more information can be provided... $ rpm -q firefox xulrunner firefox-3.0-0.60.beta5.fc9.x86_64 xulrunner-1.9-0.60.beta5.fc9.x86_64 Core was generated by `/usr/lib64/firefox-3.0b5/firefox'. Program terminated with signal 11, Segmentation fault. #4 0x000000335b3e68f0 in nsVoidArray::EnumerateForwards (this=<value optimized out>, aFunc=<value optimized out>, aData=<value optimized out>) at nsVoidArray.cpp:678 678 running = (*aFunc)(mImpl->mArray[index], aData); (gdb) list 673 674 if (mImpl) 675 { 676 while (running && (++index < mImpl->mCount)) 677 { 678 running = (*aFunc)(mImpl->mArray[index], aData); 679 } 680 } 681 return running; 682 } #3 0x000000335b3e3e80 in ReleaseObjects (aElement=<value optimized out>) at nsCOMArray.cpp:151 151 NS_IF_RELEASE(element); Current language: auto; currently c++ (gdb) list 146 // useful for destructors 147 PRBool 148 ReleaseObjects(void* aElement, void*) 149 { 150 nsISupports* element = static_cast<nsISupports*>(aElement); 151 NS_IF_RELEASE(element); 152 return PR_TRUE; 153 } 154 155 void (gdb) down #2 <signal handler called> Current language: auto; currently c (gdb) list 156 nsCOMArray_base::Clear() 157 { 158 mArray.EnumerateForwards(ReleaseObjects, nsnull); 159 mArray.Clear(); 160 } 161 (gdb) down #1 0x000000335ac268cd in nsProfileLock::FatalSignalHandler (signo=<value optimized out>) at nsProfileLock.cpp:212 212 raise(signo);
Can you please attach steps how to reproduce it?
1. create a new article in plone using the internal kupu editor. 2. write some text 3. click on ["html"] 4. boom
(In reply to comment #2) > 1. create a new article in plone using the internal kupu editor. > 2. write some text > 3. click on ["html"] > 4. boom Is there some internal (or publicly accessible external) instance of plone?
if you ping me on IRC, I can give you temporary access to my instance.
Hm, the provided testcase works fine for me (no crash). I have FF3 Beta5 with internal cairo.
on x86_64.
I'll retry with no plugins, fresh user. maybe I can pin it down to s.th.
hmm, as a fresh user, no problem. moving away .mozilla with my main user does not change anything. still segfault.
Try the safe mode (firefox -safe-mode)
$ firefox -safe-mode /usr/lib64/firefox-3.0b5/run-mozilla.sh: line 131: 27408 Segmentation fault "$prog" ${1+"$@"}
#0 0x000000334ec0ebeb in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42 42 sig); Missing separate debuginfos, use: debuginfo-install keyutils.x86_64 (gdb) bt #0 0x000000334ec0ebeb in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42 #1 0x000000335ac268cd in nsProfileLock::FatalSignalHandler (signo=<value optimized out>) at nsProfileLock.cpp:212 #2 <signal handler called> #3 0x00000000046644f0 in ?? () #4 0x000000335b386870 in nsDocAccessible::FlushPendingEvents (this=<value optimized out>) at nsDocAccessible.cpp:1640 #5 0x000000335b418ee2 in nsTimerImpl::Fire (this=<value optimized out>) at nsTimerImpl.cpp:400 #6 0x000000335b418f49 in nsTimerEvent::Run (this=<value optimized out>) at nsTimerImpl.cpp:490 #7 0x000000335b416a9e in nsThread::ProcessNextEvent (this=<value optimized out>, mayWait=<value optimized out>, result=<value optimized out>) at nsThread.cpp:510 #8 0x000000335b3e82f6 in NS_ProcessNextEvent_P (thread=<value optimized out>, mayWait=<value optimized out>) at nsThreadUtils.cpp:227 #9 0x000000335b36010d in nsBaseAppShell::Run (this=<value optimized out>) at nsBaseAppShell.cpp:170 #10 0x000000335b2235bd in nsAppStartup::Run (this=<value optimized out>) at nsAppStartup.cpp:181 #11 0x000000335ac1f73b in XRE_main (argc=<value optimized out>, argv=<value optimized out>, aAppData=<value optimized out>) at nsAppRunner.cpp:3154 #12 0x0000000000401665 in __gxx_personality_v0 () at ../../../../libstdc++-v3/libsupc++/eh_personality.cc:363 #13 0x000000334e01e32a in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=Could not find the frame base for "__libc_start_main". ) at libc-start.c:220 #14 0x0000000000401159 in __gxx_personality_v0 () at ../../../../libstdc++-v3/libsupc++/eh_personality.cc:363
(gdb) up #4 0x000000335b386870 in nsDocAccessible::FlushPendingEvents (this=<value optimized out>) at nsDocAccessible.cpp:1640 1640 NS_RELEASE_THIS(); // Release kung fu death grip Current language: auto; currently c++ (gdb) up #5 0x000000335b418ee2 in nsTimerImpl::Fire (this=<value optimized out>) at nsTimerImpl.cpp:400 400 callback.c(this, mClosure); (gdb) up #6 0x000000335b418f49 in nsTimerEvent::Run (this=<value optimized out>) at nsTimerImpl.cpp:490 490 timer->Fire(); (gdb) up #7 0x000000335b416a9e in nsThread::ProcessNextEvent (this=<value optimized out>, mayWait=<value optimized out>, result=<value optimized out>) at nsThread.cpp:510 510 event->Run(); (gdb) up #8 0x000000335b3e82f6 in NS_ProcessNextEvent_P (thread=<value optimized out>, mayWait=<value optimized out>) at nsThreadUtils.cpp:227 227 return NS_SUCCEEDED(thread->ProcessNextEvent(mayWait, &val)) && val; (gdb) up #9 0x000000335b36010d in nsBaseAppShell::Run (this=<value optimized out>) at nsBaseAppShell.cpp:170 170 NS_ProcessNextEvent(thread); (gdb) up #10 0x000000335b2235bd in nsAppStartup::Run (this=<value optimized out>) at nsAppStartup.cpp:181 181 nsresult rv = mAppShell->Run(); (gdb) up #11 0x000000335ac1f73b in XRE_main (argc=<value optimized out>, argv=<value optimized out>, aAppData=<value optimized out>) at nsAppRunner.cpp:3154 3154 rv = appStartup->Run(); (gdb) up #12 0x0000000000401665 in __gxx_personality_v0 () at ../../../../libstdc++-v3/libsupc++/eh_personality.cc:363 363 struct _Unwind_Context *context)
Try to turn off gnome accesibility. Does it help?
rofl.. yes :)
We found that this bug has been already registered in the upstream database (https://bugzilla.mozilla.org/show_bug.cgi?id=432467) and believe that it is more appropriate to let it be resolved upstream. Red Hat will continue to track the issue in the centralized upstream bug tracker, and will review any bug fixes that become available for consideration in future updates. Thank you for the bug report.