Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 235938 - firefox crashes displaying gmail/spam folder
Summary: firefox crashes displaying gmail/spam folder
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: freetype
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Behdad Esfahbod
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-10 21:33 UTC by Tom London
Modified: 2007-11-30 22:12 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-11 13:24:27 UTC


Attachments (Terms of Use)

Description Tom London 2007-04-10 21:33:10 UTC
Description of problem:
I can reliably reproduce a firefox crash by trying to look at my spam folder in
my gmail account:

[New Thread -1298359408 (LWP 25715)]
*** glibc detected *** /usr/lib/firefox-2.0.0.3/firefox-bin: free(): invalid
next size (fast): 0x0ae97520 ***
======= Backtrace: =========
/lib/libc.so.6[0x47b48bed]
/lib/libc.so.6(cfree+0x90)[0x47b4c210]
/usr/lib/libfreetype.so.6[0x4976800d]
/usr/lib/libfreetype.so.6(ft_mem_free+0x1a)[0x4976b7da]
/usr/lib/libfreetype.so.6(ft_glyphslot_free_bitmap+0x4c)[0x4976bc9c]
/usr/lib/libfreetype.so.6(FT_Load_Glyph+0x40)[0x4976cb20]
/usr/lib/libcairo.so.2[0x49caff94]
/usr/lib/libcairo.so.2[0x49c9fdaf]
/usr/lib/libcairo.so.2(cairo_scaled_font_glyph_extents+0xa0)[0x49ca0a50]
/usr/lib/libpangocairo-1.0.so.0[0x49c82c1c]
/usr/lib/libpango-1.0.so.0(pango_font_get_glyph_extents+0x3e)[0x48422c9e]
/usr/lib/libpangoft2-1.0.so.0(pango_ot_buffer_output+0x18a)[0x4982947a]
/usr/lib/libpangoft2-1.0.so.0[0x49845147]
/usr/lib/libpango-1.0.so.0[0x4842aa3a]
/usr/lib/libpango-1.0.so.0(pango_shape+0xf7)[0x4843bb47]
/usr/lib/libpango-1.0.so.0[0x4842e88a]
/usr/lib/libpango-1.0.so.0[0x484314f5]
/usr/lib/libpango-1.0.so.0[0x48431a5d]
/usr/lib/libpango-1.0.so.0(pango_layout_get_line+0x2f)[0x48433b1f]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x6eb354]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x6ecda0]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x6e190f]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x6f1f9f]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10eeb53]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10f480f]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10d07f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10cb681]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10cb8f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10cbc9d]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10d07f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2482]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2932]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2bb0]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2dfa]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a3387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a6206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10acf03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1176e59]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10acf03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x118b36e]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x11898af]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10acf03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x118cecd]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x118ea29]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10acf03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1180d45]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x11813f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1184ff9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10acf03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x11871ae]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x11880b3]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a7c99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a1cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a3387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a6206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a7c99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a1cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a2cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a3387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a6206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a7c99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10a1cb9]
======= Memory map: ========
00110000-0017e000 r-xp 00000000 fd:00 5704947   
/usr/lib/firefox-2.0.0.3/components/libtoolkitcomps.so
0017e000-00181000 rw-p 0006e000 fd:00 5704947   
/usr/lib/firefox-2.0.0.3/components/libtoolkitcomps.so
00181000-001ca000 r-xp 00000000 fd:00 5704891   
/usr/lib/firefox-2.0.0.3/components/libembedcomponents.so
001ca000-001cc000 rw-p 00049000 fd:00 5704891   
/usr/lib/firefox-2.0.0.3/components/libembedcomponents.so
001cc000-001d3000 r-xp 00000000 fd:00 5704946   
/usr/lib/firefox-2.0.0.3/components/libsystem-pref.so
001d3000-001d4000 rw-p 00007000 fd:00 5704946   
/usr/lib/firefox-2.0.0.3/components/libsystem-pref.so
001d4000-001db000 r-xp 00000000 fd:00 7212324    /lib/librt-2.5.90.so
001db000-001dc000 r--p 00006000 fd:00 7212324    /lib/librt-2.5.90.so
001dc000-001dd000 rw-p 00007000 fd:00 7212324    /lib/librt-2.5.90.so
001dd000-001e0000 r-xp 00000000 fd:00 5669099   
/usr/lib/firefox-2.0.0.3/libgfxpsshar.so
001e0000-001e1000 rw-p 00002000 fd:00 5669099    /usr/lib/firefox-2.0.0.3/lib
Program received signal SIGABRT, Aborted.
[Switching to Thread -1209002288 (LWP 25688)]
0x0089d410 in __kernel_vsyscall ()
(gdb) where
#0  0x0089d410 in __kernel_vsyscall ()
#1  0x47b09f10 in raise () from /lib/libc.so.6
#2  0x47b0b761 in abort () from /lib/libc.so.6
#3  0x47b40d6b in __libc_message () from /lib/libc.so.6
#4  0x47b48bed in _int_free () from /lib/libc.so.6
#5  0x47b4c210 in free () from /lib/libc.so.6
#6  0x4976800d in __cxa_pure_virtual () from /usr/lib/libfreetype.so.6
#7  0x4976b7da in ft_mem_free () from /usr/lib/libfreetype.so.6
#8  0x4976bc9c in ft_glyphslot_free_bitmap () from /usr/lib/libfreetype.so.6
#9  0x4976cb20 in FT_Load_Glyph () from /usr/lib/libfreetype.so.6
#10 0x49caff94 in __cxa_pure_virtual () from /usr/lib/libcairo.so.2
#11 0x49c9fdaf in __cxa_pure_virtual () from /usr/lib/libcairo.so.2
#12 0x49ca0a50 in cairo_scaled_font_glyph_extents ()
   from /usr/lib/libcairo.so.2
#13 0x49c82c1c in __cxa_pure_virtual () from /usr/lib/libpangocairo-1.0.so.0
#14 0x48422c9e in pango_font_get_glyph_extents ()
   from /usr/lib/libpango-1.0.so.0
#15 0x4982947a in pango_ot_buffer_output () from /usr/lib/libpangoft2-1.0.so.0
#16 0x49845147 in __cxa_pure_virtual () from /usr/lib/libpangoft2-1.0.so.0
#17 0x4842aa3a in __cxa_pure_virtual () from /usr/lib/libpango-1.0.so.0
#18 0x4843bb47 in pango_shape () from /usr/lib/libpango-1.0.so.0
#19 0x4842e88a in __cxa_pure_virtual () from /usr/lib/libpango-1.0.so.0
#20 0x484314f5 in __cxa_pure_virtual () from /usr/lib/libpango-1.0.so.0
---Type <return> to continue, or q <return> to quit---
#21 0x48431a5d in __cxa_pure_virtual () from /usr/lib/libpango-1.0.so.0
#22 0x48433b1f in pango_layout_get_line () from /usr/lib/libpango-1.0.so.0
#23 0x006eb354 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so
#24 0x006ecda0 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so
#25 0x006e190f in ?? () from /usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so
#26 0x006f1f9f in ?? () from /usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so
#27 0x010eeb53 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#28 0x010f480f in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#29 0x010d07f9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#30 0x010cb681 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#31 0x010cb8f9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#32 0x010cbc9d in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#33 0x010d07f9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#34 0x010a2482 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#35 0x010a2932 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#36 0x010a2bb0 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#37 0x010a2dfa in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#38 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#39 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#40 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#41 0x01176e59 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#42 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#43 0x0118b36e in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
---Type <return> to continue, or q <return> to quit---
#44 0x011898af in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#45 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#46 0x0118cecd in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#47 0x0118ea29 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#48 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#49 0x01180d45 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#50 0x011813f9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#51 0x01184ff9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#52 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#53 0x011871ae in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#54 0x011880b3 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#55 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#56 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#57 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#58 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#59 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#60 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#61 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#62 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#63 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#64 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#65 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#66 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
---Type <return> to continue, or q <return> to quit---
#67 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#68 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#69 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#70 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#71 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#72 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#73 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#74 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#75 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#76 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#77 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#78 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#79 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#80 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#81 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#82 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#83 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#84 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#85 0x010a7c99 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#86 0x010a1cb9 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#87 0x010a2cb1 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#88 0x010a3387 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#89 0x010a6206 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
---Type <return> to continue, or q <return> to quit---
#90 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#91 0x010c1f90 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#92 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#93 0x010be7f8 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#94 0x010beb9c in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#95 0x010bf537 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#96 0x010acf03 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#97 0x010f95b5 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#98 0x0108e94d in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#99 0x0108ebf5 in ?? () from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#100 0x0109789b in ?? ()
   from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#101 0x0108ecfc in ?? ()
   from /usr/lib/firefox-2.0.0.3/components/libgklayout.so
#102 0x4b570f6d in PL_HandleEvent ()
   from /usr/lib/firefox-2.0.0.3/libxpcom_core.so
#103 0x4b5711f6 in PL_ProcessPendingEvents ()
   from /usr/lib/firefox-2.0.0.3/libxpcom_core.so
#104 0x4b5729eb in __cxa_pure_virtual ()
   from /usr/lib/firefox-2.0.0.3/libxpcom_core.so
#105 0x00d2126e in ?? ()
   from /usr/lib/firefox-2.0.0.3/components/libwidget_gtk2.so
#106 0x47cecd8d in __cxa_pure_virtual () from /lib/libglib-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#107 0x47cc3622 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#108 0x47cc65ff in __cxa_pure_virtual () from /lib/libglib-2.0.so.0
#109 0x47cc69a9 in g_main_loop_run () from /lib/libglib-2.0.so.0
#110 0x4997c654 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#111 0x00d2165b in ?? ()
   from /usr/lib/firefox-2.0.0.3/components/libwidget_gtk2.so
#112 0x001190ea in ?? ()
   from /usr/lib/firefox-2.0.0.3/components/libtoolkitcomps.so
#113 0x0804f81d in __cxa_pure_virtual ()
#114 0x0804abf0 in __cxa_pure_virtual ()
#115 0x47af6ef0 in __libc_start_main () from /lib/libc.so.6
#116 0x0804ab41 in __cxa_pure_virtual ()
(gdb) 

Version-Release number of selected component (if applicable):
firefox-2.0.0.3-2.fc7


How reproducible:
every time

Steps to Reproduce:
1. browse to gmail.  click on spam folder
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Tom London 2007-04-10 22:27:06 UTC
This works with firefox 2.0.0.3 under Windows.

Fails every time here...

Comment 2 Tom London 2007-04-10 22:36:16 UTC
Get a similar crash running with '-safe-mode':

[tbl@localhost ~]$ firefox -safe-mode
*** glibc detected *** /usr/lib/firefox-2.0.0.3/firefox-bin: malloc(): memory
corruption: 0x08e9ff68 ***
======= Backtrace: =========
/lib/libc.so.6[0x47b492bc]
/lib/libc.so.6(__libc_malloc+0x7e)[0x47b4a9ee]
/lib/libglib-2.0.so.0(g_malloc+0x36)[0x47ccaa56]
/lib/libglib-2.0.so.0(g_slice_alloc+0x138)[0x47cda7b8]
/usr/lib/libpango-1.0.so.0(pango_script_iter_new+0x29)[0x48438cd9]
/usr/lib/libpango-1.0.so.0[0x484283bf]
/usr/lib/libpango-1.0.so.0(pango_itemize_with_base_dir+0x9b)[0x4842923b]
/usr/lib/libpango-1.0.so.0[0x484317b1]
/usr/lib/libpango-1.0.so.0(pango_layout_get_line+0x2f)[0x48433b1f]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x134354]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x135da0]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x12a90f]
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so[0x13af9f]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf92b53]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf9880f]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf747f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf6f681]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf6f8f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf6fc9d]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf747f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46482]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46932]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46bb0]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46dfa]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf47387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4a206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf50f03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x101ae59]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf50f03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x102f36e]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x102d8af]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf50f03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1030ecd]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1032a29]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf50f03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1024d45]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x10253f9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x1028ff9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf50f03]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x102b1ae]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0x102c0b3]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4bc99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf45cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf47387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4a206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4bc99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf45cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf47387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4a206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4bc99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf45cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf47387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4a206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4bc99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf45cb9]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf46cb1]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf47387]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4a206]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf4bc99]
/usr/lib/firefox-2.0.0.3/components/libgklayout.so[0xf45cb9]
======= Memory map: ========
00110000-00158000 r-xp 00000000 fd:00 5704330   
/usr/lib/firefox-2.0.0.3/components/libgfx_gtk.so
001



Comment 3 Christopher Aillon 2007-04-10 22:45:15 UTC
Works for me here.  I'm guessing there's something specific to your inbox that
is triggering this.  Possibly a character in one of the spams.

I see pango in your stack.  Does setting MOZ_DISABLE_PANGO=1 work as a stopgap?
 What are your pango, cairo, and freetype versions?

Comment 4 Tom London 2007-04-10 22:49:21 UTC
Ha!  Was just testing that...

No, setting MOZ_DISABLE_PANGO=1 has no effect.  Same crash.

[root@localhost ~]# rpm -q pango
pango-1.16.1-1.fc7
[root@localhost ~]# rpm -q cairo
cairo-1.4.2-1.fc7
[root@localhost ~]# rpm -q freetype
freetype-2.3.3-2.fc7
[root@localhost ~]# 


Comment 5 Tom London 2007-04-10 23:01:15 UTC
Aha....

Reverting freetype to freetype-2.3.2-1.fc7 'makes it work'.

Problem with freetype?

Comment 6 Christopher Aillon 2007-04-10 23:09:44 UTC
Probably.  Moving to freetype.  Btw, for future reference, you can issue one rpm
-q command with multiple package names as arguments:

% rpm -q pango cairo freetype
pango-1.16.1-1.fc7
cairo-1.4.2-1.fc7
freetype-2.3.2-1.fc7

Comment 7 Behdad Esfahbod 2007-04-10 23:26:37 UTC
I built freetype-2.3.4-1.fc7 today.  That should hopefully fix this...  Let me
know if it doesn't.

Comment 8 Tom London 2007-04-10 23:40:22 UTC
OK.  I'll leave my 'Spam' folder untouched until I can download/test 2.3.4-1.fc7

Comment 9 Tom London 2007-04-10 23:45:41 UTC
btw, reverting from 2.3.3-2.fc7 to 2.3.2-1.fc7 did not 'restore' the symbolic
link, so I had to fix this manually. 

I reverted via 'rpm -Uvh --oldpackage ..."

[root@localhost lib]# ls -l libfreetype*
lrwxrwxrwx 1 root root     21 2007-04-10 15:56 libfreetype.so ->
libfreetype.so.6.3.13
lrwxrwxrwx 1 root root     21 2007-04-10 15:56 libfreetype.so.6 ->
libfreetype.so.6.3.14
-rwxr-xr-x 1 root root 562152 2007-03-09 13:38 libfreetype.so.6.3.13
[root@localhost lib]#

Notice that libfreetype.so.6 is pointing to (the now non-existent)
libfreetype.so.6.3.14.

Removing and doing the link manually fixed this.

Comment 10 Tom London 2007-04-11 13:24:27 UTC
freetype-2.3.4-1.fc7 fixes this....

Thanks.


Note You need to log in before you can comment on or make changes to this bug.