Closed Bug 76032 Opened 23 years ago Closed 23 years ago

Crash in gdkgc.c

Categories

(Core :: Graphics: ImageLib, defect)

Product:
Core
Component:
Graphics: ImageLib
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla0.9

People

(Reporter: reinout, Assigned: pavlov)

References

(
URL
)

Details

(Keywords: crash, Whiteboard: [imglib])

Attachments

(2 files)

stack trace and selected structure dumps
9.13 KB, text/plain
Details
fix
607 bytes, patch
Details | Diff | Splinter Review 
This page used to load ok (see bug 67519). Now (build 2001041214) it crashes
when it has finished loading. The console shows:
Document http://www.computerwinkel.net/ loaded successfully

Gdk-CRITICAL **: file gdkgc.c: line 277 (gdk_gc_ref): assertion `gc != NULL' failed.
/usr/local/mozilla/run-mozilla.sh: line 72:  2467 Segmentation fault      $prog
${1+"$@"}
Seeing with PC Mozilla 2001041321.
A cut from the attachment:

#0  0x4096cc41 in gdk_gc_copy () from /usr/lib/libgdk-1.2.so.0
#1  0x40f4a145 in nsImageGTK::Draw (this=0x87a0648, aContext=@0x85cb478, 
    aSurface=0x84f9e28, aSX=0, aSY=0, aSWidth=1, aSHeight=1, aDX=16, aDY=9, 
    aDWidth=1, aDHeight=1) at nsImageGTK.cpp:542
#2  0x40040340 in nsRenderingContextImpl::DrawImage (this=0x85cb478, 
    aImage=0x87fcde0, aSrcRect=0xbfffe778, aDestPoint=0xbfffe788)
    at nsRenderingContextImpl.cpp:714

Crashes mozilla for me on Linux Redhat 7.0 build 2001041405-trunk
Status: UNCONFIRMED → NEW
Ever confirmed: true
hmm, imagelig?
Assignee: asa → pavlov
Component: Browser-General → ImageLib
QA Contact: doronr → tpreston
changing status to [imglib]
Whiteboard: [imglib]
Here's another one (looks related but not quite the same)
at http://www.bean.nl/london_calling

Gdk-CRITICAL **: file gdkgc.c: line 277 (gdk_gc_ref): assertion `gc != NULL' failed.

Gdk-CRITICAL **: file gdkwindow.c: line 989 (gdk_window_copy_area): assertion
`gc != NULL' failed.

Gdk-CRITICAL **: file gdkgc.c: line 288 (gdk_gc_unref): assertion `gc != NULL'
failed.

Gdk-CRITICAL **: file gdkgc.c: line 277 (gdk_gc_ref): assertion `gc != NULL' failed.
/usr/local/mozilla/run-mozilla.sh: line 72: 20389 Segmentation fault      $prog
${1+"$@"}

Here's another data point.

Linux RH7
http://www.bayareavfr.com  crashes every time in linux, not on mac nor windows.

WARNING: alpha bitmask not scaled!
, file nsImageGTK.cpp, line 398

Gdk-CRITICAL **: file gdkgc.c: line 277 (gdk_gc_ref): assertion `gc != NULL'
failed.

Program received signal SIGSEGV, Segmentation fault.

#0  0x40983961 in gdk_gc_copy () from /usr/lib/libgdk-1.2.so.0
#1  0x40f89c66 in nsImageGTK::DrawScaled (this=0x4279fe48, aContext=@0x427fd678,
aSurface=0x8373be8, aSX=0, aSY=0, aSWidth=80, aSHeight=20, aDX=280, aDY=0,
aDWidth=1, aDHeight=1) at nsImageGTK.cpp:404
#2  0x40f89e96 in nsImageGTK::Draw (this=0x4279fe48, aContext=@0x427fd678,
aSurface=0x8373be8, aSX=0, aSY=0, aSWidth=80, aSHeight=20, aDX=280, aDY=0,
aDWidth=1, aDHeight=1) at nsImageGTK.cpp:505
#3  0x400410c8 in nsRenderingContextImpl::DrawScaledImage (this=0x427fd678,
aImage=0x424bd4f8, aSrcRect=0xbfffe640, aDestRect=0xbfffe610) at
nsRenderingContextImpl.cpp:744
#4  0x41a3cf26 in nsImageFrame::Paint (this=0x427cdff4, aPresContext=0x4279b738,
aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffe710,
aWhichLayer=eFramePaintLayer_Overlay) at nsImageFrame.cpp:1061
#5  0x41a1a031 in nsContainerFrame::PaintChild (this=0x427cdfbc,
aPresContext=0x4279b738, aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffe870,
aFrame=0x427cdff4, aWhichLayer=eFramePaintLayer_Overlay) at
nsContainerFrame.cpp:206
#6  0x41a19eb3 in nsContainerFrame::PaintChildren (this=0x427cdfbc,
aPresContext=0x4279b738, aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffe870,
aWhichLayer=eFramePaintLayer_Overlay) at nsContainerFrame.cpp:151
#7  0x41a31555 in nsHTMLContainerFrame::Paint (this=0x427cdfbc,
aPresContext=0x4279b738, aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffe870,
aWhichLayer=eFramePaintLayer_Overlay) at nsHTMLContainerFrame.cpp:106
#8  0x41a1a031 in nsContainerFrame::PaintChild (this=0x427cdf34,
aPresContext=0x4279b738, aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffeca0,
aFrame=0x427cdfbc, aWhichLayer=eFramePaintLayer_Overlay) at
nsContainerFrame.cpp:206
#9  0x41a13a6f in nsBlockFrame::PaintChildren (this=0x427cdf34,
aPresContext=0x4279b738, aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffeca0,
aWhichLayer=eFramePaintLayer_Overlay) at nsBlockFrame.cpp:6593
#10 0x41a137a0 in nsBlockFrame::Paint (this=0x427cdf34, aPresContext=0x4279b738,
aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffeca0,
aWhichLayer=eFramePaintLayer_Overlay) at nsBlockFrame.cpp:6470
#11 0x41a676af in PresShell::Paint (this=0x427bfd58, aView=0x4294def0,
aRenderingContext=@0x427fd678, aDirtyRect=@0xbfffeca0) at nsPresShell.cpp:4948
#12 0x41c5f40f in nsView::Paint (this=0x4294def0, rc=@0x427fd678,
rect=@0xbfffeca0, aPaintFlags=128, aResult=@0xbfffecb8) at nsView.cpp:273
#13 0x41c69f06 in nsViewManager::RenderDisplayListElement (this=0x427bf7e0,
element=0x4294f470, aRC=@0x427fd678) at nsViewManager.cpp:1392
#14 0x41c69c45 in nsViewManager::RenderViews (this=0x427bf7e0,
aRootView=0x427bf8f8, aRC=@0x427fd678, aRect=@0xbfffee80, aResult=@0xbfffee7c)
at nsViewManager.cpp:1316
#15 0x41c68847 in nsViewManager::Refresh (this=0x427bf7e0, aView=0x427bf8f8,
aContext=0x427fd678, rect=0xbfffefe0, aUpdateFlags=1) at nsViewManager.cpp:883
#16 0x41c6b511 in nsViewManager::DispatchEvent (this=0x427bf7e0,
aEvent=0xbffff170, aStatus=0xbffff030) at nsViewManager.cpp:1911
#17 0x41c5ec82 in HandleEvent (aEvent=0xbffff170) at nsView.cpp:67
#18 0x407f7aa4 in nsWidget::DispatchEvent (this=0x427bf960, aEvent=0xbffff170,
aStatus=@0xbffff10c) at nsWidget.cpp:1471
#19 0x407f769a in nsWidget::DispatchWindowEvent (this=0x427bf960,
event=0xbffff170) at nsWidget.cpp:1362
#20 0x407fe01f in nsWindow::DoPaint (this=0x427bf960, aX=280, aY=0, aWidth=14,
aHeight=5, aClipRegion=0x427badd0) at nsWindow.cpp:705
#21 0x407fe2de in nsWindow::Update (this=0x427bf960) at nsWindow.cpp:751
#22 0x407fdd49 in nsWindow::UpdateIdle (data=0x0) at nsWindow.cpp:617
#23 0x409b1a8f in g_idle_dispatch () from /usr/lib/libglib-1.2.so.0
#24 0x409b0987 in g_main_dispatch () from /usr/lib/libglib-1.2.so.0
#25 0x409b1001 in g_main_iterate () from /usr/lib/libglib-1.2.so.0
#26 0x409b11cc in g_main_run () from /usr/lib/libglib-1.2.so.0
#27 0x408caf87 in gtk_main () from /usr/lib/libgtk-1.2.so.0
#28 0x407e29b9 in nsAppShell::Run (this=0x80aefe8) at nsAppShell.cpp:360
#29 0x4071e493 in nsAppShellService::Run (this=0x80ac970) at
nsAppShellService.cpp:421
#30 0x08053433 in main1 (argc=1, argv=0xbffff734, nativeApp=0x0) at
nsAppRunner.cpp:1005
#31 0x08054167 in main (argc=1, argv=0xbffff734) at nsAppRunner.cpp:1300
#32 0x402fdb65 in __libc_start_main (main=0x8053f68 <main>, argc=1,
ubp_av=0xbffff734, init=0x804defc <_init>, fini=0x805dd20 <_fini>,
rtld_fini=0x4000df24 <_dl_fini>, stack_end=0xbffff72c) at
../sysdeps/generic/libc-start.c:111
(gdb) 
Adding "crash" to keywords.

Yet another data point:

Build 2001041808, Linux 2.4.3-ac3 i686, RedHat 6.1, XFree86 4.0.2

http://cherry-blossom.nu/tomoyo

(At least, I'm assuming it's the same bug because it crashes in gdk_gc_copy,
even though it doesn't give the Gdk-CRITICAL warning).

#0  0x40714630 in gdk_gc_copy () from /usr/lib/libgdk-1.2.so.0
#1  0x007fffff in ?? () at eval.c:41
#2  0x40042739 in nsRenderingContextImpl::DrawImage () at eval.c:41
#3  0x40f10c49 in nsImageFrame::Paint ()
   from /usr/home/matt/graze/browsers/mz/components/libgklayout.so
#4  0x40efdb41 in nsContainerFrame::PaintChild ()
   from /usr/home/matt/graze/browsers/mz/components/libgklayout.so
#5  0x40ef9ef4 in nsBlockFrame::PaintChildren ()
   from /usr/home/matt/graze/browsers/mz/components/libgklayout.so
#6  0x40ef9d5a in nsBlockFrame::Paint ()
   from /usr/home/matt/graze/browsers/mz/components/libgklayout.so
#7  0x40f2b98f in PresShell::Paint ()
   from /usr/home/matt/graze/browsers/mz/components/libgklayout.so
#8  0x4105544b in nsView::Paint ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#9  0x4105d786 in nsViewManager::RenderDisplayListElement ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#10 0x4105d570 in nsViewManager::RenderViews ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#11 0x4105c79a in nsViewManager::Refresh ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#12 0x4105e8e5 in nsViewManager::DispatchEvent ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#13 0x41054fbd in HandleEvent ()
   from /usr/home/matt/graze/browsers/mz/components/libgkview.so
#14 0x4057fcba in nsWidget::DispatchEvent ()
   from /usr/home/matt/graze/browsers/mz/components/libwidget_gtk.so
#15 0x4057fbe5 in nsWidget::DispatchWindowEvent ()
   from /usr/home/matt/graze/browsers/mz/components/libwidget_gtk.so
#16 0x40583595 in nsWindow::DoPaint ()
   from /usr/home/matt/graze/browsers/mz/components/libwidget_gtk.so
#17 0x40583715 in nsWindow::Update ()
   from /usr/home/matt/graze/browsers/mz/components/libwidget_gtk.so
#18 0x40583459 in nsWindow::UpdateIdle ()
   from /usr/home/matt/graze/browsers/mz/components/libwidget_gtk.so
#19 0x4074697b in g_idle_dispatch () from /usr/lib/libglib-1.2.so.0
#20 0x40745847 in g_main_dispatch () from /usr/lib/libglib-1.2.so.0
#21 0x40745ec1 in g_main_iterate () from /usr/lib/libglib-1.2.so.0
#22 0x4074608c in g_main_run () from /usr/lib/libglib-1.2.so.0
Keywords: crash
*** Bug 76798 has been marked as a duplicate of this bug. ***
*** Bug 76819 has been marked as a duplicate of this bug. ***
Attached patch fixSplinter Review 

    
    

    
  
if the renderingcontext's mGC is null, then we need to call UpdateGC() before
giving back mGC.

Status: NEW → ASSIGNED

    
  
Keywords: patch

    
    

    
  
*** Bug 75494 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 77035 has been marked as a duplicate of this bug. ***

    
    

    
  
With this patch I don't get the Gdk errors but I get a BadMatch error loading:

http://www.youdoitelectronics.com/

This patch doesn't fix the problem for me.

    
    

    
  
Christopher: apply also the fix for bug 74270.

    
    

    
  
OK.  Works for me.

    
    

    
  
Just verifying that with this patch (plus the one in bug 74270) I don't see
these crashers. This is with a CVS build from 2001-04-23-21 on Linux.

    
    

    
  
blizzard, are you sr='ing this patch and the one in bug 74270?  I'm here to r=
this one.  I'll look at 74270 in a minute.

/be

    
    

    
  
moving to 0.9
Target Milestone: --- → mozilla0.9

    
    

    
  
I'm reviewing this one.  It looks just fine to me.  r/sr=blizzard

    
    

    
  
[s]r=tor


    
    

    
  
fix checked in.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED

    
    

    
  
Verified fixed linux build 2001052112
Verified fixed w98 build 2001051704
Verified fixed Mac build 2001051705
Status: RESOLVED → VERIFIED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: