994
#34 0x00002af1e51e16aa in nsParser::OnDataAvailable (this=0xac9140,
request=Variable "request" is not available.
) at nsParser.cpp:2674
#35 0x00002af1e93325c7 in nsInputStreamPump::OnStateTransfer (this=0x9849e0) at
nsInputStreamPump.cpp:437
#36 0x00002af1e93326ab in nsInputStreamPump::OnInputStreamReady (this=0x9849e0,
stream=Variable "stream" is not available.
) at nsInputStreamPump.cpp:340
#37 0x00002af1ddaad183 in nsInputStreamReadyEvent::EventHandler
(plevent=Variable "plevent" is not available.
) at nsStreamUtils.cpp:119
#38 0x00002af1ddabdcad in PL_HandleEvent (self=0x984a68) at plevent.c:688
#39 0x00002af1ddabdebf in PL_ProcessPendingEvents (self=0x62aa20) at plevent.c:623
#40 0x00002af1ddabf2a7 in nsEventQueueImpl::ProcessPendingEvents (this=0x62a9e0)
at nsEventQueue.cpp:417
#41 0x00002af1eb02990a in event_processor_callback (source=Variable "source" is
not available.
) at nsAppShell.cpp:67
#42 0x00002af1ded5f01a in g_main_context_dispatch () from
/usr/lib64/libglib-2.0.so.0
#43 0x00002af1ded621a5 in g_main_context_check () from /usr/lib64/libglib-2.0.so.0
#44 0x00002af1ded624cd in g_main_loop_run () from /usr/lib64/libglib-2.0.so.0
#45 0x00002af1de093c93 in gtk_main () from /usr/lib64/libgtk-x11-2.0.so.0
#46 0x00002af1eb029c3c in nsAppShell::Run (this=0x908740) at nsAppShell.cpp:139
#47 0x00002af1e3fe4488 in nsAppStartup::Run (this=0x9086c0) at nsAppStartup.cpp:150
#48 0x000000000040b23f in XRE_main (argc=Variable "argc" is not available.
) at nsAppRunner.cpp:2313
#49 0x00000038f1d1cff4 in __libc_start_main () from /lib64/libc.so.6
#50 0x0000000000406b29 in _start ()
#51 0x00007fffff8cb2c8 in ?? ()

Comment 1 Sammy 2006-02-13 17:24:29 UTC

Cannot reproduce with everything at todays rebuild EXCEPT kernel at test2
level. Kernel problem?

Comment 2 Dave Jones 2006-02-14 00:47:52 UTC

no. fontconfig bug.
mv .fonts .fonts-foo fixed it.
moving them back, and rerunning fc-cache -f also fixed it.

Comment 3 Matthias Clasen 2006-02-22 14:16:44 UTC

I'll be looking at getting 2.3.94  in fc5 if it appears in time.

Comment 4 Bryan O'Sullivan 2006-02-23 20:38:44 UTC

This is a very nasty bug, as it makes the X server appear to die (since
gnome-session can't start metacity).

Comment 5 Matthias Clasen 2006-02-27 06:45:30 UTC

2.3.94 is in rawhide now, and appears to be more stable than previous cvs
snapshots. Please reopen, if you still see crashes with it.

Note You need to log in before you can comment on or make changes to this bug.