Xfdesktop segfaults when I move cusror to the left edge of the screen. Here's what dmesg says: [106163.535962] xfdesktop[7218]: segfault at 6f1 ip 0000000000420e00 sp 00007ffe123c9f10 error 4 in xfdesktop[400000+52000] [106166.537584] xfdesktop[7224]: segfault at 6f1 ip 0000000000420e00 sp 00007ffee7eed7c0 error 4 in xfdesktop[400000+52000] Here's backtrace from one of core dumps: (gdb) bt #0 0x0000000000420e00 in xfdesktop_icon_get_extents () #1 0x0000000000428918 in ?? () #2 0x00007f86a63d190f in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #3 0x00007f86a4bf8175 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #4 0x00007f86a4c09a5c in ?? () from /usr/lib/libgobject-2.0.so.0 #5 0x00007f86a4c12205 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #6 0x00007f86a4c1295f in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 #7 0x00007f86a64e8b9c in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #8 0x00007f86a63d0054 in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0 #9 0x00007f86a63d04eb in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0 #10 0x00007f86a60432cc in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #11 0x00007f86a492171d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #12 0x00007f86a4921a08 in ?? () from /usr/lib/libglib-2.0.so.0 #13 0x00007f86a4921d32 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #14 0x00007f86a63cf467 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #15 0x000000000041ef67 in ?? () #16 0x000000000041f454 in ?? () #17 0x00007f86a491e1e8 in ?? () from /usr/lib/libglib-2.0.so.0 #18 0x00007f86a491ebd7 in ?? () from /usr/lib/libglib-2.0.so.0 #19 0x00007f86a4921668 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #20 0x00007f86a4921a08 in ?? () from /usr/lib/libglib-2.0.so.0 #21 0x00007f86a4921abc in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #22 0x00007f86a535d09c in g_application_run () from /usr/lib/libgio-2.0.so.0 #23 0x0000000000415237 in main ()
I've rebuild package with debug enabled. Here's a little bit more informative backtrace: Program received signal SIGSEGV, Segmentation fault. 0x00000000004226e4 in xfdesktop_icon_get_extents (icon=icon@entry=0x6f1, pixbuf_extents=pixbuf_extents@entry=0x0, text_extents=text_extents@entry=0x0, total_extents=total_extents@entry=0x7fffffffd940) at xfdesktop-icon.c:186 186 g_return_val_if_fail(XFDESKTOP_IS_ICON(icon), FALSE); (gdb) bt #0 0x00000000004226e4 in xfdesktop_icon_get_extents (icon=icon@entry=0x6f1, pixbuf_extents=pixbuf_extents@entry=0x0, text_extents=text_extents@entry=0x0, total_extents=total_extents@entry=0x7fffffffd940) at xfdesktop-icon.c:186 #1 0x000000000042abc8 in xfdesktop_icon_view_motion_notify (widget=<optimized out>, evt=0x872a70, user_data=0x6c1740) at xfdesktop-icon-view.c:1387 #2 0x00007ffff619590f in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #3 0x00007ffff49d7175 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #4 0x00007ffff49e8a5c in ?? () from /usr/lib/libgobject-2.0.so.0 #5 0x00007ffff49f1205 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #6 0x00007ffff49f195f in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 #7 0x00007ffff62acb9c in ?? () from /usr/lib/libgtk-x11-2.0.so.0 #8 0x00007ffff6194054 in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0 #9 0x00007ffff61944eb in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0 #10 0x00007ffff5e092cc in ?? () from /usr/lib/libgdk-x11-2.0.so.0 #11 0x00007ffff470271d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #12 0x00007ffff4702a08 in ?? () from /usr/lib/libglib-2.0.so.0 #13 0x00007ffff4702d32 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #14 0x00007ffff6193467 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #15 0x000000000041fc09 in xfdesktop_application_start (app=0x670150) at xfdesktop-application.c:768 #16 0x000000000041ff64 in cb_wait_for_window_manager_destroyed (data=0x7fffe4003c70) at xfdesktop-application.c:630 #17 0x00007ffff46ff1e8 in ?? () from /usr/lib/libglib-2.0.so.0 #18 0x00007ffff46ffbd7 in ?? () from /usr/lib/libglib-2.0.so.0 #19 0x00007ffff4702668 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #20 0x00007ffff4702a08 in ?? () from /usr/lib/libglib-2.0.so.0 #21 0x00007ffff4702abc in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0 #22 0x00007ffff512e09c in g_application_run () from /usr/lib/libgio-2.0.so.0 #23 0x0000000000420f8d in xfdesktop_application_run (app=<optimized out>, argc=<optimized out>, argv=<optimized out>) at xfdesktop-application.c:777 #24 0x0000000000415887 in main (argc=1, argv=0x7fffffffe788) at main.c:86
It gets called from line 1387: if(icon && xfdesktop_icon_get_extents(icon, NULL, NULL, &extents) && xfdesktop_rectangle_contains_point(&extents, evt->x, evt->y))
It seems that it happens because the ‘col’ value calculated by xfdesktop_xy_to_rowcol() is -1, and that results to negative idx in xfdesktop_icon_view_icon_in_cell(). This way XfdesktopIcon *icon = icon_view->priv->grid_layout[idx]; probably results in a bogus value → segfault when we try to do something with it.
Created attachment 6151 Patch fixes the crash, but it makes it impossible to place icons at the leftmost column
I've noticed one more thing. Crash seems to happen only when there is space reserved by a panel on the left side of the screen.
Created attachment 6154 Add assertion idx >= 0 This patch fixes the crash, but it makes it impossible to place icons at the leftmost column. To fix that issue, calculation of column number should be changed. --- I've corrected 'idx > 0' to 'idx >= 0' in the previously sent patch.
I am not able to trigger this crash (using git master). Is there anything else special about your test environment?
(In reply to Thaddaeus Tintenfisch from comment #7) > I am not able to trigger this crash (using git master). > > Is there anything else special about your test environment? I have panel on the left side of the screen, with 'Reserve space on borders' enabled. Aside from that, nothing special. It also happens only when the panel is on the left side. If I move it elsewhere, crash doesn't occur. I am using Arch Linux, and I was able to trigger on two machines (both git master and stable release), and also asked a friend, who was able to reproduce it.
Also, xfdesktop crashes only when cursor is over the desktop itself, it doesn't crash when cursor is over the panel. And sometimes it doesn't crash immediately, but after a second.
I've managed to trigger the crash on an (almost) clean installation of openSUSE Tumbleweed. It seems to be somewhat harder to trigger than on my Arch installs, but still happens. Here's what I did: 1. Changed stock panel mode to 'Deskbar', moved it to the left side of the screen. 2. Unchecked “Reserve space on borders”. 3. Set row size to 32 pixels, number of rows to 3, and length to 75% 4. Move cursor to the left edge 5. Move curser back and forth for a few seconds Now, every time when I move cursor to the very left edge, xfdesktop segfaults. [ 344.383725] traps: xfdesktop[1684] general protection ip:423f59 sp:7ffdc1a32760 error:0 in xfdesktop[400000+59000] [ 345.903891] traps: xfdesktop[1826] general protection ip:423f59 sp:7fffad3cdad0 error:0 in xfdesktop[400000+59000] [ 346.629598] traps: xfdesktop[1831] general protection ip:423f59 sp:7ffc63bba680 error:0 in xfdesktop[400000+59000]
Created attachment 6162 patch Thanks. I was able to reproduce the crash which should be fixed by the attached patch.
I confirm, patch works for me.
Thanks for the patch, pushed to master in: commit 33f185a38f346243debc2608d8a71571e3b18231 Author: Thaddaeus Tintenfisch <thad.fisch@gmail.com> Date: Thu Apr 2 11:17:24 2015 +0200 Fix crash (Bug #11782) Bail out when a negative value was calculated for row/col. Signed-off-by: Eric Koegel <eric.koegel@gmail.com> http://git.xfce.org/xfce/xfdesktop/commit/?id=33f185a38f346243debc2608d8a71571e3b18231