Hi!
On Wed, Nov 06, 2013 at 11:09:48PM -0500, Daniel Kahn Gillmor wrote:
> Package: icedove
> Version: 24.0-1
> Severity: normal
>
> I launched icedove with:
>
> NSPR_LOG_MODULES=all:5 NSPR_LOG_FILE=~/tmp/icedove-dbg.log
> /usr/lib/icedove/run-mozilla.sh -g /usr/bin/icedove
>
> i ran it for the day, and it just crashed on me:
>
> Program received signal SIGSEGV, Segmentation fault.
> dosprintf(SprintfState *, const PRUnichar *, typedef __va_list_tag
> __va_list_tag *) (ss=ss@entry=0x7fffffffa638, fmt=0x7fffbffffffe,
> fmt@entry=0x7fffbffffff0,
> ap=ap@entry=0x7fffffffa678)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsTextFormatter.cpp:842
That's
while ((c = *fmt++) != 0) {
So we at least know that the format string used is bad and that it tries
to print a size. Since this is fairly generic code I'd suspect that
something gets corrupted beforehand and this is just a fallout. It'd be
great to see if this is reproducable. Also running under valgrind might
give some insight but it crashes are rare that's probably to much to ask
for.
Cheers,
--- Guido
P.S.: I'm currently not subscribed to icedove bugs so I'd be happy to
stay on cc:
> 842
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsTextFormatter.cpp:
> No such file or directory.
> (gdb) bt
> #0 dosprintf(SprintfState *, const PRUnichar *, typedef __va_list_tag
> __va_list_tag *) (ss=ss@entry=0x7fffffffa638, fmt=0x7fffbffffffe,
> fmt@entry=0x7fffbffffff0, ap=ap@entry=0x7fffffffa678)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsTextFormatter.cpp:842
> #1 0x00007ffff3bc276d in nsTextFormatter::vssprintf (out=...,
> fmt=0x7fffbffffff0, ap=ap@entry=0x7fffffffa678)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsTextFormatter.cpp:1235
> #2 0x00007ffff3bc2807 in nsTextFormatter::ssprintf (out=...,
> fmt=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsTextFormatter.cpp:1220
> #3 0x00007ffff36c43dd in FormatFileSize (size=<optimized out>,
> useKB=useKB@entry=true, formattedSize=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mailnews/base/util/nsMsgUtils.cpp:525
> #4 0x00007ffff36e530e in nsMsgDBView::FetchSize (
> this=this@entry=0x7fffb0612000, aHdr=0x7fff8b7774c0, aSizeString=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mailnews/base/src/nsMsgDBView.cpp:715
> #5 0x00007ffff36f02a5 in nsMsgDBView::CellTextForColumn (
> this=this@entry=0x7fffb0612000, aRow=aRow@entry=156,
> aColumnName=aColumnName@entry=0x7fffd60b47e8, aValue=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mailnews/base/src/nsMsgDBView.cpp:1992
> #6 0x00007ffff370107b in nsMsgGroupView::CellTextForColumn (
> this=0x7fffb0612000, aRow=156, aColumnName=0x7fffd60b47e8, aValue=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mailnews/base/src/nsMsgGroupView.cpp:885
> #7 0x00007ffff36e66f1 in nsMsgDBView::GetCellText (this=0x7fffb0612000,
> aRow=156, aCol=0x7fffc6335a00, aValue=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mailnews/base/src/nsMsgDBView.cpp:1966
> #8 0x00007ffff33c5a2e in nsTreeBodyFrame::PaintText (
> this=this@entry=0x7fffd1103e98, aRowIndex=aRowIndex@entry=156,
> aColumn=aColumn@entry=0x7fffc6335a00, aTextRect=...,
> aPresContext=aPresContext@entry=0x7fffd602b800, aRenderingContext=...,
> aDirtyRect=..., aCurrX=@0x7fffffffaec4: 58214,
> aTextRTL=aTextRTL@entry=false)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/xul/tree/nsTreeBodyFrame.cpp:3548
> #9 0x00007ffff33c9bb3 in nsTreeBodyFrame::PaintCell (
> this=this@entry=0x7fffd1103e98, aRowIndex=aRowIndex@entry=156,
> aColumn=aColumn@entry=0x7fffc6335a00, aCellRect=...,
> aPresContext=aPresContext@entry=0x7fffd602b800, aRenderingContext=...,
> aDirtyRect=..., aCurrX=@0x7fffffffb06c: 56919, aPt=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/xul/tree/nsTreeBodyFrame.cpp:3279
> #10 0x00007ffff33ca45e in nsTreeBodyFrame::PaintRow (
> this=this@entry=0x7fffd1103e98, aRowIndex=aRowIndex@entry=156,
> aRowRect=..., aPresContext=0x7fffd602b800, aRenderingContext=...,
> aDirtyRect=..., aPt=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/xul/tree/nsTreeBodyFrame.cpp:3052
> #11 0x00007ffff33ca7b7 in nsTreeBodyFrame::PaintTreeBody
> (this=0x7fffd1103e98,
> aRenderingContext=..., aDirtyRect=..., aPt=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/xul/tree/nsTreeBodyFrame.cpp:2850
> #12 0x00007ffff33ca8e3 in PaintTreeBody (aFrame=<optimized out>,
> aCtx=<optimized out>, aDirtyRect=..., aPt=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/xul/tree/nsTreeBodyFrame.cpp:2776
> #13 0x00007ffff2e82e45 in nsDisplayGeneric::Paint (this=<optimized out>,
> aBuilder=<optimized out>, aCtx=<optimized out>)
> at ../../layout/forms/../base/nsDisplayList.h:1709
> #14 0x00007ffff2e1967a in mozilla::FrameLayerBuilder::DrawThebesLayer (aLayer=
> 0x7fffcb735800, aContext=0x7fff8b705670, aRegionToDraw=...,
> aRegionToInvalidate=..., aCallbackData=0x7fffffffc3b8)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/FrameLayerBuilder.cpp:3309
> #15 0x00007ffff3c5c652 in mozilla::layers::BasicThebesLayer::PaintBuffer (
> this=0x7fffcb735800, aContext=<optimized out>, aRegionToDraw=...,
> aExtendedRegionToDraw=..., aRegionToInvalidate=...,
> aDidSelfCopy=<optimized out>,
> aCallback=0x7ffff2e18e14
> <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*,
> gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>,
> aCallbackData=0x7fffffffc3b8)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicThebesLayer.h:97
> #16 0x00007ffff3c5d19a in mozilla::layers::BasicThebesLayer::PaintThebes (
> this=0x7fffcb735800, aContext=0x7fffcedf6c50, aMaskLayer=0x0,
> aCallback=0x7ffff2e18e14
> <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*,
> gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>,
> aCallbackData=0x7fffffffc3b8, aReadback=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicThebesLayer.cpp:180
> #17 0x00007ffff3c5b280 in
> mozilla::layers::BasicLayerManager::PaintSelfOrChildren
> (this=this@entry=0x7fffd105fb20, aPaintContext=...,
> aGroupTarget=aGroupTarget@entry=0x7fffcedf6c50)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicLayerManager.cpp:829
> #18 0x00007ffff3c5b684 in mozilla::layers::BasicLayerManager::PaintLayer (
> this=this@entry=0x7fffd105fb20, aTarget=aTarget@entry=0x7fffcedf6c50,
> aLayer=0x7fffcb735800, aCallback=<optimized out>,
> aCallbackData=<optimized out>, aReadback=aReadback@entry=0x7fffffffbb60)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicLayerManager.cpp:955
> #19 0x00007ffff3c5b31c in
> mozilla::layers::BasicLayerManager::PaintSelfOrChildre---Type <return> to
> continue, or q <return> to quit---
> n (this=this@entry=0x7fffd105fb20, aPaintContext=...,
> aGroupTarget=aGroupTarget@entry=0x7fffcedf6c50)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicLayerManager.cpp:844
> #20 0x00007ffff3c5b684 in mozilla::layers::BasicLayerManager::PaintLayer (
> this=this@entry=0x7fffd105fb20, aTarget=0x7fffcedf6c50,
> aLayer=0x7fffcb734800,
> aCallback=aCallback@entry=0x7ffff2e18e14
> <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*,
> gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>,
> aCallbackData=aCallbackData@entry=0x7fffffffc3b8,
> aReadback=aReadback@entry=0x0)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicLayerManager.cpp:955
> #21 0x00007ffff3c5bfb6 in
> mozilla::layers::BasicLayerManager::EndTransactionInternal
> (this=0x7fffd105fb20,
> aCallback=0x7ffff2e18e14
> <mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer*,
> gfxContext*, nsIntRegion const&, nsIntRegion const&, void*)>,
> aCallbackData=0x7fffffffc3b8, aFlags=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/gfx/layers/basic/BasicLayerManager.cpp:589
> #22 0x00007ffff2e48b8f in nsDisplayList::PaintForFrame (
> this=this@entry=0x7fffffffc2c8, aBuilder=aBuilder@entry=0x7fffffffc3b8,
> aCtx=aCtx@entry=0x0, aForFrame=<optimized out>, aFlags=aFlags@entry=13)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsDisplayList.cpp:1201
> #23 0x00007ffff2e48de3 in nsDisplayList::PaintRoot (
> this=this@entry=0x7fffffffc2c8, aBuilder=aBuilder@entry=0x7fffffffc3b8,
> aCtx=aCtx@entry=0x0, aFlags=13)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsDisplayList.cpp:1062
> #24 0x00007ffff2e5f33a in nsLayoutUtils::PaintFrame (
> aRenderingContext=aRenderingContext@entry=0x0, aFrame=aFrame@entry=
> 0x7fffd6035420, aDirtyRegion=..., aBackstop=aBackstop@entry=4294967295,
> aFlags=aFlags@entry=772)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsLayoutUtils.cpp:2072
> #25 0x00007ffff2e7131e in PresShell::Paint (this=0x7fffd7785800,
> aViewToPaint=aViewToPaint@entry=0x7fffd6d41190, aDirtyRegion=...,
> aFlags=aFlags@entry=1)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsPresShell.cpp:5602
> #26 0x00007ffff320a0a7 in nsViewManager::ProcessPendingUpdatesForView (
> this=0x7fffd6038b80, aView=0x7fffd6d41190, aFlushDirtyRegion=true)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/view/src/nsViewManager.cpp:410
> #27 0x00007ffff2e7bd02 in nsRefreshDriver::Tick (this=<optimized out>,
> aNowEpoch=aNowEpoch@entry=1383796948979579, aNowTime=...,
> aNowTime@entry=...)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsRefreshDriver.cpp:1225
> #28 0x00007ffff2e7be9e in TickDriver (now=..., jsnow=1383796948979579,
> driver=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsRefreshDriver.cpp:171
> #29 mozilla::RefreshDriverTimer::Tick (this=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/layout/base/nsRefreshDriver.cpp:163
> #30 0x00007ffff3bf631c in nsTimerImpl::Fire (this=0x7fffde3fcf10)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/threads/nsTimerImpl.cpp:543
> #31 0x00007ffff3bf63d7 in nsTimerEvent::Run (this=0x7fffffffa8d0)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/threads/nsTimerImpl.cpp:627
> #32 0x00007ffff3bf3cdc in nsThread::ProcessNextEvent (this=0x7ffff6c4da20,
> mayWait=<optimized out>, result=0x7fffffffcd9f)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/threads/nsThread.cpp:626
> #33 0x00007ffff3bc6922 in NS_ProcessNextEvent (thread=<optimized out>,
> mayWait=mayWait@entry=false)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/xpcom/build/nsThreadUtils.cpp:238
> #34 0x00007ffff38e8438 in mozilla::ipc::MessagePump::Run
> (this=0x7fffe3111cc0,
> aDelegate=0x7fffe310b240)
> at /build/icedove-JBQcjj/icedove-24.0/mozilla/ipc/glue/MessagePump.cpp:82
> #35 0x00007ffff3c136df in RunHandler (this=0x7fffe310b240)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/ipc/chromium/src/base/message_loop.cc:212
> #36 MessageLoop::Run (this=0x7fffe310b240)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/ipc/chromium/src/base/message_loop.cc:186
> #37 0x00007ffff367040b in nsBaseAppShell::Run (this=0x7fffe1153400)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/widget/xpwidgets/nsBaseAppShell.cpp:163
> #38 0x00007ffff35440d1 in nsAppStartup::Run (this=0x7fffe1118b00)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/toolkit/components/startup/nsAppStartup.cpp:269
> #39 0x00007ffff2c209ae in XREMain::XRE_mainRun
> (this=this@entry=0x7fffffffd000)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/toolkit/xre/nsAppRunner.cpp:3856
> #40 0x00007ffff2c20c1b in XREMain::XRE_main (this=this@entry=0x7fffffffd000,
> argc=argc@entry=1, argv=argv@entry=0x7fffffffe3f8,
> aAppData=aAppData@entry=0x7ffff6c1f580)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/toolkit/xre/nsAppRunner.cpp:3924
> #41 0x00007ffff2c20e57 in XRE_main (argc=1, argv=0x7fffffffe3f8,
> aAppData=0x7ffff6c1f580, aFlags=<optimized out>)
> at
> /build/icedove-JBQcjj/icedove-24.0/mozilla/toolkit/xre/nsAppRunner.cpp:41---Type
> <return> to continue, or q <return> to quit---
> 26
> #42 0x00000000004033c6 in do_main (argv=0x7fffffffe3f8, argc=1,
> exePath=0x7fffffffd2d8 "/usr/lib/icedove/")
> at /build/icedove-JBQcjj/icedove-24.0/mail/app/nsMailApp.cpp:111
> #43 main (argc=1, argv=0x7fffffffe3f8)
> at /build/icedove-JBQcjj/icedove-24.0/mail/app/nsMailApp.cpp:200
> (gdb)
>
> the end of the debug log is:
>
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 0 len 1 weight: 400 width: 0 style: normal TEXTRUN […] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [l] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [o] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [g] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [c] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [h] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [e] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [c] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 1 weight: 400 width: 0 style: normal TEXTRUN [k] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 9 weight: 400 width: 0 style: normal TEXTRUN [logcheck…] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 9 weight: 400 width: 0 style: normal TEXTRUN [logcheck…] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 8 weight: 400 width: 0 style: normal TEXTRUN [10:02 PM] ENDTEXTRUN
> -134396096[7ffff6c30040]: (textrunui) fontgroup: ["Sans"] lang: en-us script:
> 25 len 8 weight: 400 width: 0 style: normal TEXTRUN [10:02 PM] ENDTEXTRUN
>
>
> I normally have enigmail installed, but it has not been installed
> since i upgraded to icedove 24.0, so i can say with confidence that
> this segfault is not due to enigmail.
>
> I've had several other segfault crashes with icedove 24.0, but have
> only had the enormous icedove-dbg package installed on this run, so i
> was unable to provide a full backtrace for the previous crashes.
>
> --dkg
>
> -- System Information:
> Debian Release: jessie/sid
> APT prefers testing
> APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 3.11-trunk-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages icedove depends on:
> ii debianutils 4.4
> ii fontconfig 2.11.0-1
> ii libasound2 1.0.27.2-3
> ii libatk1.0-0 2.10.0-2
> ii libc6 2.17-93
> ii libcairo2 1.12.16-2
> ii libdbus-1-3 1.6.16-1
> ii libdbus-glib-1-2 0.100.2-1
> ii libevent-2.0-5 2.0.21-stable-1
> ii libffi6 3.0.13-4
> ii libfontconfig1 2.11.0-1
> ii libfreetype6 2.4.9-1.1
> ii libgcc1 1:4.8.2-1
> ii libgdk-pixbuf2.0-0 2.28.2-1
> ii libglib2.0-0 2.36.4-1
> ii libgtk2.0-0 2.24.21-1
> ii libhunspell-1.3-0 1.3.2-4
> ii libnspr4 2:4.10.1-1
> ii libnss3 2:3.15.2-1
> ii libpango-1.0-0 1.32.5-5+b1
> ii libpixman-1-0 0.30.2-1
> ii libsqlite3-0 3.8.1-1
> ii libstartup-notification0 0.12-3
> ii libstdc++6 4.8.2-1
> ii libvpx1 1.2.0-2
> ii libx11-6 2:1.6.2-1
> ii libxext6 2:1.3.2-1
> ii libxrender1 1:0.9.8-1
> ii libxt6 1:1.1.4-1
> ii psmisc 22.20-1
> ii zlib1g 1:1.2.8.dfsg-1
>
> Versions of packages icedove recommends:
> ii myspell-en-us [myspell-dictionary] 1:3.3.0-4
>
> Versions of packages icedove suggests:
> ii fonts-lyx 2.0.6-1
> ii libglib2.0-0 2.36.4-1
> ii libgssapi-krb5-2 1.11.3+dfsg-3
>
> -- debconf-show failed
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
