Closed Bug 177369 Opened 22 years ago Closed 22 years ago

10.2: crash after accessing a downloadable link [QDIsPortBuffered]

Categories

(Camino Graveyard :: Downloading, defect)

Product:
Camino Graveyard
Component:
Downloading
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: bugzilla, Assigned: sfraser_bugs)

Details

(Keywords: crash, regression)

Attachments

(2 files, 1 obsolete file)

crash report
6.59 KB, text/plain
Details
Same patch with more context
1.74 KB, patch
Details | Diff | Splinter Review 
found using 2002.10.29.04 on 10.2.1. i'm not sure if this is really a dup of bug
172381 (which was dup'd in favor of bug 157157), as the stack is a bit different.

anyhow, steps:

1. go to a site which has downloadable links, such as
ftp://ftp.mozilla.org/pub/chimera/nightly/2002-10-29-04/

2. single-click the Chimera.dmg.gz link.

results: crash --the file picker doesn't even appear.

note, however, that this is NOT a problem if i bring up the context menu for the
link and select "download link target".

crash report coming up.
Keywords: crash
Hardware: PC → Macintosh
Attached file crash report 

    
    

    
  
fwiw, i'm unable to repro this with 2002.10.25.14 on 10.2.1. gonna see if this
is a more recent regression.

    
    

    
  
argh, i take back my comment 2.

the second attempt at accessing a downloadable link resulted in a crash --but at
a somewhat different step: i got the file picker (unlike comment 0), but the
crash occurred as soon as i selected a different folder from the droplist.

the stack trace looks the same, too.

    
    

    
  
I can repro this.
Status: NEW → ASSIGNED

    
    

    
  
this regressed btwn the 10.25.04 (works fine) and 10.25.14 (crashes) builds.

also, i cannot repro this on 10.1.5, with the same steps and builds.
Keywords: regression
Summary: crash after accessing a downloadable link [QDIsPortBuffered] → 10.2: crash after accessing a downloadable link [QDIsPortBuffered]

    
    

    
  
Things I have found(tm)
1. nsChildView::GetNativeData() sometimes passes back NULL GrafPtrs for views
   that have not been placed in the window yet (but this seems unrelated
   to the crash).

2. The GetParent() that was hacked to always return nil, except for plugins, is
   called mostly from 2 places: SetZIndex() calls that deal with child widget
   layering, and event handling code. Putting that hack back makes the crash
   go away, as before.

3. When the crash occurs, GetQDGlobalsThePort() returns the address of a port
   that belongs to a view that has gone away. We've done lots of other port-
   setting in the meantime, so it's not obvious how QD held onto this port.

    
    

    
  
Hrm. So NSQuickDraw views have _qdPort and _savePort members. When they are
deleted, they call SetPort() with the _savePort. Every time gecko loads a new
page, two views go away (at autorelease time) in this order:

view 1 dealloc (port A, saveport B); SetPort(B)
view 2 dealloc (port C, saveport A): SetPort(A) // whoops

I've yet to determine where _savePort gets set.

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Patch to nsChildView.mm (obsolete)
        — Splinter Review
      

    


  
This patch fixes the bug by setting the _savePort member of the NSQuickDraw
view (our superclass) to a valid port, when the view is about to be removed
from the window. Then, at dealloc time, the superclass will set the current
port to the window's port, which is safe.

    
    

    
  


  
This patch shows the location of the main change, in [NSView
viewWillMoveToWindow], which called with newWindow == NULL when a view is
removed from the visible hierarchy.

        Attachment #104597 -
        Attachment is obsolete: true

    
    

    
  
This fix may also fix bug 165929, bug 177338, bug 163464, and bug 167312. I
checked it in.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED

    
    

    
  
+    WindowRef nativeWindow = windowToWindowRef([self window]);
+    _savePort = ::GetWindowPort(nativeWindow);

i'm worried that windowToWindowRef doesn't exist on 10.1. does it?

    
    

    
  
windowToWindowRef is our function that wraps the jaguar/10.1 specific calls, so
it works on both.

    
    

    
  
I can't reproduce issue using the 2002-10-30-04 build under 10.2.1. Tested with
two different macs : Power Mac Dual 800mhz (g4) and iBook 500mhz. Sarah, do you
still see this problem ?

    
    

    
  
i cannot repro this using 2002.10.30.04 on 10.2.1 (500mhz G4). marking verified.
Status: RESOLVED → VERIFIED

    
    

    
  
Based on Comment #10, I can still reporoduce 165929, 163464, and 167312 in the
latest build (2002-10-30-04)

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: