299568 - Crash with cairo SVG in Linux GTK1 builds on above URL

Status: RESOLVED FIXED

(Core :: SVG, defect)

Description

[Boris Zbarsky [:bzbarsky]]

STEPS TO REPRODUCE:

1)  Build cairo SVG on Linux
2)  Load the testcase in the URL field

ACTUAL RESULTS: Crash at:

#0  0xb6fcec53 in nsSVGCairoCanvas::Init (this=0x87203d8, ctx=0x86ce400, 
    presContext=0x871b2a0, dirtyRect=@0xbfffe5f0)
    at
../../../../../../mozilla/layout/svg/renderer/src/cairo/nsSVGCairoCanvas.cpp:200
#1  0xb6fcee19 in NS_NewSVGCairoCanvas (result=0xbfffe5e0, ctx=0x86ce400, 
    presContext=0x871b2a0, dirtyRect=@0xbfffe5f0)
    at
../../../../../../mozilla/layout/svg/renderer/src/cairo/nsSVGCairoCanvas.cpp:248
#2  0xb6fce814 in nsSVGRendererCairo::CreateCanvas (this=0x874ca78, ctx=0x86ce400, 
    presContext=0x871b2a0, dirtyRect=@0xbfffe5f0, _retval=0xbfffe5e0)
    at
../../../../../../mozilla/layout/svg/renderer/src/cairo/nsSVGRendererCairo.cpp:141
#3  0xb6f4b585 in nsSVGOuterSVGFrame::Paint (this=0x874b894,
aPresContext=0x871b2a0, 
    aRenderingContext=@0x86ce400, aDirtyRect=@0xbfffe680, 
    aWhichLayer=eFramePaintLayer_Overlay, aFlags=0)
    at ../../../../../mozilla/layout/svg/base/src/nsSVGOuterSVGFrame.cpp:906

GDB OUTPUT:

(gdb) frame
#0  0xb6fcec53 in nsSVGCairoCanvas::Init (this=0x87203d8, ctx=0x86ce400, 
    presContext=0x871b2a0, dirtyRect=@0xbfffe5f0)
    at
../../../../../../mozilla/layout/svg/renderer/src/cairo/nsSVGCairoCanvas.cpp:200
200       cairoSurf = cairo_xlib_surface_create(GDK_WINDOW_XDISPLAY(drawable),
(gdb) list
195       nsDrawingSurfaceGTK *surface;
196       ctx->GetDrawingSurface((nsIDrawingSurface**)&surface);
197       surface->GetSize(&mWidth, &mHeight);
198       GdkDrawable *drawable = surface->GetDrawable();
199       GdkVisual *visual = gdk_window_get_visual(drawable);
200       cairoSurf = cairo_xlib_surface_create(GDK_WINDOW_XDISPLAY(drawable),
201                                             GDK_WINDOW_XWINDOW(drawable),
202                                             GDK_VISUAL_XVISUAL(visual),
203                                             mWidth, mHeight);
204     #endif
(gdb) p drawable
$6 = (GdkDrawable *) 0x86c42b8
(gdb) p visual
$7 = (GdkVisual *) 0x0

I'll bet money that this last is why we're crashing...

Comment 1

[Michiel van Leeuwen (email: mvl+moz@)]

Looks like bug 296614 (although this bug has a better problem description)

Comment 2

[Boris Zbarsky [:bzbarsky]]

ccing tor for real....

Note that bug 296614 happens for GTK2 builds too, so it might end up being
different.

Comment 3

[tor]

Hmm, could you try changing that code fragment to use gdk_drawable_get_visual()
instead of gdk_window_get_visual() to see if that makes a difference?

Comment 4

[Boris Zbarsky [:bzbarsky]]

That doesn't compile with GTK 1.x (no such function).  For GTK2, the two are
actually the same method -- agdkwindow.h has:

  #define gdk_window_get_visual          gdk_drawable_get_visual

Comment 5

[tor]

Ok.  Didn't have a gtk1 setup around, and was wondering if they might have been
different functions back then.

Comment 6

[Scooter Morris]

This works for me on the current trunk.

Comment 7

[Scooter Morris]

Oops, nevermind (I'm using GTK2)

Comment 8

[Boris Zbarsky [:bzbarsky]]

This crash is keeping me from usefully testing a proposed fix for bug 291902...

Comment 9

[Hans-Peter Budek]

I'am not sure if this is the right way to fix this bug, but it helps...

+   if(visual) {
     cairoSurf = cairo_xlib_surface_create(GDK_WINDOW_XDISPLAY(drawable),
                                           GDK_WINDOW_XWINDOW(drawable),
                                           GDK_VISUAL_XVISUAL(visual),
                                           mWidth, mHeight);
+   }

Comment 10

[Boris Zbarsky [:bzbarsky]]

Attachment: Hans-Peter's patch

Certainly fixes the crash

Comment 11

[tor]

Comment on attachment 207564 [details] [diff] [review]
Hans-Peter's patch

I'm still not sure why we're getting a null back, but using the fallback code makes sense.

Comment 12

[Boris Zbarsky [:bzbarsky]]

Fixed for 1.9a.  Thanks for the patch!