Seen while looking at Aurora crash stats, but seen across all versions. https://crash-stats.mozilla.com/report/list?signature=_moz_pixman_image_create_bits to the reports which are low volume. Small spikes are seen around the 20110711 build as well as when we release. https://crash-stats.mozilla.com/report/index/c6d63a78-fda2-4cbc-aa33-012e12110713 Frame Module Signature [Expand] Source 0 xul.dll _moz_pixman_image_create_bits gfx/cairo/libpixman/src/pixman-bits-image.c:1568 1 xul.dll _pixman_image_for_surface gfx/cairo/cairo/src/cairo-image-surface.c:1521 2 xul.dll _cairo_image_surface_composite gfx/cairo/cairo/src/cairo-image-surface.c:4232 3 xul.dll _cairo_surface_fallback_composite gfx/cairo/cairo/src/cairo-surface-fallback.c:1437 4 xul.dll _cairo_surface_composite gfx/cairo/cairo/src/cairo-surface.c:1897 5 xul.dll _composite_trap_region gfx/cairo/cairo/src/cairo-surface-fallback.c:522

So this is not new. The volume in 5.0 is similar to 4.0.1 ie: 24 a week. There have been more of these on the trunk and in aurora. We probably need to check and see if something regressed this. I looked for 6.0a2 and found 1 crash in a 4 week period.

Oops...I probably should have added that we are seeing 90 a week on Aurora.

We need to get someone assigned to look at this one. Still sitting in the top 5 for Aurora.

JP, I forgot to mention this one in today's meeting. Can we get someone to look at this one also?

Adding Jeff because of pixman

One comment we have is "Virgin Media crashes Firefox every time" do we have any way of reproducing this?

I tried that with no luck. Adding chofmann to grab some more URLs across all versions. I also tried reproducing it on the trunk with some of the URLs, but some are behind logins. (In reply to comment #6) > One comment we have is "Virgin Media crashes Firefox every time" do we have > any way of reproducing this?

urls for test from crash reports since july 10 19 14 http://www.realtor.com/ 14 \N 6 about:blank 4 http://www.youtube.com/watch?v=lO5UURtxKUU 3 https://my.virginmedia.com/dashboard/start?buspart=Portal_HP_c_topnav_2_1 3 http://www.virginmedia.com/customers/movinghouse/ 3 http://vochongao.com/forum/forum.php 3 http://pixel.fetchback.com/timeout.html 3 http://forums.watchuseek.com/f25/scratches-watch-band-recommended-shop-polish-watch-552777.html 2 https://my.virginmedia.com/home/signIn 2 https://my.virginmedia.com/dashboard/start 2 http://www.virginmedia.com/help/?buspart=Portal_HP_c_topnav_3_1 2 http://www.virginmedia.com/ 1 https://my.virginmedia.com/home/index?buspart=Portal_HP_c_topnav_2_1 1 https://my.virginmedia.com/home/index?buspart=Portal_HP_MyVM_14 1 https://my.virginmedia.com/home/index s few https://plus.google.com/u/0/_/notifications/ ... 2 http://www.realtor.com/realestateagents/ 2 http://www.realtor.com/realestateagency/Ellis-Real-Estate-Inc_Logan_WV__43498101 2 http://www.realtor.com/homes-for-sale/austin_tx/ 1 http://www.realtor.com/realestateagency/Neuhaus-Realty-Inc_Staten-Island_NY_37740 1 http://www.realtor.com/handlers/redirects/inbound.ashx?pgnum=1&st=TX&frm=bycomm&mls=austin&mlsttl=Austin&dsid=39&comm=Red+Rock 2 http://www.filme-net.com/ 2 http://www.allzack.com.br/ 2 http://trail.dealply.com/dealdo/event-report?type=heart_bit&partner=vn&channel=pcdealply&uid=894936537343170283&cb=6_12&suspended=false 2 http://s7.addthis.com/static/r07/sh45.html# 2 http://payango.com/categories/premium 2 http://nobba.us/pixels.php 2 http://letras.terra.com.br/ivete-sangalo/35008/ 2 http://letras.terra.com.br/bow-wow/981217/traducao.html 2 http://letras.terra.com.br/arctic-monkeys/746911/traducao.html 1 http://letras.terra.com.br/pink/1766561/traducao.html 1 http://letras.terra.com.br/parachute/1546520/traducao.html 1 http://letras.terra.com.br/nickelback/286115/traducao.html 1 http://letras.terra.com.br/nickelback/259804/traducao.html 1 http://letras.terra.com.br/ira/84271/ 1 http://letras.terra.com.br/evanescence/68005/ 1 http://letras.terra.com.br/black-eyed-peas/446106/traducao.html 1 http://korpijaakko.wordpress.com/2011/06/29/recommended-watch-bee 2 http://forums.watchuseek.com/f5/ 2 http://dauden.vn/content/?s= ... several http://www.facebook.com/ajax/pagelet/generic.php/pagelet/home/morestories.php?ajaxpipe=1&data= ....

Is it possible to get a report of the flash versions used in these crashes? It seems possible that this could have something to do with flash.

Real stack: > xul.dll!_moz_pixman_image_create_bits() Line 1568 + 0xe bytes C xul.dll!_pixman_image_for_surface(const _cairo_surface_pattern * pattern=0x005ca338, int is_mask=1, const _cairo_rectangle_int * extents=0x005ca1f8, int * ix=0x005ca1d0, int * iy=0x005ca1cc) Line 1521 + 0x27 bytes C xul.dll!_cairo_image_surface_composite(_cairo_operator op=, const _cairo_pattern * src_pattern=, const _cairo_pattern * mask_pattern=, void * abstract_dst=, int src_x=, int src_y=, int mask_x=, int mask_y=, int dst_x=, int dst_y=, unsigned int width=, unsigned int height=, _cairo_region * clip_region=) Line 4232 + 0x2a bytes C xul.dll!_cairo_surface_fallback_composite(_cairo_operator op=CAIRO_OPERATOR_DEST_OUT, const _cairo_pattern * src=0x58b8bd68, const _cairo_pattern * mask=0x005ca338, _cairo_surface * dst=0x0d0f3500, int src_x=433, int src_y=118, int mask_x=433, int mask_y=30, int dst_x=211806576, int dst_y=118, unsigned int width=500, unsigned int height=500, _cairo_region * clip_region=0x0deecd00) Line 1437 + 0x56 bytes C xul.dll!_cairo_surface_composite(_cairo_operator op=CAIRO_OPERATOR_DEST_OUT, const _cairo_pattern * src=0x58b8bd68, const _cairo_pattern * mask=0x005ca338) Line 1897 + 0x36 bytes C xul.dll!_composite_trap_region(_cairo_clip * clip=0x00000000, const _cairo_pattern * src=0x58b8bd68, _cairo_operator op=CAIRO_OPERATOR_DEST_OUT, _cairo_surface * dst=0x0d0f3500, _cairo_region * trap_region=0x0deecd00, const _cairo_rectangle_int * extents=0x005cad20) Line 522 + 0x23 bytes C xul.dll!_clip_and_composite_region(const _cairo_pattern * src=0x58b8bce0, _cairo_operator op=CAIRO_OPERATOR_CLEAR, _cairo_surface * dst=0x0d0f3500, _cairo_region * trap_region=0x0deecd00, _cairo_clip * clip=0x005cadac, _cairo_rectangle_int * extents=0x005cad20) Line 635 + 0x13 bytes C xul.dll!_clip_and_composite_trapezoids(const _cairo_pattern * src=0x58b8bce0, _cairo_operator op=CAIRO_OPERATOR_CLEAR, _cairo_surface * dst=0x0d0f3500, _cairo_traps * traps=0x00000000, _cairo_antialias antialias=CAIRO_ANTIALIAS_DEFAULT, _cairo_clip * clip=0x005cadac, _cairo_rectangle_int * extents=0x005cad20) Line 850 C xul.dll!_cairo_surface_fallback_fill(_cairo_surface * surface=0x0d0f3500, _cairo_operator op=CAIRO_OPERATOR_CLEAR, const _cairo_pattern * source=0x58b8bce0, _cairo_path_fixed * path=0x58f8145c, _cairo_fill_rule fill_rule=CAIRO_FILL_RULE_WINDING, double tolerance=0.10000000000000001, _cairo_antialias antialias=CAIRO_ANTIALIAS_DEFAULT, _cairo_clip * clip=0x005cadac) Line 1216 + 0x27 bytes C xul.dll!_cairo_gstate_fill(_cairo_gstate * gstate=0x0d0f3a80, _cairo_path_fixed * path=0x58f8145c) + 0x252def bytes C xul.dll!_moz_cairo_fill_preserve() Line 2460 C xul.dll!gfxContext::Fill() Line 152 C++ xul.dll!DoSingleColorFastPath(gfxContext * aContext=0x00000000, const gfxRGBA & aSinglePixelColor={...}, const gfxRect & aFill={...}) + 0x1a5f53 bytes C++ xul.dll!imgFrame::Draw(gfxContext * aContext=0x0de84360, gfxPattern::GraphicsFilter aFilter=FILTER_GOOD, const gfxMatrix & aUserSpaceToImageSpace={...}, const gfxRect & aFill={...}, const nsIntMargin & aPadding={...}, const nsIntRect & aSubimage={...}) Line 446 + 0xf bytes C++ xul.dll!mozilla::imagelib::RasterImage::Draw(gfxContext * aContext=0x0de84360, gfxPattern::GraphicsFilter aFilter=FILTER_GOOD, const gfxMatrix & aUserSpaceToImageSpace={...}, const gfxRect & aFill={...}, const nsIntRect & aSubimage={...}, const nsIntSize & __formal={...}, unsigned int aFlags=0) Line 2510 C++ xul.dll!DrawImageInternal(nsRenderingContext * aRenderingContext=0x0deecc40, imgIContainer * aImage=0x073b79d0, gfxPattern::GraphicsFilter aGraphicsFilter=FILTER_GOOD, const nsRect & aDest={...}, const nsRect & aFill={...}, const nsPoint & aAnchor={...}, const nsRect & aDirty={...}, const nsIntSize & aImageSize={...}, unsigned int aImageFlags=0) Line 3396 C++ xul.dll!nsLayoutUtils::DrawImage(nsRenderingContext * aRenderingContext=0x0deecc40, imgIContainer * aImage=0x073b79d0, gfxPattern::GraphicsFilter aGraphicsFilter=FILTER_GOOD, const nsRect & aDest={...}, const nsRect & aFill={...}, const nsPoint & aAnchor={...}, const nsRect & aDirty={...}, unsigned int aImageFlags=0) Line 3582 + 0x20 bytes C++ xul.dll!ImageRenderer::Draw(nsPresContext * aPresContext=0x09419c00, nsRenderingContext & aRenderingContext={...}, const nsRect & aDest={...}, const nsRect & aFill={...}, const nsPoint & aAnchor={...}, const nsRect & aDirty={...}) Line 3950 + 0x24 bytes C++ xul.dll!nsCSSRendering::PaintBackgroundWithSC(nsPresContext * aPresContext=, nsRenderingContext & aRenderingContext=, nsIFrame * aForFrame=, const nsRect & aDirtyRect=, const nsRect & aBorderArea=, nsStyleContext * aBackgroundSC=, const nsStyleBorder & aBorder=, unsigned int aFlags=, nsRect * aBGClipRect=) Line 2428 + 0x54 bytes C++ xul.dll!mozilla::FrameLayerBuilder::DrawThebesLayer(mozilla::layers::ThebesLayer * aLayer=0x073d1800, gfxContext * aContext=0x0de84360, const nsIntRegion & aRegionToDraw={...}, const nsIntRegion & aRegionToInvalidate={...}, void * aCallbackData=0x005cbcb0) Line 2142 + 0x18b bytes C++ xul.dll!mozilla::layers::ThebesLayerD3D10::DrawRegion(nsIntRegion & aRegion={...}, mozilla::layers::Layer::SurfaceMode aMode=SURFACE_OPAQUE) Line 394 + 0x17 bytes C++ xul.dll!mozilla::layers::ThebesLayerD3D10::Validate(mozilla::layers::ReadbackProcessor * aReadback=0x005cb9a4) Line 277 C++ xul.dll!mozilla::layers::ContainerLayerD3D10::Validate() Line 370 C++ xul.dll!mozilla::layers::LayerManagerD3D10::Render() Line 615 C++ xul.dll!mozilla::layers::LayerManagerD3D10::EndTransaction(void (mozilla::layers::ThebesLayer *, gfxContext *, const nsIntRegion &, const nsIntRegion &, void *)* aCallback=0x58258ea0, void * aCallbackData=0x005cbcb0) Line 334 C++ xul.dll!nsDisplayList::PaintForFrame(nsDisplayListBuilder * aBuilder=0x005cbcb0, nsRenderingContext * aCtx=0x00000000, nsIFrame * aForFrame=0x0a4cd7f0, unsigned int aFlags=5) Line 631 C++ xul.dll!nsLayoutUtils::PaintFrame(nsRenderingContext * aRenderingContext=0x00000000, nsIFrame * aFrame=0x0a4cd7f0, const nsRegion & aDirtyRegion={...}, unsigned int aBackstop=4294967295, unsigned int aFlags=260) Line 1645 C++ xul.dll!PresShell::Paint(nsIView * aViewToPaint=0x01f1a668, nsIWidget * aWidgetToPaint=0x09076d60, const nsRegion & aDirtyRegion={...}, const nsIntRegion & aIntDirtyRegion={...}, int aPaintDefaultBackground=6078960, int aWillSendDidPaint=1) Line 6188 C++ xul.dll!PresShell::FlushPendingNotifications(mozFlushType aType=) Line 4839 + 0x9 bytes C++ mozcrt19.dll!arena_malloc_small(arena_s * arena=0x0a4bd840, unsigned int size=0, int zero=6078904) Line 3687 C xul.dll!AttachedHandleEvent(nsGUIEvent * aEvent=0x0a4bd840) Line 193 C++ xul.dll!nsWindow::DispatchEvent(nsGUIEvent * event=0x005cc1b8, nsEventStatus & aStatus=nsEventStatus_eIgnore) Line 3550 + 0x3 bytes C++ xul.dll!nsWindow::DispatchWindowEvent(nsGUIEvent * event=0x005cc1b8, nsEventStatus & aStatus=nsEventStatus_eIgnore) Line 3579 C++ xul.dll!nsWindow::OnPaint(HDC__ * aDC=0x768c6210, unsigned int aNestingLevel=1989345840) + 0x2dba65 bytes C++ user32.dll!__EndUserApiHook@0() + 0x11 bytes user32.dll!_SystemParametersInfoA@16() + 0x8c bytes xul.dll!cairo_win32_get_system_text_quality() Line 274 + 0xd bytes C xul.dll!nsWindow::ProcessMessage(unsigned int msg=4114868229, unsigned int & wParam=, long & lParam=, long * aRetValue=0x000000ff) Line 4845 + 0xb bytes C++

chofmann reports on IRC: for some reason we don't seem to be getting flash version info on that sig july 20-29 305 [blank] 2 10.1.85.3 1 10.1.82.76 1 10.1.102.64 1 10.0.22.87

So this means it doesn't happen in Flash plugin processes, probably.

The crash seems to be happening here: bpp = PIXMAN_FORMAT_BPP (format); if (pixman_multiply_overflows_int (width, bpp)) return NULL; which seems to imply the format is bad which is very odd and seems to suggest the image surface we get back from _cairo_surface_acquire_source_image is bogus.

I've filed a bug about the truncated stack as bug 676459

Comment on attachment 550794 [details] [diff] [review] Try to crash earlier and record some stuff. As long as we never run into a case where the bpp is 0 in normal usage, this looks good.

It's d2d_acquire_source_image that's giving us back a bad image.

Comment on attachment 552193 [details] [diff] [review] Crash even earlier, and try to figure out what went wrong with the image surface My head hurts, please take this out as soon as it's not needed anymore!

Pushed: http://hg.mozilla.org/mozilla-central/rev/17fa5a741f84

This should find the crashes we're looking for: http://tinyurl.com/3gtewb4

Hello you all probably know this already but going to realtor.com on the latest version of Aurora 7.0a(2011-08-14) and Nightly 8.0a1(2011-08-15)momentarily displays the page correctly and then it immediately crashes firefox. On version 5.01 it still missing the entries to do a search for a property on the first page, thanks jorge.

(In reply to jgbittar from comment #25) > Hello you all probably know this already but going to realtor.com on the > latest version of Aurora 7.0a(2011-08-14) and Nightly > 8.0a1(2011-08-15)momentarily displays the page correctly and then it > immediately crashes firefox. On version 5.01 it still missing the entries > to do a search for a property on the first page, thanks jorge. Can you link to one of the crash urls that you get?

(In reply to Jeff Muizelaar [:jrmuizel] from comment #26) > (In reply to jgbittar from comment #25) > > Hello you all probably know this already but going to realtor.com on the > > latest version of Aurora 7.0a(2011-08-14) and Nightly > > 8.0a1(2011-08-15)momentarily displays the page correctly and then it > > immediately crashes firefox. On version 5.01 it still missing the entries > > to do a search for a property on the first page, thanks jorge. > > Can you link to one of the crash urls that you get? here you go bp-8e65f7c8-9279-41bf-9fff-29ecb21108158/15/20119:55 AM (nightly crash) bp-fb4ac2ac-bb3e-487d-bc78-c527d21108158/15/20119:48 AM (aurora crash)

(In reply to jgbittar from comment #27) > (In reply to Jeff Muizelaar [:jrmuizel] from comment #26) > > (In reply to jgbittar from comment #25) > > > Hello you all probably know this already but going to realtor.com on the > > > latest version of Aurora 7.0a(2011-08-14) and Nightly > > > 8.0a1(2011-08-15)momentarily displays the page correctly and then it > > > immediately crashes firefox. On version 5.01 it still missing the entries > > > to do a search for a property on the first page, thanks jorge. > > > > Can you link to one of the crash urls that you get? > > here you go > > bp-8e65f7c8-9279-41bf-9fff-29ecb21108158/15/20119:55 AM (nightly crash) > bp-fb4ac2ac-bb3e-487d-bc78-c527d21108158/15/20119:48 AM (aurora crash) Can you get the crash url on 8.0a1 with an 32bit version instead of a 64bit one?

(In reply to Jeff Muizelaar [:jrmuizel] from comment #28) > (In reply to jgbittar from comment #27) > > (In reply to Jeff Muizelaar [:jrmuizel] from comment #26) > > > (In reply to jgbittar from comment #25) > > > > Hello you all probably know this already but going to realtor.com on the > > > > latest version of Aurora 7.0a(2011-08-14) and Nightly > > > > 8.0a1(2011-08-15)momentarily displays the page correctly and then it > > > > immediately crashes firefox. On version 5.01 it still missing the entries > > > > to do a search for a property on the first page, thanks jorge. > > > > > > Can you link to one of the crash urls that you get? > > > > here you go > > > > bp-8e65f7c8-9279-41bf-9fff-29ecb21108158/15/20119:55 AM (nightly crash) > > bp-fb4ac2ac-bb3e-487d-bc78-c527d21108158/15/20119:48 AM (aurora crash) > > Can you get the crash url on 8.0a1 with an 32bit version instead of a 64bit > one? With 5.01 it does not crash it just does not display the search parameters on the first page. thanks Jorge

(In reply to jgbittar from comment #29) > With 5.01 it does not crash it just does not display the search parameters > on the first page. thanks Jorge Did you mean 8.0a1?

(In reply to Jeff Muizelaar [:jrmuizel] from comment #30) > (In reply to jgbittar from comment #29) > > With 5.01 it does not crash it just does not display the search parameters > > on the first page. thanks Jorge > > Did you mean 8.0a1? no 5.01, or do you mean to download the 32bit version of nightly?

(In reply to jgbittar from comment #31) > (In reply to Jeff Muizelaar [:jrmuizel] from comment #30) > > (In reply to jgbittar from comment #29) > > > With 5.01 it does not crash it just does not display the search parameters > > > on the first page. thanks Jorge > > > > Did you mean 8.0a1? > > no 5.01, or do you mean to download the 32bit version of nightly? Yes, the 32bit version of nightly.

(In reply to Jeff Muizelaar [:jrmuizel] from comment #32) > (In reply to jgbittar from comment #31) > > (In reply to Jeff Muizelaar [:jrmuizel] from comment #30) > > > (In reply to jgbittar from comment #29) > > > > With 5.01 it does not crash it just does not display the search parameters > > > > on the first page. thanks Jorge > > > > > > Did you mean 8.0a1? > > > > no 5.01, or do you mean to download the 32bit version of nightly? > > Yes, the 32bit version of nightly. Here you go, it exhibits the same behavior. thanks-jorge bp-0ed7f4b9-2e35-4dca-894e-79f4821108158/15/20113:51 PM

This handles bad strides by copying the data to a new image surface.

Comment on attachment 553455 [details] [diff] [review] Handle bad strides in acquire_source_surface Review of attachment 553455 [details] [diff] [review]: ----------------------------------------------------------------- ::: gfx/cairo/cairo/src/cairo-d2d-surface.cpp @@ +2510,5 @@ > return CAIRO_STATUS_SUCCESS; > } > > +static > +copy_data_to_different_stride(unsigned char *dst, int dst_stride, void *src, UINT src_stride, int width, int height) nit: In cairo this should probably be _copy<etc> @@ +2514,5 @@ > +copy_data_to_different_stride(unsigned char *dst, int dst_stride, void *src, UINT src_stride, int width, int height) > +{ > + unsigned char *src_p = (unsigned char *)src; > + while (height) { > + memcpy(dst, src_p, width); width * Bpp - at this time we could hit this with non-A8 I think. @@ +2565,5 @@ > if (FAILED(hr)) { > return _cairo_error(CAIRO_STATUS_NO_DEVICE); > } > + > + if (data.RowPitch == cairo_format_stride_for_width(d2dsurf->format, size.width)) { Is this really needed? This would quite commonly be untrue (GPU's regularly pad a little bit on the side, just usually multiples of 4). I know this is what the documentation says but could we get away with doing the copy only if the stride % 4 != 0?

This is a much better version of the previous

Correct patch.

Comment on attachment 553506 [details] [diff] [review] Handle bad strides in acquire_source_surface v2 Review of attachment 553506 [details] [diff] [review]: ----------------------------------------------------------------- ::: gfx/cairo/cairo/src/cairo-d2d-surface.cpp @@ +2518,5 @@ > + > + unsigned char *src_p = (unsigned char *)src; > + int min_stride = MIN(dst_stride, src_stride); > + while (height) { > + memcpy(dst, src_p, minimum_stride); In theory this could cause excessive copying (i.e. the padding on an A8 surface) but I don't think I care. ::: gfx/cairo/cairo/src/cairoint.h @@ +1910,5 @@ > > +static inline cairo_bool_t > +_cairo_valid_stride_alignment(int stride) > +{ > + return !!(stride & (CAIRO_STRIDE_ALIGNMENT-1)); As per IRC discussion this should be a single !.

Just verified that this is still not fixed on version 6.0, it still does not display the search screen but at least it does not crash like in aurora and nightly.

Comment on attachment 553506 [details] [diff] [review] Handle bad strides in acquire_source_surface v2 Approved for beta and aurora

This issue seems to havebeen fixed on nightly it does not crash, you can search and the search returns a result set, however aurora still a crash, and the official release of FF (6.0) still does not display the search portion on the website. Below is the crash for aurora. bp-b3682539-3b33-4694-ae60-9d0a72110824. thanks jorge

http://hg.mozilla.org/releases/mozilla-aurora/rev/852f698f184b http://hg.mozilla.org/releases/mozilla-beta/rev/246e03c5d04f

Hi guys. I've tested realtor.com from comment25 and I got no crash. It is enough to verify this bug? Thanks

Version 6.02 of firefox now displays everything correctly when going to realtor.com.

qa+ for verification on Firefox 7, 8, and 9. Verify by using the test URLs in this bug and by checking crashstats.

I have verified this by loading the sites from comment8 and I got no crash. The build were: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0) Gecko/20100101 Firefox/7.0 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:8.0a2) Gecko/20110925 Firefox/8.0a2 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0a1) Gecko/20110925 Firefox/9.0a1 Mozilla/5.0 (Windows NT 5.1; rv:7.0) Gecko/20100101 Firefox/7.0 Mozilla/5.0 (Windows NT 5.1; rv:8.0a2) Gecko/20110926 Firefox/8.0a2 Mozilla/5.0 (Windows NT 5.1; rv:9.0a1) Gecko/20110926 Firefox/9.0a1 Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0 Mozilla/5.0 (Windows NT 6.1; rv:8.0a2) Gecko/20110925 Firefox/8.0a2 Mozilla/5.0 (Windows NT 6.1; rv:9.0a1) Gecko/20110925 Firefox/9.0a1 Mozilla/5.0 (X11; Linux x86_64; rv:7.0) Gecko/20100101 Firefox/7.0 Mozilla/5.0 (X11; Linux x86_64; rv:8.0a2) Gecko/20110926 Firefox/8.0a2 Mozilla/5.0 (X11; Linux x86_64; rv:9.0a1) Gecko/20110926 Firefox/9.0a1