Package: firefox Version: 1.5.dfsg+1.5.0.7-2 Severity: major I rated it major, because IMHO it is intolerable that a flaw in flash can crash entire browser.
Actually I think this bug should be a bug in flash player but I was not shure which package is responsible, please correct it. When we go to youtube (I tested it on http://www.youtube.com/watch?v=-xEzGIuY7kw&eurl= ) the flash starts (in my case it waits for the mouse click on flash object, since I use flash blocker). if I quickly press the fullscreen-zoom button inside playing flash (right-most button in that youtubes' flash based player) and if I do it quick (before the movie actually starts playing), then firefox crashes. ii firefox 1.5.dfsg+1.5.0.7-2 ii firefox-dbg 1.5.dfsg+1.5.0.7-2 ii firefox-dom-inspector 1.5.dfsg+1.5.0.7-2 ii firefox-gnome-support 1.5.dfsg+1.5.0.7-2 ii firefox-webdeveloper 1.0.2-1 ii gstreamer0.8-swfdec 0.8.12-6 ii libswfdec0.3 0.3.6-2.1 ii swf-player 0.3.6-2.1 [EMAIL PROTECTED]:~$ firefox -g GNU gdb 6.4.90-debian Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i486-linux-gnu"...Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". (gdb) r Starting program: /usr/lib/firefox/firefox-bin -a firefox [Thread debugging using libthread_db enabled] [New Thread -1222486336 (LWP 26083)] [New Thread -1223066704 (LWP 8793)] [New Thread -1232376912 (LWP 8901)] [New Thread -1245418576 (LWP 14535)] [New Thread -1255588944 (LWP 16042)] [New Thread -1264112720 (LWP 23962)] [New Thread -1272742992 (LWP 9289)] [Thread -1264112720 (LWP 23962) exited] [Thread -1255588944 (LWP 16042) exited] [Thread -1245418576 (LWP 14535) exited] [Thread -1272742992 (LWP 9289) exited] [New Thread -1272742992 (LWP 19451)] [New Thread -1245418576 (LWP 23123)] [New Thread -1255588944 (LWP 20021)] [New Thread -1264112720 (LWP 7302)] [New Thread -1299047504 (LWP 2246)] [Thread -1255588944 (LWP 20021) exited] [Thread -1299047504 (LWP 2246) exited] [New Thread -1299047504 (LWP 32740)] [Thread -1299047504 (zombie) exited] [New Thread -1255588944 (LWP 11375)] [Thread -1255588944 (zombie) exited] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1222486336 (LWP 26083)] 0xb2a388c0 in FileSocket::PushData () from /usr/lib/mozilla/plugins/libflashplayer.so (gdb) bt #0 0xb2a388c0 in FileSocket::PushData () from /usr/lib/mozilla/plugins/libflashplayer.so #1 0xb2a00b42 in ScriptPlayer::SetDataComplete () from /usr/lib/mozilla/plugins/libflashplayer.so #2 0xb2a28d17 in CorePlayer::UrlStreamDestroy () from /usr/lib/mozilla/plugins/libflashplayer.so #3 0xb2a3aa4d in URLStream::StreamDestroy () from /usr/lib/mozilla/plugins/libflashplayer.so #4 0xb2aae38a in NPP_DestroyStream () from /usr/lib/mozilla/plugins/libflashplayer.so #5 0xb2aabe75 in Private_DestroyStream () from /usr/lib/mozilla/plugins/libflashplayer.so #6 0x0824a21c in ns4xPluginStreamListener::CleanUpStream ( this=0x9a98bb0, reason=2) at ns4xPluginInstance.cpp:181 #7 0x0824b495 in ns4xPluginInstance::Stop (this=0x93b95c0) at ns4xPluginInstance.cpp:923 #8 0x082ec140 in nsObjectFrame::Destroy (this=0x9c3f760, aPresContext=0x9c31e28) at nsObjectFrame.cpp:748 #9 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, [EMAIL PROTECTED]) at nsLineBox.cpp:325 #10 0x082b1751 in nsBlockFrame::Destroy (this=0x9c3ec9c, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #11 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, ---Type <return> to continue, or q <return> to quit--- [EMAIL PROTECTED]) at nsLineBox.cpp:325 #12 0x082b1751 in nsBlockFrame::Destroy (this=0x9c3eb2c, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #13 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, [EMAIL PROTECTED]) at nsLineBox.cpp:325 #14 0x082b1751 in nsBlockFrame::Destroy (this=0x9c777d0, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #15 0x082c950f in nsFrameList::DestroyFrames (this=0x9c777a4, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #16 0x082bed53 in nsContainerFrame::Destroy (this=0x9c77774, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #17 0x082c950f in nsFrameList::DestroyFrames (this=0x9c77604, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #18 0x082bed53 in nsContainerFrame::Destroy (this=0x9c775d4, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #19 0x082c950f in nsFrameList::DestroyFrames (this=0x99a9c78, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #20 0x082bed53 in nsContainerFrame::Destroy (this=0x99a9c48, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #21 0x082c950f in nsFrameList::DestroyFrames (this=0x99a9ac8, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #22 0x082bed53 in nsContainerFrame::Destroy (this=0x99a9a98, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 ---Type <return> to continue, or q <return> to quit--- #23 0x082c950f in nsFrameList::DestroyFrames (this=0x99a9968, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #24 0x082bed53 in nsContainerFrame::Destroy (this=0x99a9938, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #25 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, [EMAIL PROTECTED]) at nsLineBox.cpp:325 #26 0x082b1751 in nsBlockFrame::Destroy (this=0x9c87a9c, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #27 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, [EMAIL PROTECTED]) at nsLineBox.cpp:325 #28 0x082b1751 in nsBlockFrame::Destroy (this=0x990d2b0, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #29 0x082e248f in nsLineBox::DeleteLineList (aPresContext=0x9c31e28, [EMAIL PROTECTED]) at nsLineBox.cpp:325 #30 0x082b1751 in nsBlockFrame::Destroy (this=0x990d1b8, aPresContext=0x9c31e28) at nsBlockFrame.cpp:303 #31 0x082c950f in nsFrameList::DestroyFrames (this=0x995b360, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #32 0x082bed53 in nsContainerFrame::Destroy (this=0x995b330, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #33 0x082d4d4b in CanvasFrame::Destroy (this=0x995b330, aPresContext=0x9c31e28) at nsHTMLFrame.cpp:230 #34 0x082c950f in nsFrameList::DestroyFrames (this=0x995b668, ---Type <return> to continue, or q <return> to quit--- aPresContext=0x9c31e28) at nsFrameList.cpp:138 #35 0x082bed53 in nsContainerFrame::Destroy (this=0x995b638, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #36 0x082c950f in nsFrameList::DestroyFrames (this=0x995b4d4, aPresContext=0x9c31e28) at nsFrameList.cpp:138 #37 0x082bed53 in nsContainerFrame::Destroy (this=0x995b4a4, aPresContext=0x9c31e28) at nsContainerFrame.cpp:161 #38 0x082956b6 in nsFrameManager::Destroy (this=0x9e3a40c) at nsFrameManager.cpp:297 #39 0x082a4ab4 in PresShell::Destroy (this=0x9e3a3f0) at nsPresShell.cpp:1980 #40 0x082940bf in DocumentViewerImpl::Destroy (this=0x9b361d8) at nsDocumentViewer.cpp:1440 #41 0x0829304f in DocumentViewerImpl::Show (this=0x9bf75a8) at nsDocumentViewer.cpp:1731 #42 0x0829a1de in nsPresContext::EnsureVisible (this=0x9c3e740, aUnsuppressFocus=1) at nsPresContext.cpp:1293 #43 0x082ea6bf in nsPluginInstanceOwner::Init (this=0x9d69458, aPresContext=0x9c3e740, aFrame=0x99e3fa4) at nsObjectFrame.cpp:4081#44 0x082ecd85 in nsObjectFrame::Reflow (this=0x99e3fa4, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsObjectFrame.cpp:1086 ---Type <return> to continue, or q <return> to quit--- #45 0x082e5126 in nsLineLayout::ReflowFrame (this=0xbfb14720, aFrame=0x99e3fa4, [EMAIL PROTECTED], aMetrics=0x0, [EMAIL PROTECTED]) at nsLineLayout.cpp:995 #46 0x082b4e45 in nsBlockFrame::ReflowInlineFrame (this=0x9c43ffc, [EMAIL PROTECTED], [EMAIL PROTECTED], aLine= {mCurrent = 0x99e3d08}, aFrame=0x99e3fa4, aLineReflowStatus=0xbfb146db "") at nsBlockFrame.cpp:4031 #47 0x082b5480 in nsBlockFrame::DoReflowInlineFrames (this=0x9c43ffc, [EMAIL PROTECTED], [EMAIL PROTECTED], aLine= {mCurrent = 0x99e3d08}, aKeepReflowGoing=0xbfb14948, aLineReflowStatus=0xbfb147ab "\002\b=\236\tźIąż\b=\236\t\230HążžY+\bü?Ä\tźIąż\b=\236\tHIąż", aUpdateMaximumWidth=0, aDamageDirtyArea=0) at nsBlockFrame.cpp:3870 #48 0x082b57ae in nsBlockFrame::ReflowInlineFrames (this=0x9c43ffc, [EMAIL PROTECTED], aLine={mCurrent = 0x99e3d08}, aKeepReflowGoing=0xbfb14948, aDamageDirtyArea=0, aUpdateMaximumWidth=0) at nsBlockFrame.cpp:3752 #49 0x082b59be in nsBlockFrame::ReflowLine (this=0x9c43ffc, [EMAIL PROTECTED], aLine={mCurrent = 0x99e3d08}, aKeepReflowGoing=0xbfb14948, aDamageDirtyArea=0) at nsBlockFrame.cpp:2746 #50 0x082b6076 in nsBlockFrame::ReflowDirtyLines (this=0x9c43ffc, [EMAIL PROTECTED], aTryPull=1) at nsBlockFrame.cpp:2280 ---Type <return> to continue, or q <return> to quit--- #51 0x082b7256 in nsBlockFrame::Reflow (this=0x9c43ffc, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsBlockFrame.cpp:902 #52 0x0857cb03 in nsAbsoluteContainingBlock::ReflowAbsoluteFrame ( this=0x9c437b4, aDelegatingFrame=0x9c4376c, aPresContext=0x9c3e740, [EMAIL PROTECTED], aContainingBlockWidth=-1, aContainingBlockHeight=-1, aKidFrame=0x9c43ffc, aReason=eReflowReason_Initial, [EMAIL PROTECTED]) at nsAbsoluteContainingBlock.cpp:568 #53 0x0857d0ad in nsAbsoluteContainingBlock::IncrementalReflow ( this=0x9c437b4, aDelegatingFrame=0x9c4376c, aPresContext=0x9c3e740, aReflowState=dwarf2_read_address: Corrupted DWARF expression. ) at nsAbsoluteContainingBlock.cpp:400 #54 0x082b78c1 in nsBlockFrame::Reflow (this=0x9c4376c, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsBlockFrame.cpp:1060 #55 0x082be354 in nsContainerFrame::ReflowChild (this=0x9bb8324, aKidFrame=0x9c4376c, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], aX=0, aY=0, aFlags=0, [EMAIL PROTECTED]) at nsContainerFrame.cpp:905 #56 0x082d502a in CanvasFrame::Reflow (this=0x9bb8324, ---Type <return> to continue, or q <return> to quit--- aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsHTMLFrame.cpp:531 #57 0x082be354 in nsContainerFrame::ReflowChild (this=0x9bb846c, aKidFrame=0x9bb8324, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], aX=0, aY=0, aFlags=1, [EMAIL PROTECTED]) at nsContainerFrame.cpp:905 #58 0x082cfa28 in nsHTMLScrollFrame::ReflowScrolledFrame ( this=0x9bb846c, [EMAIL PROTECTED], aAssumeHScroll=<value optimized out>, aAssumeVScroll=0, aMetrics=0xbfb15318, aFirstPass=1) at nsGfxScrollFrame.cpp:515 #59 0x082d21bf in nsHTMLScrollFrame::ReflowContents (this=0x9bb846c, aState=0xbfb153ec, [EMAIL PROTECTED]) at nsGfxScrollFrame.cpp:570 #60 0x082d2654 in nsHTMLScrollFrame::Reflow (this=0x9bb846c, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsGfxScrollFrame.cpp:768 #61 0x082be354 in nsContainerFrame::ReflowChild (this=0x9bb8294, aKidFrame=0x9bb846c, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], aX=0, aY=0, aFlags=0, [EMAIL PROTECTED]) at nsContainerFrame.cpp:905 #62 0x0830e613 in ViewportFrame::Reflow (this=0x9bb8294, ---Type <return> to continue, or q <return> to quit--- aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsViewportFrame.cpp:239 #63 0x0829dc54 in IncrementalReflow::Dispatch (this=0xbfb158d0, aPresContext=0x9c3e740, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]) at nsPresShell.cpp:906 #64 0x082a58e2 in PresShell::ProcessReflowCommands (this=0x9abdef8, aInterruptible=1) at nsPresShell.cpp:6922 #65 0x082a5a3f in HandlePLEvent (aEvent=0x9d1cde8) at nsPresShell.cpp:6751 #66 0xb7ea3137 in PL_HandleEvent (self=0x9d1cde8) at plevent.c:688 #67 0xb7ea3449 in PL_ProcessPendingEvents (self=0x8b9f848) at plevent.c:623 #68 0xb7ea52ce in nsEventQueueImpl::ProcessPendingEvents ( this=0x8b9f800) at nsEventQueue.cpp:417 #69 0x08263585 in event_processor_callback (source=0x8fa0558, condition=G_IO_IN, data=0x0) at nsAppShell.cpp:67 #70 0xb740ec7f in g_io_channel_unix_get_fd () from /usr/lib/libglib-2.0.so.0 #71 0xb73e5731 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #72 0xb73e87a6 in g_main_context_check () ---Type <return> to continue, or q <return> to quit--- from /usr/lib/libglib-2.0.so.0 #73 0xb73e8b67 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #74 0xb7bfa281 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #75 0x08263942 in nsAppShell::Run (this=0x8c0cff0) at nsAppShell.cpp:139 #76 0x08785e40 in nsAppStartup::Run (this=0x8c0e430) at nsAppStartup.cpp:150 #77 0x0807b725 in XRE_main (argc=3, argv=0xbfb15f44, aAppData=0x8900160) at nsAppRunner.cpp:2374 #78 0x0807860b in main (argc=Cannot access memory at address 0x1 ) at nsBrowserApp.cpp:61 #79 0xb7510ea8 in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6 #80 0x08078551 in _start () at ../sysdeps/i386/elf/start.S:119 -- Rafał Maj www.Raf256.org C++
signature.asc
Description: OpenPGP digital signature
