Description of problem: While viewing 'http://nicewebtype.com/fonts/graublau-sans-web/' the browser will segfault. It also segfaults on other websites, but I know this site triggers the fault. Version-Release number of selected component (if applicable): xulrunner-python-1.9.1-1.fc11.x86_64 firefox-3.5-1.fc11.x86_64 xulrunner-1.9.1-1.fc11.x86_64 xulrunner-devel-1.9.1-1.fc11.x86_64 mozilla-filesystem-1.9-4.fc11.x86_64 How reproducible: Every time, it doesn't always segfault immediately, but no extra behavior but loading the page is needed. Steps to Reproduce: 1. Type: 'http://nicewebtype.com/fonts/graublau-sans-web/' in the URL bar. 2. Wait. 3. Watch in amazement as away go all your tabs and windows. Actual results: "firefox: cairo-ft-font.c:554: _cairo_ft_unscaled_font_lock_face: Assertion `!unscaled->from_face' failed." Your entire web-browsing session will crash. Hopefully you were not typing your dissertation on world peace in another tab. Expected results: The page should load, and your dissertation on world-peace in the text box of the other tab should be preserved.
Other @font-face related crashes: #0 0x000000388ca0ed5b in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42 #1 0x00007f0acb34eda8 in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:212 #2 <signal handler called> #3 FT_Set_Transform (face=0x7f0ab4402800, matrix=0x7fff77aaa450, delta=0x0) at /usr/src/debug/freetype-2.3.9/src/base/ftobjs.c:463 #4 0x0000003a840481dc in _cairo_ft_unscaled_font_set_scale (unscaled=0x7f0ab4a29df0, scale=<value optimized out>) at cairo-ft-font.c:696 #5 0x0000003a8404b225 in _cairo_ft_scaled_font_create (unscaled=0x7f0ab4a29df0, font_face=<value optimized out>, font_matrix=<value optimized out>, ctm=<value optimized out>, options=0x7f0ab4454a60, ft_options= {base = {antialias = CAIRO_ANTIALIAS_DEFAULT, subpixel_order = CAIRO_SUBPIXEL_ORDER_DEFAULT, hint_style = CAIRO_HINT_STYLE_MEDIUM, hint_metrics = CAIRO_HINT_METRICS_DEFAULT}, load_flags = 0, extra_flags = 0}, font_out=<value optimized out>) at cairo-ft-font.c:1536 #6 0x0000003a8404b838 in _cairo_ft_font_face_scaled_font_create (abstract_face=<value optimized out>, font_matrix=<value optimized out>, ctm=<value optimized out>, options=<value optimized out>, scaled_font=<value optimized out>) at cairo-ft-font.c:2311 #7 0x0000003a8402701b in *INT_cairo_scaled_font_create (font_face=0x7f0ab781abe0, font_matrix=<value optimized out>, ctm=0x7fff77aaa790, options=0x7f0ab4454a60) at cairo-scaled-font.c:886 #8 0x00007f0acbc70d43 in CreateScaledFont (aPattern=0x7f0ab4d31840) at gfxPangoFonts.cpp:3077 #9 0x00007f0acbc70f67 in gfxFcFont::GetOrMakeFont (aPattern=0x7f0ab4402800) at gfxPangoFonts.cpp:2245 #10 0x00007f0acbc758a2 in gfxPangoFcFont::GfxFont (self=0x7f0ab3f597c0) at gfxPangoFonts.cpp:681 #11 0x00007f0acbc73b9c in gfxPangoFontGroup::GetFontAt (this=0x7f0abab26060, i=<value optimized out>) at gfxPangoFonts.cpp:1987 #12 0x00007f0acbc6d579 in TextRunWordCache::MakeTextRun (this=0x7f0ac1b1be80, aText=<value optimized out>, aLength=<value optimized out>, aFontGroup= 0x7f0abab26060, aParams=0x7fff77aab200, aFlags=22282880) at gfxTextRunWordCache.cpp:715 #13 0x00007f0acb562326 in MakeTextRun (aFlags=<value optimized out>, aParams=<value optimized out>, aFontGroup=<value optimized out>, aLength=<value optimized out>, aText=<value optimized out>) at nsTextFrameThebes.cpp:431 #0 0x000000388ca0ed5b in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/pt-raise.c:42 #1 0x00007f164404eda8 in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:212 #2 <signal handler called> #3 FT_Done_Face (face=0x7f162da07800) at /usr/src/debug/freetype-2.3.9/src/base/ftobjs.c:2216 #4 0x00007f1644974449 in gfxDownloadedFcFontEntry::~gfxDownloadedFcFontEntry (this=0x7f1630028eb0, __in_chrg=<value optimized out>) at gfxPangoFonts.cpp:358 #5 0x00007f1644974fa6 in gfxFontEntry::Release (this=0x7f162da07800) at ../../../dist/include/thebes/gfxFont.h:150 #6 0x0000003a8400bdce in _cairo_user_data_array_fini (array=0x7f1633014710) at cairo-array.c:392 #7 0x0000003a84011dd5 in *INT_cairo_font_face_destroy (font_face=0x7f1633014700) at cairo-font-face.c:206 #8 0x0000003a84049515 in _cairo_ft_unscaled_font_destroy (abstract_font=<value optimized out>) at cairo-ft-font.c:515 #9 0x0000003a84011c32 in _cairo_unscaled_font_destroy (unscaled_font=0x7f162da07800) at cairo-font-face.c:759 #10 0x0000003a84026aa0 in _cairo_scaled_font_fini_internal (scaled_font=0x7f163025d4e0) at cairo-scaled-font.c:733 #11 0x0000003a84026b70 in *INT_cairo_scaled_font_destroy (scaled_font=0x7f162faae330) at cairo-scaled-font.c:1063 #12 0x00007f1644970e24 in gfxFcFont::~gfxFcFont (this=0x7f16275d2420, __in_chrg=<value optimized out>) at gfxPangoFonts.cpp:2097 #13 0x00007f1644961b91 in gfxFontCache::DestroyFont (this=<value optimized out>, aFont=0x7f16275d2420) at gfxFont.cpp:252 #14 0x00007f1644967c08 in nsExpirationTracker<gfxFont, 3u>::AgeOneGeneration (this=0x7f163a81be10) at ../../../dist/include/xpcom/nsExpirationTracker.h:210 #15 0x00007f1644967c34 in nsExpirationTracker<gfxFont, 3u>::TimerCallback (aTimer=<value optimized out>, aThis=0x7f162da07800) at ../../../dist/include/xpcom/nsExpirationTracker.h:299 valgrind reports no errors. On the whole, it just feels like Linux @font-face support isn't done yet.
OK, looking at the backtraces, this looks like some problem in Cairo/Pango/Freetype. Changing the component for further analysis, but ready to accept explanation why firefox is to be blamed.
Created attachment 350476 [details] backtrace OK, so I got this as well. I will work on reproducer.
Apparently this is fixed in cairo 1.8.8
After installing 'cairo-1.8.8-1.fc12.x86_64', I tried to no avail to reproduce this bug. That is great. I tried hard. Can cairo 1.8.8 get pushed out soon for F11? Until cairo is updated, anyone can easily produce a webpage that dumps Firefox for every Fedora 11 user.
*** Bug 509574 has been marked as a duplicate of this bug. ***
There is an unofficial scratch rebuild of F12 cairo for F11 at http://koji.fedoraproject.org/koji/taskinfo?taskID=1454453
The unofficial scratch rebuild of F12 cairo for F11 also works great for me. I couldn't get an embedded font to seg fault the browser with it.
cairo-1.8.8-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/cairo-1.8.8-1.fc11
*** Bug 509634 has been marked as a duplicate of this bug. ***
cairo-1.8.8-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
Didn't fix my problem. Bug 509574 must have been a *different* bug. That's not at all unreasonable, since the symptoms were quite different.
*** Bug 542016 has been marked as a duplicate of this bug. ***
*** Bug 545503 has been marked as a duplicate of this bug. ***