Firfox doesn't like the embedded PNG in tor-browser-logo.svg
I was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in image/imgLoader.cpp:2474
:
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
Call stack
__GI___clock_nanosleep (@clock_nanosleep@GLIBC_2.2.5:29)
__GI___nanosleep (@__nanosleep:9)
__sleep (@sleep:17)
common_crap_handler(int, void const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:96)
child_ah_crap_handler(int) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:110)
WasmTrapHandler(int, siginfo_t*, void*) (/home/piero/Tor/tor-browser/js/src/wasm/WasmSignalHandlers.cpp:799)
__restore_rt (@__restore_rt:3)
imgLoader::LoadImage(nsIURI*, nsIURI*, nsIReferrerInfo*, nsIPrincipal*, unsigned long, nsILoadGroup*, imgINotificationObserver*, nsINode*, mozilla::dom::Document*, unsigned int, nsISupports*, nsIContentPolicy::nsContentPolicyType, nsTSubstring<char16_t> const&, bool, bool, unsigned long, imgRequestProxy**) (/home/piero/Tor/tor-browser/image/imgLoader.cpp:2474)
nsContentUtils::LoadImage(nsIURI*, nsINode*, mozilla::dom::Document*, nsIPrincipal*, unsigned long, nsIReferrerInfo*, imgINotificationObserver*, int, nsTSubstring<char16_t> const&, imgRequestProxy**, nsIContentPolicy::nsContentPolicyType, bool, bool, unsigned long) (/home/piero/Tor/tor-browser/dom/base/nsContentUtils.cpp:4004)
nsImageLoadingContent::LoadImage(nsIURI*, bool, bool, nsImageLoadingContent::ImageLoadType, unsigned int, mozilla::dom::Document*, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1143)
nsImageLoadingContent::LoadImage(nsTSubstring<char16_t> const&, bool, bool, nsImageLoadingContent::ImageLoadType, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1027)
mozilla::dom::SVGImageElement::LoadSVGImage(bool, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:146)
mozilla::dom::SVGImageElement::AfterSetAttr(int, nsAtom*, nsAttrValue const*, nsAttrValue const*, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:215)
mozilla::dom::Element::SetAttrAndNotify(int, nsAtom*, nsAtom*, nsAttrValue const*, nsAttrValue&, nsIPrincipal*, unsigned char, bool, bool, bool, mozilla::dom::Document*, mozAutoDocUpdate const&) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2653)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2506)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, bool) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/dom/Element.h:1000)
nsXMLContentSink::AddAttributes(char16_t const**, mozilla::dom::Element*) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:1376)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int, bool) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:957)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:903)
non-virtual thunk to nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:0)
nsExpatDriver::HandleStartElement(rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>&, rlbox::tainted<void*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const**, rlbox::rlbox_noop_sandbox>) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:477)
doContentInternal (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2920)
doContent (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2664)
contentProcessor (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2540)
MOZ_XML_ParseBuffer (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2004)
auto rlbox::rlbox_noop_sandbox::impl_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), XML_Status (void*, void*, int, int), void*, void*, unsigned long, bool>(XML_Status (*)(void*, void*, int, int), void*&&, void*&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_noop_sandbox.hpp:188)
auto rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>::INTERNAL_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>, unsigned long, bool>(char const*, void*, rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_sandbox.hpp:790)
nsExpatDriver::ParseChunk(char16_t const*, unsigned int, nsExpatDriver::ChunkOrBufferIsFinal, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1248)
nsExpatDriver::ChunkAndParseBuffer(char16_t const*, unsigned int, bool, unsigned int*, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1204)
nsExpatDriver::ResumeParse(nsScanner&, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1352)
nsParser::ResumeParse(bool, bool, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:716)
nsParser::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:1027)
imgRequest::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/image/imgRequest.cpp:1068)
nsJARChannel::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/modules/libjar/nsJARChannel.cpp:1312)
nsInputStreamPump::OnStateTransfer() (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:584)
nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:411)
non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:0)
CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()::operator()() const (/home/piero/Tor/tor-browser/xpcom/io/nsPipe3.cpp:73)
already_AddRefed<mozilla::CancelableRunnable> NS_NewCancelableRunnableFunction<CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()>(char const*, CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()&&)::FuncCancelableRunnable::Run() (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/nsThreadUtils.h:667)
mozilla::RunnableTask::Run() (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:555)
mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:879)
mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:702)
mozilla::TaskController::ProcessPendingMTTask(bool) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:491)
mozilla::TaskController::TaskController()::$_0::operator()() const (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:218)
mozilla::detail::RunnableFunction<mozilla::TaskController::TaskController()::$_0>::Run() (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.h:548)
nsThread::ProcessNextEvent(bool, bool*) (/home/piero/Tor/tor-browser/xpcom/threads/nsThread.cpp:1240)
NS_ProcessNextEvent(nsIThread*, bool) (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.cpp:479)
mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:85)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
nsBaseAppShell::Run() (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:148)
XRE_RunAppShell() (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:724)
mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:235)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
XRE_InitChildProcess(int, char**, XREChildData const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:659)
content_process_main(mozilla::Bootstrap*, int, char**) (/home/piero/Tor/tor-browser/ipc/contentproc/plugin-container.cpp:57)
main (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:375)
__libc_start_call_main (@__libc_start_call_main:26)
__libc_start_main_impl (@__libc_start_main@@GLIBC_2.34:43)
_start (@_start:14)
I'm trying an optimized build with asserts on, so many variables have been optimized out.
However, I managed to see that it was this PNG by checking href
at the end of mozilla::dom::SVGImageElement::LoadSVGImage
.
FWIW, I think this is a peculiarity of the YEC homepage.