Closed Bug 520790 Opened 15 years ago Closed 15 years ago

Qt build of Firefox or Fennec crashes whenever I visit a page featuring an iframe

Categories

(Core :: Graphics, defect)

Product:
Core
Component:
Graphics
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: bringbackbsd, Unassigned)

References

(
URL
)

Details

Attachments

(1 file, 1 obsolete file)

A revision, cleaning up the unbalanced QPainter save and restore operations
4.14 KB, patch
jrmuizel
: review-
Details | Diff | Splinter Review
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.13) Gecko/2009080315 Ubuntu/9.04 (jaunty) Firefox/3.0.13 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.3a1pre) Gecko/20091006 Minefield/3.7a1pre Using the Qt build of Firefox or Fennec, whenever I visit a web page that features an iframe the browser crashes (segmentation fault). Reproducible: Always Steps to Reproduce: 1. Visit http://www.dyn-web.com/tutorials/iframes/basics.php. 2. If testing Firefox, scroll down a little bit. Actual Results: The application crashes. Expected Results: The application renders the web page. The implementation of the Qt port has situations where a null pointer can be dereferenced, causing a segmentation fault. This happens in gfx/cairo/cairo/src/cairo-qpainter-surface.cpp and the problem is caused by attempting to dereference the abstracted surface to get a pointer to the underlying QPainter. In some situations, noted with the iframe case, the abstracted surface can be null.
Attached patch A possible fix (obsolete) — Splinter Review
A possible fix, checking that pointers to the abstracted surface's painter are allocated before dereferencing them.
Flags: wanted-fennec1.0?
Comment on attachment 404838 [details] [diff] [review] A possible fix Seems sensible and does fix crashes for me.
Attachment #404838 - Flags: review+
Status: UNCONFIRMED → NEW
Ever confirmed: true
Ok, but why is the QPainter null? Maybe we should fix that
Attachment #404838 - Attachment is obsolete: true
Attachment #411410 - Flags: review?(mark.finkle)
Attachment #411410 - Flags: review?(mark.finkle) → review?(jmuizelaar)
We agreed that we would not implement flush() in bug 498910. 498910's fix address this problem.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WONTFIX
Comment on attachment 411410 [details] [diff] [review] A revision, cleaning up the unbalanced QPainter save and restore operations This shouldn't be needed anymore.
Attachment #411410 - Flags: review?(jmuizelaar) → review-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: