Compiz crashes with SIGSEGV in PrivateWindow::configure

Bug #918762 reported by Sam Spilsbury
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Compiz Core
Fix Released
High
Sam Spilsbury
compiz (Ubuntu)
Fix Released
High
Sam Spilsbury

Bug Description

An override redirect which is stacked at the bottom and receives a ConfigureNotify event to restack higher up will cause compiz to crash.

The following patch fixe sthat

:=== modified file 'src/window.cpp'
--- src/window.cpp 2011-10-19 04:08:25 +0000
+++ src/window.cpp 2012-01-19 15:53:39 +0000
@@ -1997,8 +1997,16 @@
     if (priv->geometry.border () != ce->border_width)
  valueMask |= CWBorderWidth;

- if (ROOTPARENT (window->prev) != ce->above)
- valueMask |= CWSibling | CWStackMode;
+ if (window->prev)
+ {
+ if (ROOTPARENT (window->prev) != ce->above)
+ valueMask |= CWSibling | CWStackMode;
+ }
+ else
+ {
+ if (ce->above != 0)
+ valueMask |= CWSibling | CWStackMode;
+ }

     priv->attrib.override_redirect = ce->override_redirect;

Program received signal SIGSEGV, Segmentation fault.
0x00000000004cdcdc in CompWindow::frame (this=0x0) at /home/miso-work/unity/source/compiz-core/src/window.cpp:5954
5954 return priv->serverFrame;
#0 0x00000000004cdcdc in CompWindow::frame (this=0x0) at /home/miso-work/unity/source/compiz-core/src/window.cpp:5954
#1 0x00000000004c0df9 in PrivateWindow::configure (this=0x89aca0, ce=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/window.cpp:2000
#2 0x00000000004ec81f in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:1050
#3 0x00007fffebb9f93b in PrivateCompositeScreen::handleEvent (this=0x928d40, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/composite/src/screen.cpp:102
#4 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#5 0x00007fffeb940825 in PrivateGLScreen::handleEvent (this=0xaf0150, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/opengl/src/screen.cpp:607
#6 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#7 0x00007fffe8969525 in DecorScreen::handleEvent (this=0xb7b6c0, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/decor/src/decor.cpp:1614
#8 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#9 0x00007fffe8521170 in RegexScreen::handleEvent (this=0xafe390, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/regex/src/regex.cpp:250
#10 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#11 0x00007fffe80ea0e3 in ResizeScreen::handleEvent (this=0xb688e0, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/resize/src/resize.cpp:1498
#12 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#13 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#14 0x00007fffe779d9de in PlaceScreen::handleEvent (this=0xc17890, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/place/src/place.cpp:392
#15 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#16 0x00007fffe7574fd0 in SessionScreen::handleEvent (this=0xbc35d0, event=0x9b1a430) at /home/miso-work/unity/source/compiz-plugins-main/session/src/session.cpp:707
#17 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#18 0x00007fffe71369d7 in MoveScreen::handleEvent (this=0xba5600, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/move/src/move.cpp:672
#19 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#20 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#21 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#22 0x00007fffe646feca in UnityMTGrabHandlesScreen::handleEvent (this=0xbad040, event=0x9b1a430) at /home/miso-work/unity/source/unity/plugins/unity-mt-grab-handles/src/unity-mt-grab-handles.cpp:360
#23 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#24 0x00007fffe5423aae in FadeScreen::handleEvent (this=0xd0d130, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/fade/src/fade.cpp:67
#25 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#26 0x00007fffe51f971d in WorkaroundsScreen::handleEvent (this=0xd4a440, event=0x9b1a430) at /home/miso-work/unity/source/compiz-plugins-main/workarounds/src/workarounds.cpp:941
#27 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#28 0x00007fffe4fbc9e0 in PrivateScaleScreen::handleEvent (this=0xd47400, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/plugins/scale/src/scale.cpp:1594
#29 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#30 0x00007fffe44d8e03 in unity::UnityScreen::handleEvent (this=0xe38370, event=0x9b1a430) at /home/miso-work/unity/source/unity/plugins/unityshell/src/unityshell.cpp:1164
#31 0x00000000004ec503 in CompScreen::handleEvent (this=0x787370, event=0x9b1a430) at /home/miso-work/unity/source/compiz-core/src/event.cpp:987
#32 0x0000000000494898 in PrivateScreen::processEvents (this=0x87f5f0) at /home/miso-work/unity/source/compiz-core/src/screen.cpp:748
#33 0x00000000004fa623 in CompEventSource::callback (this=0x8e9c70) at /home/miso-work/unity/source/compiz-core/src/eventsource.cpp:71
#34 0x00000000004fad17 in sigc::bound_mem_functor0<bool, CompEventSource>::operator() (this=0x927b48) at /usr/include/sigc++-2.0/sigc++/functors/mem_fun.h:1787
#35 0x00000000004fac5e in sigc::adaptor_functor<sigc::bound_mem_functor0<bool, CompEventSource> >::operator() (this=0x927b40) at /usr/include/sigc++-2.0/sigc++/adaptors/adaptor_trait.h:251
#36 0x00000000004fab39 in sigc::internal::slot_call0<sigc::bound_mem_functor0<bool, CompEventSource>, bool>::call_it (rep=0x927b10) at /usr/include/sigc++-2.0/sigc++/functors/slot.h:103
#37 0x000000000048cc90 in sigc::slot0<bool>::operator() (this=0x8f4020) at /usr/include/sigc++-2.0/sigc++/functors/slot.h:440
#38 0x00000000004fa6c8 in CompEventSource::dispatch (this=0x8e9c70, slot=0x8f4020) at /home/miso-work/unity/source/compiz-core/src/eventsource.cpp:94
#39 0x00007ffff67a348f in Glib::Source::dispatch_vfunc(_GSource*, int (*)(void*), void*) () from /usr/lib/x86_64-linux-gnu/libglibmm-2.4.so.1
#40 0x00007ffff62ad6ca in g_main_dispatch (context=0x793c50) at /build/buildd/glib2.0-2.31.8/./glib/gmain.c:2513
#41 g_main_context_dispatch (context=0x793c50) at /build/buildd/glib2.0-2.31.8/./glib/gmain.c:3050
#42 0x00007ffff62ada90 in g_main_context_iterate (dispatch=1, block=<optimized out>, context=0x793c50, self=<optimized out>) at /build/buildd/glib2.0-2.31.8/./glib/gmain.c:3121
#43 g_main_context_iterate (context=0x793c50, block=<optimized out>, dispatch=1, self=<optimized out>) at /build/buildd/glib2.0-2.31.8/./glib/gmain.c:3058
#44 0x00007ffff62ade8a in g_main_loop_run (loop=0xb0fa40) at /build/buildd/glib2.0-2.31.8/./glib/gmain.c:3315
#45 0x00000000004926f8 in CompScreen::eventLoop (this=0x787370) at /home/miso-work/unity/source/compiz-core/src/screen.cpp:129
#46 0x000000000048eceb in CompManager::run (this=0x7fffffffd970) at /home/miso-work/unity/source/compiz-core/src/main.cpp:261
#47 0x000000000048ee63 in main (argc=2, argv=0x7fffffffda98) at /home/miso-work/unity/source/compiz-core/src/main.cpp:306

No testcase available, but a fairly straightforward fix (null check)

Related branches

Changed in compiz-core:
status: New → Confirmed
importance: Undecided → High
assignee: nobody → Sam Spilsbury (smspillaz)
Changed in compiz (Ubuntu):
assignee: nobody → Sam Spilsbury (smspillaz)
Changed in compiz-core:
milestone: none → 0.9.5.96
Changed in compiz (Ubuntu):
status: New → Confirmed
Omer Akram (om26er)
Changed in compiz (Ubuntu):
importance: Undecided → High
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

The fix is already upstream in lp:compiz-core. Just missing in oneiric/ubuntu branches.

Changed in compiz-core:
status: Confirmed → Fix Committed
Changed in compiz-core:
milestone: 0.9.5.96 → 0.9.7.0
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Fix released in:
compiz (1:0.9.7.0~bzr2995-0ubuntu1) precise; urgency=low

Changed in compiz (Ubuntu):
status: Confirmed → Fix Released
Changed in compiz-core:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.