532612 - crash in [@ XtWidgetToApplicationContext]

Status: RESOLVED FIXED

(Core :: Widget: Gtk, defect)

Description

[Oleg Romashin (:romaxa)]

Attachment: Null checks for GDK window and xtclient.top_widget

After some experiments with scriptable plugins, I got this crash:

Probably this crash reproducible only in headless microb configuration.

#0  XtWidgetToApplicationContext (w=0x0) at ../../src/Display.c:709
#1  0x4225794c in XtSetValues (w=0x0, args=0xbeebbdb0, num_args=2) at
../../src/SetValues.c:200
#2  0x4144cf04 in gtk_xtbin_resize (widget=0x448218, width=600, height=40)
    at widget/src/gtkxtbin/gtk2xtbin.c:428
#3  0x412d45a8 in nsPluginNativeWindowGtk2::CallSetWindow (this=0x60bf38,
aPluginInstance=@0xbeebbe08)
    at modules/plugin/base/src/nsPluginNativeWindowGtk2.cpp:218
#4  0x40c84744 in nsObjectFrame::CallSetWindow (this=0x5da458)
    at layout/generic/nsObjectFrame.cpp:1067
#5  0x40c87a80 in nsObjectFrame::Instantiate (this=0x5da458, aMimeType=0x5d93e8
"application/mozilla-npruntime-scriptable-plugin", aURI=0x161d90)
    at layout/generic/nsObjectFrame.cpp:2031
#6  0x40df24f8 in nsObjectLoadingContent::Instantiate (this=0x5d9134,
aFrame=0x5da484, aMIMEType=@0x5d9118, aURI=0x161d90)
    at content/base/src/nsObjectLoadingContent.cpp:1757
#7  0x40df29a0 in nsObjectLoadingContent::EnsureInstantiation (this=0x5d9134,
aInstance=0xbeebbf94)
    at content/base/src/nsObjectLoadingContent.cpp:780
#8  0x40f4aa1c in nsHTMLPluginObjElementSH::GetPluginInstanceIfSafe
(wrapper=<value optimized out>, obj=<value optimized out>, _result=0xbeebbf94)
    at dom/base/nsDOMClassInfo.cpp:9404
#9  0x40f4c354 in nsHTMLPluginObjElementSH::SetupProtoChain (wrapper=0x5e0fe0,
cx=0x537598, obj=0x29b200)
    at dom/base/nsDOMClassInfo.cpp:9484
#10 0x40f4c510 in nsHTMLPluginObjElementSH::PostCreate (this=<value optimized
out>, wrapper=0x5e0fe0, cx=0x537598, obj=0x2)
    at dom/base/nsDOMClassInfo.cpp:9597
#11 0x40a62db0 in FinishCreate (ccx=@0xbeebc22c, Scope=<value optimized out>,
Interface=<value optimized out>, cache=0x5d911c, wrapper=0x5e0fe0,

Comment 1

[Karl Tomlinson (:karlt)]

Comment on attachment 415823 [details] [diff] [review]
Null checks for GDK window and xtclient.top_widget

>@@ -425,7 +425,8 @@ gtk_xtbin_resize (GtkWidget *widget,
>-  XtSetValues(xtbin->xtclient.top_widget, args, 2);
>+  if (xtbin->xtclient.top_widget)
>+    XtSetValues(xtbin->xtclient.top_widget, args, 2);

This looks reasonable.

I'm curious why either the widget failed to realize in gtk_xtbin_new() or XtAppCreateShell() failed.  Any ideas?
http://hg.mozilla.org/mozilla-central/annotate/b5cb31b39f81/widget/src/gtkxtbin/gtk2xtbin.c#l396

>@@ -434,7 +435,8 @@ gtk_xtbin_resize (GtkWidget *widget,
>-  gtk_widget_size_allocate(widget, &allocation);
>+  if (widget->window)
>+    gtk_widget_size_allocate(widget, &allocation);

AFAIK it is fine to size_allocate an unrealized widget so I don't think this should be necessary.

Comment 2

[Oleg Romashin (:romaxa)]

> This looks reasonable.
> 
> I'm curious why either the widget failed to realize in gtk_xtbin_new() or
> XtAppCreateShell() failed.  Any ideas?
> http://hg.mozilla.org/mozilla-central/annotate/b5cb31b39f81/widget
/src/gtkxtbin/gtk2xtbin.c#l396

In microb mGdkWindow is always NULL, and we don't have real gdk window to draw, because we are painting everything to shared memory buffer. I think that might be a reason of failed gtk_xtbin widget creation

> >+  if (widget->window)
> >+    gtk_widget_size_allocate(widget, &allocation);
> 
> AFAIK it is fine to size_allocate an unrealized widget so I don't think this
> should be necessary.

Yes, I think you right, it is not really necessary

Comment 3

[Oleg Romashin (:romaxa)]

Attachment: Updated patch

Comment 4

[Oleg Romashin (:romaxa)]

Fixed in
http://hg.mozilla.org/mozilla-central/rev/66a84731edc8