Bug#425223: icedove: GDB backtrace

Sun, 20 May 2007 12:52:22 -0700 

Package: icedove
Version: 2.0.0.0-2
Followup-For: Bug #425223

Note: Duplicate with #424963

Here is a backtrace with GDB:

[EMAIL PROTECTED] ~]$ cd /usr/lib/icedove
[EMAIL PROTECTED] icedove]$ LD_LIBRARY_PATH=./ gdb ./icedove-bin
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) run
Starting program: /usr/lib/icedove/icedove-bin
[Thread debugging using libthread_db enabled]
[New Thread 47649213809040 (LWP 5254)]
[New Thread 1082132800 (LWP 5261)]
[New Thread 1090525504 (LWP 5262)]
[New Thread 1098918208 (LWP 5268)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 47649213809040 (LWP 5254)]
nsFrame::BoxReflow (this=0x9b0a18, [EMAIL PROTECTED],
aPresContext=0x9ad7c0, [EMAIL PROTECTED],
[EMAIL PROTECTED],
    [EMAIL PROTECTED], aX=1500, aY=1500, aWidth=0, aHeight=0,
aMoveFrame=1) at nsFrame.cpp:5390
5390    nsFrame.cpp: No such file or directory.
        in nsFrame.cpp
(gdb) bt
#0  nsFrame::BoxReflow (this=0x9b0a18, [EMAIL PROTECTED],
aPresContext=0x9ad7c0, [EMAIL PROTECTED],
[EMAIL PROTECTED],
    [EMAIL PROTECTED], aX=1500, aY=1500, aWidth=0, aHeight=0,
aMoveFrame=1) at nsFrame.cpp:5390
#1  0x00002aaab4918965 in nsFrame::DoLayout (this=0x9b0a18,
[EMAIL PROTECTED]) at nsFrame.cpp:5194
#2  0x00002aaab4a14d78 in nsIFrame::Layout (this=0x9b0a18,
[EMAIL PROTECTED]) at nsBox.cpp:800
#3  0x00002aaab492272f in nsGfxScrollFrameInner::LayoutScrollbars
(this=0x9b06c0, [EMAIL PROTECTED], [EMAIL PROTECTED],
    [EMAIL PROTECTED], [EMAIL PROTECTED]) at
nsGfxScrollFrame.cpp:2436
#4  0x00002aaab4924248 in nsHTMLScrollFrame::Reflow (this=0x9b0648,
aPresContext=<value optimized out>, [EMAIL PROTECTED],
    [EMAIL PROTECTED], [EMAIL PROTECTED]) at
nsGfxScrollFrame.cpp:818
#5  0x00002aaab490e845 in nsContainerFrame::ReflowChild (this=<value
optimized out>, aKidFrame=0x9b0648, aPresContext=0x9ad7c0,
    [EMAIL PROTECTED], [EMAIL PROTECTED], aX=0,
aY=0, aFlags=0, [EMAIL PROTECTED]) at nsContainerFrame.cpp:905
#6  0x00002aaab4964558 in ViewportFrame::Reflow (this=0x9b0300,
aPresContext=0x9ad7c0, [EMAIL PROTECTED],
[EMAIL PROTECTED],
    [EMAIL PROTECTED]) at nsViewportFrame.cpp:239
#7  0x00002aaab48f0bad in PresShell::InitialReflow (this=0x9af3d0,
aWidth=1500, aHeight=<value optimized out>) at nsPresShell.cpp:2906
#8  0x00002aaab4a5a98c in nsContentSink::StartLayout (this=0x9abbc0,
aIsFrameset=<value optimized out>) at nsContentSink.cpp:921
#9  0x00002aaab4b38d74 in HTMLContentSink::OpenBody (this=0x9abbc0,
[EMAIL PROTECTED]) at nsHTMLContentSink.cpp:2641
#10 0x00002aaab59c1ae6 in CNavDTD::OpenBody (this=0x9b2130,
aNode=0x9b2560) at CNavDTD.cpp:2968
#11 0x00002aaab59c5fbd in CNavDTD::HandleDefaultStartToken
(this=0x9b2130, aToken=0x9a9820, aChildTag=eHTMLTag_body,
aNode=0x9b2560) at CNavDTD.cpp:1281
#12 0x00002aaab59c6338 in CNavDTD::HandleStartToken (this=0x9b2130,
aToken=0x9a9820) at CNavDTD.cpp:1668
#13 0x00002aaab59c67f2 in CNavDTD::HandleToken (this=0x9b2130,
aToken=0x9a9820, aParser=0x9a94c0) at CNavDTD.cpp:955
#14 0x00002aaab59c350a in CNavDTD::BuildModel (this=0x9b2130,
aParser=0x9a94c0, aTokenizer=<value optimized out>, anObserver=<value
optimized out>,
    aSink=<value optimized out>) at CNavDTD.cpp:458
#15 0x00002aaab59d7e06 in nsParser::BuildModel (this=0x9a94c0) at
nsParser.cpp:2164
#16 0x00002aaab59daac8 in nsParser::ResumeParse (this=0x9a94c0,
allowIteration=1, aIsFinalChunk=0, aCanInterrupt=1) at nsParser.cpp:2031
#17 0x00002aaab59d74cf in nsParser::OnDataAvailable (this=0x9a94c0,
request=0x8a61c8, aContext=<value optimized out>, pIStream=0x8a6b10,
sourceOffset=0,
    aLength=117) at nsParser.cpp:2710
#18 0x00002b56343584de in nsInputStreamPump::OnStateTransfer
(this=0x8a70f0) at nsInputStreamPump.cpp:494
#19 0x00002b56343585e4 in nsInputStreamPump::OnInputStreamReady
(this=0x9ad7c0, stream=<value optimized out>) at nsInputStreamPump.cpp:397
#20 0x00002b562e411305 in nsInputStreamReadyEvent::EventHandler
(plevent=<value optimized out>) at nsStreamUtils.cpp:120
#21 0x00002b562e42c389 in PL_HandleEvent (self=0x8a7178) at plevent.c:688
#22 0x00002b562e42c62b in PL_ProcessPendingEvents (self=0x6b3970) at
plevent.c:623
#23 0x00002b562e42e0fb in nsEventQueueImpl::ProcessPendingEvents
(this=0x6b3ca0) at nsEventQueue.cpp:417
#24 0x00002aaaaad098a2 in event_processor_callback (source=<value
optimized out>, condition=10147776, data=0x0) at nsAppShell.cpp:67
#25 0x00002b5630efe6d4 in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
#26 0x00002b5630f0150d in ?? () from /usr/lib/libglib-2.0.so.0
#27 0x00002b5630f0181a in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#28 0x00002b562ef1fb13 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#29 0x00002aaaaad09c3c in nsAppShell::Run (this=0x755ff0) at
nsAppShell.cpp:139
#30 0x00002aaaabb0d67e in nsAppStartup::Run (this=0x755f70) at
nsAppStartup.cpp:151
#31 0x0000000000408414 in XRE_main (argc=<value optimized out>,
argv=<value optimized out>, aAppData=<value optimized out>) at
nsAppRunner.cpp:2695
#32 0x00002b56319268e4 in __libc_start_main () from /lib/libc.so.6
#33 0x0000000000403959 in _start ()
(gdb)

It seems that the package icedove-dbg doesn't have any source code
inside, so I got the sources from 'apt-get source' to go a bit further.

Icedove is getting down on these lines of code (nsFrame.cpp:5390):
...
    //    we need to do a second reflow with the style change.
    // XXXwaterson This logic seems _very_ squirrely.
    if (metrics->mStyleChange) {
      if (reflowState.reason == eReflowReason_Resize) {
         // maxElementSize does not work on style change reflows.
...

So, I tried to break a bit before:

(gdb) break nsFrame.cpp:5382
(gdb) run
...
[Switching to Thread 47201290461584 (LWP 9246)]

Breakpoint 1, nsFrame::BoxReflow (this=0xa28218, [EMAIL PROTECTED],
aPresContext=0xa24fc0, [EMAIL PROTECTED],
[EMAIL PROTECTED],
    [EMAIL PROTECTED], aX=1500, aY=1500, aWidth=0, aHeight=0,
aMoveFrame=1) at nsFrame.cpp:5382
5382    nsFrame.cpp: No such file or directory.
        in nsFrame.cpp
(gdb) p metrics
$1 = (nsBoxLayoutMetrics *) 0x0

Here we are it seems that metrics is set to NULL and then used. It is
more or less typical from a race condition... but strangely it appears
only on 64bits plate-forms... I have no further explanation. :-/

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.21.1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages icedove depends on:
ii  debianutils             2.18.2           Miscellaneous utilities
specific t
ii  fontconfig              2.4.2-1.2        generic font configuration
library
ii  libatk1.0-0             1.18.0-2         The ATK accessibility toolkit
ii  libc6                   2.5-8            GNU C Library: Shared libraries
ii  libcairo2               1.4.6-1          The Cairo 2D vector
graphics libra
ii  libfontconfig1          2.4.2-1.2        generic font configuration
library
ii  libfreetype6            2.2.1-5          FreeType 2 font engine,
shared lib
ii  libgcc1                 1:4.2-20070516-1 GCC support library
ii  libglib2.0-0            2.12.12-1        The GLib library of C routines
ii  libgtk2.0-0             2.10.12-2        The GTK+ graphical user
interface
ii  libjpeg62               6b-13            The Independent JPEG
Group's JPEG
ii  libnspr4-0d             4.6.6-3          NetScape Portable Runtime
Library
ii  libnss3-0d              3.11.5-3+b1      Network Security Service
libraries
ii  libpango1.0-0           1.16.4-1         Layout and rendering of
internatio
ii  libpng12-0              1.2.15~beta5-2   PNG library - runtime
ii  libstdc++6              4.2-20070516-1   The GNU Standard C++ Library v3
ii  libx11-6                2:1.0.3-7        X11 client-side library
ii  libxcursor1             1:1.1.8-2        X cursor management library
ii  libxext6                1:1.0.3-2        X11 miscellaneous extension
librar
ii  libxfixes3              1:4.0.3-2        X11 miscellaneous 'fixes'
extensio
ii  libxft2                 2.1.12-2         FreeType-based font drawing
librar
ii  libxi6                  1:1.0.1-4        X11 Input extension library
ii  libxinerama1            1:1.0.2-1        X11 Xinerama extension library
ii  libxrandr2              2:1.2.1-1        X11 RandR extension library
ii  libxrender1             1:0.9.2-1        X Rendering Extension
client libra
ii  libxt6                  1:1.0.5-3        X11 toolkit intrinsics library
ii  psmisc                  22.5-1           Utilities that use the proc
filesy
ii  zlib1g                  1:1.2.3-15       compression library - runtime

icedove recommends no packages.

-- debconf information:
* icedove/browser: GNOME

-- 
Emmanuel Fleury              | Office: 211
Associate Professor,         | Phone: +33 (0)5 40 00 35 24
LaBRI, Domaine Universitaire | Fax:   +33 (0)5 40 00 66 69
351, Cours de la Libération  | email: [EMAIL PROTECTED]
33405 Talence Cedex, France  | URL: http://www.labri.fr/~fleury

Reply via email to