Bug#656611: Crash in iceweasel: crash in mozilla::gl::GLContext::InitExtensions on visiting WebGL page
Florian Lohoff
f at zz.de
Fri Jan 20 13:01:38 UTC 2012
Package: iceweasel
Version: 9.0.1-1~bpo60+1
Severity: normal
Hi,
i am seeing a reproducible crash while visiting
http://maps3d.svc.nokia.com/webgl/
when initializing webgl. The Crash is here:
gfx/thebes/GLContext.cpp
443 void
444 GLContext::InitExtensions()
445 {
446 MakeCurrent();
447 const GLubyte *extensions = fGetString(LOCAL_GL_EXTENSIONS);
448 char *exts = strdup((char *)extensions);
449
It seems fGetString(LOCAL_GL_EXTENSIONS); returns NULL which leads strdup
to segfault ...
See attached backtrace:
flo at p2:~$ iceweasel -g
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/lib/iceweasel/firefox-bin...(no debugging symbols found)...done.
(gdb) re
Ambiguous command "re": rec, record, refresh, remote, restart, restore, return, reverse-continue, reverse-finish...
(gdb) r
Starting program: /usr/lib/iceweasel/firefox-bin
[Thread debugging using libthread_db enabled]
[New Thread 0x7fffe62ad700 (LWP 23829)]
[New Thread 0x7fffe5811700 (LWP 23830)]
[New Thread 0x7fffe5010700 (LWP 23831)]
[New Thread 0x7fffe45ff700 (LWP 23832)]
[New Thread 0x7fffe30ff700 (LWP 23833)]
[New Thread 0x7fffe28fe700 (LWP 23834)]
[New Thread 0x7fffde7ff700 (LWP 23835)]
[New Thread 0x7fffdddff700 (LWP 23836)]
[New Thread 0x7fffda8b8700 (LWP 23837)]
[New Thread 0x7fffda0b7700 (LWP 23838)]
[New Thread 0x7fffd91c4700 (LWP 23839)]
[New Thread 0x7fffd81ff700 (LWP 23840)]
[Thread 0x7fffde7ff700 (LWP 23835) exited]
[New Thread 0x7fffde7ff700 (LWP 23841)]
[New Thread 0x7fffd26ff700 (LWP 23842)]
[New Thread 0x7fffd1efe700 (LWP 23843)]
[New Thread 0x7fffd16fd700 (LWP 23844)]
[New Thread 0x7fffd0efc700 (LWP 23845)]
[New Thread 0x7fffd03ff700 (LWP 23846)]
[Thread 0x7fffd81ff700 (LWP 23840) exited]
[New Thread 0x7fffd81ff700 (LWP 23847)]
[New Thread 0x7fffcf3ff700 (LWP 23848)]
[New Thread 0x7fffcc3ff700 (LWP 23849)]
[New Thread 0x7fffcb3ff700 (LWP 23850)]
Program received signal SIGSEGV, Segmentation fault.
__strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
31 ../sysdeps/x86_64/multiarch/../strlen.S: No such file or directory.
in ../sysdeps/x86_64/multiarch/../strlen.S
Current language: auto
The current source language is "auto; currently asm".
(gdb) bt
#0 __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
#1 0x00007ffff73c5876 in *__GI___strdup (s=0x0) at strdup.c:42
#2 0x00007ffff5748e96 in mozilla::gl::GLContext::InitExtensions (this=0x7fffc90f7800)
at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContext.cpp:448
#3 0x00007ffff574a507 in mozilla::gl::GLContext::InitWithPrefix (this=0x7fffc90f7800, prefix=<value optimized out>,
trygl=<value optimized out>) at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContext.cpp:374
#4 0x00007ffff5757d72 in mozilla::gl::GLContextGLX::Init (format=<value optimized out>, display=0x7ffff6d96000,
drawable=<value optimized out>, cfg=<value optimized out>, vinfo=<value optimized out>, shareContext=0x7fffcaab0800,
deleteDrawable=<value optimized out>, pixmap=0x7fffcb5b6d80)
at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContextProviderGLX.cpp:730
#5 mozilla::gl::GLContextGLX::CreateGLContext (format=<value optimized out>, display=0x7ffff6d96000,
drawable=<value optimized out>, cfg=<value optimized out>, vinfo=<value optimized out>, shareContext=0x7fffcaab0800,
deleteDrawable=<value optimized out>, pixmap=0x7fffcb5b6d80)
at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContextProviderGLX.cpp:681
#6 0x00007ffff5758c25 in CreateOffscreenPixmapContext (aSize=<value optimized out>, aFormat=<value optimized out>,
aShare=<value optimized out>) at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContextProviderGLX.cpp:1225
#7 0x00007ffff5758cdb in mozilla::gl::GLContextProviderGLX::CreateOffscreen (aSize=..., aFormat=...)
at /tmp/buildd/iceweasel-9.0.1/gfx/thebes/GLContextProviderGLX.cpp:1237
#8 0x00007ffff501cca5 in mozilla::WebGLContext::SetDimensions (this=0x7fffcd651400, width=300, height=150)
at /tmp/buildd/iceweasel-9.0.1/content/canvas/src/WebGLContext.cpp:662
#9 0x00007ffff506ebbc in nsHTMLCanvasElement::UpdateContext (this=0x7fffcb825240, aNewContextOptions=0x0)
at /tmp/buildd/iceweasel-9.0.1/content/html/content/src/nsHTMLCanvasElement.cpp:622
#10 0x00007ffff506f0f7 in nsHTMLCanvasElement::GetContext (this=0x7fffcb825240, aContextId=<value optimized out>,
aContextOptions=..., aContext=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/content/html/content/src/nsHTMLCanvasElement.cpp:540
#11 0x00007ffff53f776a in nsIDOMHTMLCanvasElement_GetContext (cx=0x7fffd33af000, argc=<value optimized out>,
vp=0x7fffe1cfe1c0) at /tmp/buildd/iceweasel-9.0.1/build-xulrunner/js/src/xpconnect/src/dom_quickstubs.cpp:22596
#12 0x00007ffff6613358 in ?? () from /usr/lib/xulrunner-9.0/libmozjs.so
#13 0x00007ffff6614432 in ?? () from /usr/lib/xulrunner-9.0/libmozjs.so
#14 0x00007ffff66134eb in ?? () from /usr/lib/xulrunner-9.0/libmozjs.so
#15 0x00007ffff6613a05 in ?? () from /usr/lib/xulrunner-9.0/libmozjs.so
#16 0x00007ffff65853de in JS_CallFunctionValue () from /usr/lib/xulrunner-9.0/libmozjs.so
#17 0x00007ffff51338eb in nsJSContext::CallEventHandler (this=0x7fffd70b7a60, aTarget=<value optimized out>,
aScope=<value optimized out>, aHandler=<value optimized out>, aargv=<value optimized out>, arv=0x7fffffff7de0)
at /tmp/buildd/iceweasel-9.0.1/dom/base/nsJSEnvironment.cpp:1929
#18 0x00007ffff517f177 in nsJSEventListener::HandleEvent (this=0x7fffcb809340, aEvent=0x7fffcb559100)
at /tmp/buildd/iceweasel-9.0.1/dom/src/events/nsJSEventListener.cpp:211
#19 0x00007ffff5035381 in nsEventListenerManager::HandleEventInternal (this=0x7fffcb786a00,
aPresContext=<value optimized out>, aEvent=0x7fffffff80d0, aDOMEvent=0x7fffffff8020, aCurrentTarget=0x7fffcc46f490,
aFlags=<value optimized out>, aEventStatus=0x7fffffff8028, aPusher=0x7fffffff8040)
at /tmp/buildd/iceweasel-9.0.1/content/events/src/nsEventListenerManager.cpp:776
#20 0x00007ffff504b05e in nsEventListenerManager::HandleEvent (this=0x7fffdd4c7230, aVisitor=<value optimized out>,
aFlags=6, aMayHaveNewListenerManagers=0, aPusher=0x7fffffff8040)
at /tmp/buildd/iceweasel-9.0.1/content/events/src/nsEventListenerManager.h:160
#21 nsEventTargetChainItem::HandleEvent (this=0x7fffdd4c7230, aVisitor=<value optimized out>, aFlags=6,
aMayHaveNewListenerManagers=0, aPusher=0x7fffffff8040)
at /tmp/buildd/iceweasel-9.0.1/content/events/src/nsEventDispatcher.cpp:215
#22 0x00007ffff504b17e in nsEventTargetChainItem::HandleEventTargetChain (this=<value optimized out>, aVisitor=...,
---Type <return> to continue, or q <return> to quit---
aFlags=6, aCallback=0x0, aMayHaveNewListenerManagers=0, aPusher=0x3)
at /tmp/buildd/iceweasel-9.0.1/content/events/src/nsEventDispatcher.cpp:344
#23 0x00007ffff504b995 in nsEventDispatcher::Dispatch (aTarget=<value optimized out>, aPresContext=0x7fffcc46f000,
aEvent=0x7fffffff80d0, aDOMEvent=<value optimized out>, aEventStatus=0x7fffffff8118, aCallback=<value optimized out>,
aTargets=0x0) at /tmp/buildd/iceweasel-9.0.1/content/events/src/nsEventDispatcher.cpp:672
#24 0x00007ffff4e29175 in DocumentViewerImpl::LoadComplete (this=0x7fffccaa0c80, aStatus=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/layout/base/nsDocumentViewer.cpp:1067
#25 0x00007ffff5430f0b in nsDocShell::EndPageLoad (this=0x7fffd3311400, aProgress=<value optimized out>,
aChannel=0x7fffcea04050, aStatus=0) at /tmp/buildd/iceweasel-9.0.1/docshell/base/nsDocShell.cpp:6156
#26 0x00007ffff5436350 in nsDocShell::OnStateChange (this=0x7fffd3311400, aProgress=0x7fffd3311428,
aRequest=0x7fffcea04050, aStateFlags=<value optimized out>, aStatus=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/docshell/base/nsDocShell.cpp:5992
#27 0x00007ffff543c884 in nsDocLoader::DoFireOnStateChange (this=0x7fffd3311400, aProgress=0x7fffd3311428,
aRequest=<value optimized out>, aStateFlags=@0x7fffffff86ac, aStatus=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/uriloader/base/nsDocLoader.cpp:1383
#28 0x00007ffff543e154 in nsDocLoader::doStopDocumentLoad (this=<value optimized out>, request=0x7fffcea04050, aStatus=0)
at /tmp/buildd/iceweasel-9.0.1/uriloader/base/nsDocLoader.cpp:963
#29 0x00007ffff543e373 in nsDocLoader::DocLoaderIsEmpty (this=0x7fffd3311400, aFlushLayout=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/uriloader/base/nsDocLoader.cpp:852
#30 0x00007ffff543e545 in nsDocLoader::OnStopRequest (this=0x7fffd3311400, aRequest=0x7fffd2b48050,
aCtxt=<value optimized out>, aStatus=0) at /tmp/buildd/iceweasel-9.0.1/uriloader/base/nsDocLoader.cpp:736
#31 0x00007ffff4ce10d7 in nsLoadGroup::RemoveRequest (this=0x7fffd33a3500, request=0x7fffd2b48050, ctxt=0x0, aStatus=0)
at /tmp/buildd/iceweasel-9.0.1/netwerk/base/src/nsLoadGroup.cpp:734
#32 0x00007ffff4d4e04a in nsHttpChannel::OnStopRequest (this=0x7fffd2b48000, request=0x0, ctxt=<value optimized out>,
status=0) at /tmp/buildd/iceweasel-9.0.1/netwerk/protocol/http/nsHttpChannel.cpp:4265
#33 0x00007ffff4cdc10d in nsInputStreamPump::OnStateStop (this=0x7fffcb5483c0)
at /tmp/buildd/iceweasel-9.0.1/netwerk/base/src/nsInputStreamPump.cpp:578
#34 0x00007ffff4cdc379 in nsInputStreamPump::OnInputStreamReady (this=0x7fffcb5483c0, stream=0x7fffdcc3adcd)
at /tmp/buildd/iceweasel-9.0.1/netwerk/base/src/nsInputStreamPump.cpp:403
#35 0x00007ffff56e69e4 in nsInputStreamReadyEvent::Run (this=0x7fffcb5b3490)
at /tmp/buildd/iceweasel-9.0.1/xpcom/io/nsStreamUtils.cpp:114
#36 0x00007ffff56f635c in nsThread::ProcessNextEvent (this=0x7fffe9f37530, mayWait=0, result=0x7fffffff89ac)
at /tmp/buildd/iceweasel-9.0.1/xpcom/threads/nsThread.cpp:631
#37 0x00007ffff56c8301 in NS_ProcessNextEvent_P (thread=0x0, mayWait=-591155763)
at /tmp/buildd/iceweasel-9.0.1/build-xulrunner/xpcom/build/nsThreadUtils.cpp:245
#38 0x00007ffff5661c7e in mozilla::ipc::MessagePump::Run (this=0x7fffe9f21b40, aDelegate=0x7ffff6dd1ff0)
at /tmp/buildd/iceweasel-9.0.1/ipc/glue/MessagePump.cpp:110
#39 0x00007ffff5712eb8 in MessageLoop::RunHandler (this=0x0)
at /tmp/buildd/iceweasel-9.0.1/ipc/chromium/src/base/message_loop.cc:201
#40 MessageLoop::Run (this=0x0) at /tmp/buildd/iceweasel-9.0.1/ipc/chromium/src/base/message_loop.cc:175
#41 0x00007ffff55d15a1 in nsBaseAppShell::Run (this=0x7fffe46984e0)
at /tmp/buildd/iceweasel-9.0.1/widget/src/xpwidgets/nsBaseAppShell.cpp:189
#42 0x00007ffff5490d62 in nsAppStartup::Run (this=0x7fffe4670330)
at /tmp/buildd/iceweasel-9.0.1/toolkit/components/startup/nsAppStartup.cpp:228
#43 0x00007ffff4cc7e5f in XRE_main (argc=<value optimized out>, argv=<value optimized out>, aAppData=<value optimized out>)
at /tmp/buildd/iceweasel-9.0.1/toolkit/xre/nsAppRunner.cpp:3557
#44 0x0000000000402431 in _start ()
(gdb)
Flo
-- Package-specific info:
-- Addons package information
-- System Information:
Debian Release: 6.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages iceweasel depends on:
ii debianutils 3.4 Miscellaneous utilities specific t
ii fontconfig 2.8.0-2.1 generic font configuration library
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface
ii libnspr4-0d 4.8.6-1 NetScape Portable Runtime Library
ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3
ii procps 1:3.2.8-9 /proc file system utilities
ii xulrunner-9.0 9.0.1-1~bpo60+1 XUL + XPCOM application runner
iceweasel recommends no packages.
Versions of packages iceweasel suggests:
ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze2 MIT Kerberos runtime libraries - k
pn mozplugger <none> (no description available)
ii ttf-lyx 1.6.7-1 TrueType versions of some TeX font
pn ttf-mathematica4.1 <none> (no description available)
ii xfonts-mathml 4 Type1 Symbol font for MathML
Versions of packages xulrunner-9.0 depends on:
ii libasoun 1.0.23-2.1 shared library for ALSA applicatio
ii libatk1. 1.30.0-1 The ATK accessibility toolkit
ii libbz2-1 1.0.5-6 high-quality block-sorting file co
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libcairo 1.10.2-6~bpo60+1 The Cairo 2D vector graphics libra
ii libdbus- 1.2.24-4+squeeze1 simple interprocess messaging syst
ii libevent 1.4.13-stable-1 An asynchronous event notification
ii libfontc 2.8.0-2.1 generic font configuration library
ii libfreet 2.4.2-2.1+squeeze1 FreeType 2 font engine, shared lib
ii libgcc1 1:4.4.5-8 GCC support library
ii libglib2 2.24.2-1 The GLib library of C routines
ii libgtk2. 2.20.1-2 The GTK+ graphical user interface
ii libhunsp 1.2.11-1 spell checker and morphological an
ii libjpeg6 6b1-1 The Independent JPEG Group's JPEG
ii libmozjs 9.0.1-1~bpo60+1 Mozilla SpiderMonkey JavaScript li
ii libnotif 0.5.0-2 sends desktop notifications to a n
ii libnspr4 4.8.6-1 NetScape Portable Runtime Library
ii libnss3- 3.13.1.with.ckbi.1.88-1~bpo60+1 Network Security Service libraries
ii libpango 1.28.3-1+squeeze2 Layout and rendering of internatio
ii libpixma 0.21.4-2~bpo60+1 pixel-manipulation library for X a
ii libreadl 6.1-3 GNU readline and history libraries
ii libsqlit 3.7.8-1~bpo60+1 SQLite 3 shared library
ii libstart 0.10-1 library for program launch feedbac
ii libstdc+ 4.4.5-8 The GNU Standard C++ Library v3
ii libvpx0 0.9.1-2 VP8 video codec (shared library)
ii libx11-6 2:1.3.3-4 X11 client-side library
ii libxext6 2:1.1.2-1 X11 miscellaneous extension librar
ii libxrend 1:0.9.6-1 X Rendering Extension client libra
ii libxt6 1:1.0.7-1 X11 toolkit intrinsics library
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
-- no debconf information
--
Florian Lohoff f at zz.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20120120/bd95c24e/attachment.pgp>
More information about the pkg-mozilla-maintainers
mailing list