master: gtk: Hold reference on style until GtkCssBoxes finalized (!4111) · Merge requests · GNOME / gtk

Maxim Zakharov requested to merge Maxime2/gtk:gtk_css_boxes-fix into master Nov 02, 2021
Fixes premature style unreferencing in gtk_widget_create_renderer_node() if the widget's style is being removed while processing.
We use custom cell renderer which changes widget's css style on-the-fly. That causes crashes in gtk_widget_create_renderer_node() trying to access style already replaced with backtracea looking as
Thread 1 "mbbag_run" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffecdca100 (LWP 842648)]
gtk_css_style_snapshot_outline (boxes=boxes@entry=0x7fffffffb380, snapshot=snapshot@entry=0x555557c3c800) at ../gtk/gtkrenderborder.c:737
737	  border_style[0] = _gtk_css_border_style_value_get (outline->outline_style);
(gdb) bt
#0  gtk_css_style_snapshot_outline (boxes=boxes@entry=0x7fffffffb380, snapshot=snapshot@entry=0x555557c3c800) at ../gtk/gtkrenderborder.c:737
#1  0x00007ffff7a7380e in gtk_widget_create_render_node (widget=widget@entry=0x5555589d0f90, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11596
#2  0x00007ffff7a774b4 in gtk_widget_do_snapshot (widget=widget@entry=0x5555589d0f90, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11628
#3  0x00007ffff7a83eda in gtk_widget_snapshot_child (widget=<optimised out>, child=0x5555589d0f90, snapshot=0x555557c3c800)
    at ../gtk/gtkwidget.c:12049
#4  0x00007ffff7a83f7e in gtk_widget_real_snapshot (widget=0x555559dba420, snapshot=0x555557c3c800) at ../gtk/gtkwidget.c:734
#5  0x00007ffff79b7f10 in gtk_scrolled_window_snapshot (widget=0x555559dba420, snapshot=0x555557c3c800) at ../gtk/gtkscrolledwindow.c:2816
#6  0x00007ffff7a73803 in gtk_widget_create_render_node (widget=widget@entry=0x555559dba420, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11593
#7  0x00007ffff7a774b4 in gtk_widget_do_snapshot (widget=widget@entry=0x555559dba420, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11628
#8  0x00007ffff7a83eda in gtk_widget_snapshot_child (widget=<optimised out>, child=0x555559dba420, snapshot=0x555557c3c800)
    at ../gtk/gtkwidget.c:12049
#9  0x00007ffff7a83f7e in gtk_widget_real_snapshot (widget=0x5555598b2350, snapshot=0x555557c3c800) at ../gtk/gtkwidget.c:734
#10 0x00007ffff7a73803 in gtk_widget_create_render_node (widget=widget@entry=0x5555598b2350, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11593
#11 0x00007ffff7a774b4 in gtk_widget_do_snapshot (widget=widget@entry=0x5555598b2350, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11628
#12 0x00007ffff7a83eda in gtk_widget_snapshot_child (widget=<optimised out>, child=0x5555598b2350, snapshot=0x555557c3c800)
    at ../gtk/gtkwidget.c:12049
#13 0x00007ffff7a83f7e in gtk_widget_real_snapshot (widget=0x555557a449f0, snapshot=0x555557c3c800) at ../gtk/gtkwidget.c:734
--Type <RET> for more, q to quit, c to continue without paging--
#14 0x00007ffff7a740a2 in gtk_widget_create_render_node (widget=widget@entry=0x555557a449f0, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11588
#15 0x00007ffff7a774b4 in gtk_widget_do_snapshot (widget=widget@entry=0x555557a449f0, snapshot=snapshot@entry=0x555557c3c800)
    at ../gtk/gtkwidget.c:11628
#16 0x00007ffff7a821c6 in gtk_widget_snapshot (widget=0x555557a449f0, snapshot=0x555557c3c800) at ../gtk/gtkwidget.c:11650
#17 0x00007ffff7a822d4 in gtk_widget_render (widget=0x555557a449f0, surface=surface@entry=0x5555598b3360, region=region@entry=0x555559c90160)
    at ../gtk/gtkwidget.c:11682
#18 0x00007ffff7a8aee9 in surface_render (surface=surface@entry=0x5555598b3360, region=region@entry=0x555559c90160, widget=<optimised out>)
    at ../gtk/gtkwindow.c:4718
#19 0x00007ffff7b795da in _gdk_marshal_BOOLEAN__BOXEDv (closure=closure@entry=0x555559b8c200, return_value=return_value@entry=0x7fffffffbf30, 
    instance=instance@entry=0x5555598b3360, args=args@entry=0x7fffffffc000, marshal_data=<optimised out>, n_params=n_params@entry=1, 
    param_types=0x555555e89ab0) at gdk/gdkmarshalers.c:130
#20 0x00007ffff74881b0 in _g_closure_invoke_va (closure=0x555559b8c200, return_value=0x7fffffffbf30, instance=0x5555598b3360, args=0x7fffffffc000, 
    n_params=1, param_types=0x555555e89ab0) at ../subprojects/glib/gobject/gclosure.c:893
#21 0x00007ffff74a6d6c in g_signal_emit_valist (instance=0x5555598b3360, signal_id=<optimised out>, detail=<optimised out>, 
    var_args=var_args@entry=0x7fffffffc000) at ../subprojects/glib/gobject/gsignal.c:3406
#22 0x00007ffff74a8083 in g_signal_emit (instance=instance@entry=0x5555598b3360, signal_id=<optimised out>, detail=detail@entry=0)
    at ../subprojects/glib/gobject/gsignal.c:3553
#23 0x00007ffff7ba490d in gdk_surface_process_updates_internal (surface=0x5555598b3360) at ../gdk/gdksurface.c:1343
#24 gdk_surface_paint_on_clock (clock=<optimised out>, data=<optimised out>) at ../gdk/gdksurface.c:1431
#25 0x00007ffff74881b0 in _g_closure_invoke_va (closure=0x555559d4fc90, return_value=0x0, instance=0x55555949b8e0, args=0x7fffffffc330, 
    n_params=0, param_types=0x0) at ../subprojects/glib/gobject/gclosure.c:893
#26 0x00007ffff74a7ad8 in g_signal_emit_valist (instance=0x55555949b8e0, signal_id=<optimised out>, detail=0, 
--Type <RET> for more, q to quit, c to continue without paging--c
    var_args=var_args@entry=0x7fffffffc330) at ../subprojects/glib/gobject/gsignal.c:3406
#27 0x00007ffff74a8083 in g_signal_emit (instance=instance@entry=0x55555949b8e0, signal_id=<optimised out>, detail=detail@entry=0) at ../subprojects/glib/gobject/gsignal.c:3553
#28 0x00007ffff7b947a3 in _gdk_frame_clock_emit_paint (frame_clock=frame_clock@entry=0x55555949b8e0) at ../gdk/gdkframeclock.c:708
#29 0x00007ffff7b95280 in gdk_frame_clock_paint_idle (data=<error reading variable: value has been optimised out>) at ../gdk/gdkframeclockidle.c:605
#30 0x00007ffff73921e8 in g_timeout_dispatch (source=0x555557b73f10, callback=<optimised out>, user_data=<optimised out>) at ../subprojects/glib/glib/gmain.c:4965
#31 0x00007ffff739164e in g_main_dispatch (context=0x555555ef6160) at ../subprojects/glib/glib/gmain.c:3413
#32 g_main_context_dispatch (context=context@entry=0x555555ef6160) at ../subprojects/glib/glib/gmain.c:4131
#33 0x00007ffff7391a00 in g_main_context_iterate (context=0x555555ef6160, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimised out>) at ../subprojects/glib/glib/gmain.c:4207
#34 0x00007ffff7391cf3 in g_main_loop_run (loop=0x555558106460) at ../subprojects/glib/glib/gmain.c:4405
#35 0x00005555555fff00 in igtk_main () at cbindings.c:356
#36 0x00005555555eeb54 in c_intrins (icode=<optimised out>, ac=ac@entry=0, tos=0) at intrinsics.c:3736
#37 0x0000555555572030 in Execute (root=<optimised out>) at execute.c:3001
#38 0x000055555556a604 in main (ac=<optimised out>, av=<optimised out>) at sexecute.c:988
(gdb)
master: gtk: Hold reference on style until GtkCssBoxes finalized

Merge request reports
