Closed Bug 249520 Opened 17 years ago Closed 17 years ago

Crash on exit when the gtkmozembed widget is created but never shown

Categories

(Core Graveyard :: Embedding: GTK Widget, defect)

defect
Not set
critical

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: swbrown, Assigned: swbrown)

References

Details

(Keywords: crash, fixed-aviary1.0, fixed1.7.5)

Attachments

(2 files)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
Build Identifier: 

gtkmozembed calls EmbedPrivate::Destroy() even when it hasn't called
EmbedPrivate::Init(), which is wrong, and causes a null pointer dereference.
This can happen when a gtkmozembed widget has been created, but never realized.
E.g., never 'show' the widget and exit.  Crash.

The fix is to have gtkmozembed check (the same way EmbedPrivate checks) if
EmbedPrivate has been Init()ed before Destroy()ing.


Reproducible: Always
Steps to Reproduce:
1. Create but never show the gtkmozembed widget.
2. Exit.



Actual Results:  
Crash.

Expected Results:  
Not crash. :)
Attached file Test case.
Minimal test of the bug.  In the real world, I encounter this bug when I have a
gtkmozembed widget on a tab of my application that the user didn't visit before
exiting.
dougt might also help to get this reviewed and checked in...
Severity: major → critical
Keywords: crash
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment on attachment 152164 [details] [diff] [review]
Patch to fix the bug.

Brian, could you take a look, please?
Attachment #152164 - Flags: superreview?(bryner)
Attachment #152164 - Flags: review?(bryner)
Btw, the same fix needs to be applied to FireFox as well, as it seems to also be
a source for gtkmozembed (I'm not familiar with how FireFox is branched, but on
a coworker's gentoo box, FireFox brought in its own gtkmozembed).
Attachment #152164 - Flags: superreview?(bryner)
Attachment #152164 - Flags: superreview+
Attachment #152164 - Flags: review?(bryner)
Attachment #152164 - Flags: review+
Assignee: blizzard → swbrown
Fix checked in to the trunk.

Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Comment on attachment 152164 [details] [diff] [review]
Patch to fix the bug.

I think this is worth taking on the 1.7 branch.  It's a pretty straightforward
null-check crash fix.
Attachment #152164 - Flags: approval1.7.2?
Comment on attachment 152164 [details] [diff] [review]
Patch to fix the bug.

a=mkaply for 1.7.2
Attachment #152164 - Flags: approval1.7.2? → approval1.7.2+
Keywords: fixed1.7.2
Whiteboard: needed-aviary1.0
Keywords: fixed-aviary1.0
Whiteboard: needed-aviary1.0
*** Bug 255649 has been marked as a duplicate of this bug. ***
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.