← Back to team overview

registry team mailing list archive

[Bug 129007] Re: MASTER firefox-bin crashed with crux theme [@moz_gtk_widget_paint] at #10

 

Launchpad has imported 22 comments from the remote bug at
https://bugzilla.mozilla.org/show_bug.cgi?id=389801.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.

------------------------------------------------------------------------
On 2007-07-27T07:02:13+00:00 hwasung wrote:

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007072604 Minefield/3.0a7pre (Firefox 3)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007072604 Minefield/3.0a7pre (Firefox 3)

With a theme I metioned above, visiting a page contians a select element
or opening the preferences window (which may contain dropdown menus)
causes Firefox to crash or to be unresponsive.

I commented out two lines (GtkOptionMenu::indicator_size and
GtkOptionMenu::indicator_spacing) in gtkrc after I found the problem
occured in 'moz_gtk_option_menu_get_metrics' function (in
/widget/src/gtk2/gtk2drawing.c). Then no more crash.

Reproducible: Always

Steps to Reproduce:
1. change the gtk+ theme to a theme such as Nova, GSM, etc.
2. launch Minefield
3. visit a page contains a select element or open the preferences window
Actual Results:  
crash or being unresponsive

Expected Results:  
display normally

Breakpad Crash Reports:
d8e41d78-3b89-11dc-a4d7-001a4bd43ed6
66f1830f-3b7d-11dc-a9e1-001a4bd43ed6
dcb123ab-3b8a-11dc-aac2-001a4bd43e5c
0d0df6cc-3b8e-11dc-8d0d-001a4bd46e84
be0473eb-3b93-11dc-bb3d-001a4bd43ed6
b9adca70-3b8f-11dc-85e4-001a4bd43ed6
6dde5bee-3b96-11dc-9143-001a4bd43ef6
de24b097-3b97-11dc-a30b-001a4bd46e84

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/0

------------------------------------------------------------------------
On 2007-07-29T22:10:45+00:00 Timeless-bemail wrote:

UUID	66f1830f-3b7d-11dc-a9e1-001a4bd43ed6
Time	2007-07-26 06:37:49.840000-07:00
Build ID	2007072604
OS	Linux
OS Version	0.0.0 Linux 2.6.22-8-generic #1 SMP Thu Jul 12 15:59:45 GMT 2007 i686 GNU/Linux
CPU	x86
CPU Info	GenuineIntel family 2 model 2 stepping 4
Crash Reason	SIGABRT
Crash Address	0xffffe410
Stack of Crashing Thread

frame	signature
0	@0xffffe410
1	libc-2.6.so@0x2c1f0
2	libc-2.6.so@0x61e2b
3	libc-2.6.so@0x6d8fa
4	libglib-2.0.so.0.1307.0@0x36960
5	moz_gtk_option_menu_get_metrics
6	moz_gtk_widget_paint
7	ThemeRenderer::NativeDraw(_XDisplay*, unsigned long, Visual*, short, short, XRectangle*, unsigned int)
8	NativeRendering(void*, _XDisplay*, unsigned long, Visual*, short, short, XRectangle*, unsigned int)
9	cairo_draw_with_xlib

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/8

------------------------------------------------------------------------
On 2007-07-29T22:41:22+00:00 chpe wrote:

565 GtkBorder *tmp_indicator_spacing;
566                 
567 gtk_widget_style_get(gOptionMenuWidget,
[...]
570                      "indicator_spacing", &tmp_indicator_spacing,
[...]
585 g_free(tmp_indicator_spacing);

You have to use gtk_border_free() to free a GtkBorder* obtained with
gtk_widget_style_get, not g_free().

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/9

------------------------------------------------------------------------
On 2007-07-29T22:49:58+00:00 chpe wrote:

And similarly you need to use gtk_requisition_free to free the
GtkRequisition* tmp_indicator_size.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/10

------------------------------------------------------------------------
On 2007-07-29T22:53:15+00:00 Timeless-bemail wrote:

Created attachment 274406
like this?

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/11

------------------------------------------------------------------------
On 2007-07-29T22:54:51+00:00 Timeless-bemail wrote:

Created attachment 274408
more like this?

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/12

------------------------------------------------------------------------
On 2007-07-29T23:04:23+00:00 chpe wrote:

Comment on attachment 274408
more like this?

You need to null-check, since neither they don't accept null, in
contrast to g_free.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/13

------------------------------------------------------------------------
On 2007-07-29T23:08:37+00:00 Timeless-bemail wrote:

Created attachment 274410
details...

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/14

------------------------------------------------------------------------
On 2007-07-29T23:17:10+00:00 chpe wrote:

Comment on attachment 274410
details...

You mixed them up, used gtk_border_free in the if() of the
GtkRequisition, and likewise for the other one too ;)

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/15

------------------------------------------------------------------------
On 2007-07-30T06:19:02+00:00 Timeless-bemail wrote:

Created attachment 274430
ok, patching whlie sleepy is bad?

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/16

------------------------------------------------------------------------
On 2007-07-30T12:57:23+00:00 Timeless-bemail wrote:

Comment on attachment 274430
ok, patching whlie sleepy is bad?

roc: could you please approve this for 1.9?

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/17

------------------------------------------------------------------------
On 2007-09-04T20:31:21+00:00 chpe wrote:

*** Bug 394876 has been marked as a duplicate of this bug. ***

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/24

------------------------------------------------------------------------
On 2007-09-04T23:49:20+00:00 Roc-ocallahan wrote:

I'd like to but I technically I can't.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/25

------------------------------------------------------------------------
On 2007-09-05T01:19:35+00:00 Roc-ocallahan wrote:

Comment on attachment 274430
ok, patching whlie sleepy is bad?

okay, now I can.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/26

------------------------------------------------------------------------
On 2007-09-05T07:07:25+00:00 Frédéric Crozat wrote:

attachment 274430 is buggy :
-there is a typo in gtk_requistion_free(tmp_indicator_size); and from checking gtk code, I'm not sure there is a need to use gtk_requisition_free, since it is just a  call to g_free. Anyway, it is not needed to check for null when calling gtk_requisition_free
-gtk_requisition_free on gtk+ 2.11.x is calling g_slide_free which does accept NULL as a parameter (it just doesn't do anything). 

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/27

------------------------------------------------------------------------
On 2007-09-05T18:12:16+00:00 chpe wrote:

You're right, I read the gslice macros wrongly and thought they didn't
accept NULL on free.

gtk_requisition_free is the right function to call, NOT g_free.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/28

------------------------------------------------------------------------
On 2007-09-06T07:44:14+00:00 Frédéric Crozat wrote:

Created attachment 279879
better patch

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/29

------------------------------------------------------------------------
On 2007-09-20T15:13:22+00:00 Reed Loden wrote:

Comment on attachment 279879
better patch

Requesting review on this patch... the patch says it's for
gfx/src/gtk/gtk2drawing.c, but that file doesn't exist on trunk, as it
seems it was moved to widget/src/gtk2/gtk2drawing.c.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/35

------------------------------------------------------------------------
On 2007-09-20T15:15:43+00:00 Reed Loden wrote:

According to
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/129007, this is a
top-crasher for Ubuntu.

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/36

------------------------------------------------------------------------
On 2007-09-21T02:14:48+00:00 Reed Loden wrote:

Checking in widget/src/gtk2/gtk2drawing.c;
/cvsroot/mozilla/widget/src/gtk2/gtk2drawing.c,v  <--  gtk2drawing.c
new revision: 1.32; previous revision: 1.31
done


Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/37

------------------------------------------------------------------------
On 2007-09-28T23:35:49+00:00 Dveditz wrote:

Comment on attachment 279879
better patch

approved for 1.8.1.8 and 1.8.0.14, a=dveditz for release-drivers

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/38

------------------------------------------------------------------------
On 2007-09-29T06:51:03+00:00 Reed Loden wrote:

MOZILLA_1_8_BRANCH:

Checking in gfx/src/gtk/gtk2drawing.c;
/cvsroot/mozilla/gfx/src/gtk/Attic/gtk2drawing.c,v  <--  gtk2drawing.c
new revision: 1.15.8.3; previous revision: 1.15.8.2
done

MOZILLA_1_8_0_BRANCH:

Checking in gfx/src/gtk/gtk2drawing.c;
/cvsroot/mozilla/gfx/src/gtk/Attic/gtk2drawing.c,v  <--  gtk2drawing.c
new revision: 1.15.8.2.4.1; previous revision: 1.15.8.2
done

Reply at: https://bugs.launchpad.net/firefox/+bug/129007/comments/39


** Changed in: firefox
   Importance: Unknown => Medium

-- 
MASTER firefox-bin crashed with crux theme [@moz_gtk_widget_paint] at #10
https://bugs.launchpad.net/bugs/129007
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for GTK-engines.