Ubuntu
gtk+2.0 package

GTK+ Color Picker causes programs to crash for certain colors

Bug #21690 reported by Jonathon Conte
8
Affects Status Importance Assigned to Milestone
gtk+2.0 (Ubuntu)
Invalid
Medium
Sebastien Bacher

Bug Description

I just did a fresh install of Breezy Badger Preview Release on an old Pentium
box. It has a Permedia 2 based graphics card so I have the device driver set as
"glint", the color depth set at 16 and the resolution set at 1024x768 in
xorg.conf. I'm not sure if that pertains to the bug or not.

The problem is that the GTK+ Color Picker causes a program using it to crash
when the Color Picker opens--but only when it opens with certain colors already
selected. The default brown desktop background color is one of the problematic
colors, but not the only one.

Example 1:
After the default Breezy install a user's desktop background color is set to
brown. If I click on the brown GTK+ Color Picker button in the Desktop
Background preferences the color picker window opens briefly then closes and
causes the Desktop Background preferences window to crash. However, if the
background is set to use a horizontal or vertical gradient, a second (gray)
color picker button appears. If I click on the gray button, the color picker
opens normally as this gray color does not cause a problem.

Example 2:
I open gnome-terminal, open Edit Profile window and click on the Colours tab.
One of the built-in schemes is Black on Light Yellow. If I click on the yellow
color picker button, gnome-terminal will crash. But if I click on the black
button, the color picker opens normally.

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks for your bug. Can you get a backtrace of the crash by using gdb?
- gdb gnome-background-properties
(gdb) run
get is crashing...
(gdb) thread apply all bt

Revision history for this message
Jonathon Conte (thesicktwist) wrote :

I ran gdb and this is what is displayed when clicking the brown button to open
the color picker:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread -1223379264 (LWP 5553)]
0xb75f9254 in _cairo_pixman_have_mmx () from /usr/lib/libcairo.so.2

gnome-background-properties then crashes. I restarted the test and switched the
background color to a horizontal gradient. gdb does not display an error when
clicking on the gray button. However, clicking on the brown button causes an
error and results in another crash:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread -1223526720 (LWP 8055)]
0xb75d5254 in _cairo_pixman_have_mmx () from /usr/lib/libcairo.so.2

Revision history for this message
Jonathon Conte (thesicktwist) wrote :

I just noticed that this bug seems to be related to the position of the triangle
on the outer color ring of the custom widget in the GTK+ color picker. If the
triangle is rotated to certain positions, it causes the crash.

To demonstrate, I ran gnome-background-properties from gdb, selected Horizontal
Gradient from the Desktop Colors dropdown list and clicked the right-most color
picker button (currently set to gray).

The GTK+ color picker widget is displayed as normal. However, if I click on any
point of the outer color ring that surrounds the triangle, gdb gives me this
error and gnome-background-properties crashes:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread -1223059776 (LWP 5281)]
0xb7647254 in _cairo_pixman_have_mmx () from /usr/lib/libcairo.so.2

Revision history for this message
Jonathon Conte (thesicktwist) wrote :
Download full text (8.1 KiB)

More output from gdb:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread -1222990144 (LWP 5079)]
0xb7658254 in _cairo_pixman_have_mmx () from /usr/lib/libcairo.so.2

(gdb) thread apply all bt

Thread 1 (Thread -1222990144 (LWP 5079)):
#0 0xb7658254 in _cairo_pixman_have_mmx () from /usr/lib/libcairo.so.2
#1 0xb76582ee in _cairo_pixman_compose_setup_mmx () from /usr/lib/libcairo.so.2
#2 0xb7646e0f in _cairo_pixman_region_intersect () from /usr/lib/libcairo.so.2
#3 0xb762cc27 in cairo_image_surface_get_height () from /usr/lib/libcairo.so.2
#4 0xb7631cfc in cairo_surface_create_similar () from /usr/lib/libcairo.so.2
#5 0xb762a1b2 in cairo_font_options_get_hint_metrics () from /usr/lib/libcairo.so.2
#6 0xb76298fe in cairo_font_options_get_hint_metrics () from /usr/lib/libcairo.so.2
#7 0xb762a5a7 in cairo_font_options_get_hint_metrics () from /usr/lib/libcairo.so.2
#8 0xb762a7ff in cairo_font_options_get_hint_metrics () from /usr/lib/libcairo.so.2
#9 0xb762a8ca in cairo_font_options_get_hint_metrics () from /usr/lib/libcairo.so.2
#10 0xb76249e5 in cairo_stroke_preserve () from /usr/lib/libcairo.so.2
#11 0xb7624a0c in cairo_stroke () from /usr/lib/libcairo.so.2
#12 0xb7d30eb4 in gtk_rgb_to_hsv () from /usr/lib/libgtk-x11-2.0.so.0
#13 0xb7d677cc in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#14 0xb79c9d75 in g_cclosure_new_swap () from /usr/lib/libgobject-2.0.so.0
#15 0xb79ca3a8 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#16 0xb79d8c9f in g_signal_stop_emission () from /usr/lib/libgobject-2.0.so.0
#17 0xb79d9ec3 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#18 0xb79da4c3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#19 0xb7e4988f in gtk_widget_activate () from /usr/lib/libgtk-x11-2.0.so.0
#20 0xb7cdf496 in gtk_container_propagate_expose () from
/usr/lib/libgtk-x11-2.0.so.0
#21 0xb7cdf4ed in gtk_container_propagate_expose () from
/usr/lib/libgtk-x11-2.0.so.0
#22 0xb7ca4dc8 in gtk_box_reorder_child () from /usr/lib/libgtk-x11-2.0.so.0
#23 0xb7cdd9da in gtk_container_forall () from /usr/lib/libgtk-x11-2.0.so.0
#24 0xb7cdf261 in gtk_container_get_focus_hadjustment () from
/usr/lib/libgtk-x11-2.0.so.0
#25 0xb7d677cc in _gtk_marshal_BOOLEAN__BOXED () from /usr/lib/libgtk-x11-2.0.so.0
#26 0xb79c9d75 in g_cclosure_new_swap () from /usr/lib/libgobject-2.0.so.0
#27 0xb79ca3a8 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#28 0xb79d8c9f in g_signal_stop_emission () from /usr/lib/libgobject-2.0.so.0
#29 0xb79d9ec3 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#30 0xb79da4c3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#31 0xb7e4988f in gtk_widget_activate () from /usr/lib/libgtk-x11-2.0.so.0
#32 0xb7cdf496 in gtk_container_propagate_expose () from
/usr/lib/libgtk-x11-2.0.so.0
#33 0xb7cdf4ed in gtk_container_propagate_expose () from
/usr/lib/libgtk-x11-2.0.so.0
#34 0xb7ca4dc8 in gtk_box_reorder_child () from /usr/lib/libgtk-x11-2.0.so.0
#35 0xb7cdd9da in gtk_container_forall () from /usr/lib/libgtk-x11-2.0.so.0
#36 0xb7cdf261 in gtk_container_get_focus_hadjustment () from
/usr/lib/libgtk-x11-2.0.so.0
#37 0xb7d677cc in _gtk_marshal_BOO...

Read more...

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks, that's the same issue as #15091

This bug has been marked as a duplicate of bug 21315.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.