Ubuntu
compiz package

gtk-window-decorator crashed with SIGSEGV in get_button_position()

Bug #828085 reported by jmullee
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
compiz (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

oneiric

ProblemType: Crash
DistroRelease: Ubuntu 11.10
Package: compiz-gnome 1:0.9.5.0-0ubuntu5
ProcVersionSignature: Ubuntu 3.0.0-8.11-generic 3.0.1
Uname: Linux 3.0.0-8-generic x86_64
NonfreeKernelModules: fglrx
Architecture: amd64
BootLog:
 fsck from util-linux 2.19.1
 /dev/sda1: clean, 826287/29835264 files, 20296499/119315200 blocks
CompizPlugins: [core,bailer,detection,composite,opengl,decor,dbus,grid,snap,move,gnomecompat,vpswitch,compiztoolbox,place,imgpng,scale,resize,regex,mousepoll,workarounds,session,thumbnail,switcher,resizeinfo,scaleaddon]
CompositorRunning: compiz
Date: Wed Aug 17 15:58:40 2011
DistUpgraded: Log time: 2011-04-30 11:59:28.146353
DistroCodename: oneiric
DistroVariant: ubuntu
ExecutablePath: /usr/bin/gtk-window-decorator
GraphicsCard:
 ATI Technologies Inc RS780M/RS780MN [Radeon HD 3200 Graphics] [1002:9612] (prog-if 00 [VGA controller])
   Subsystem: Toshiba America Info Systems Device [1179:ffb0]
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
JockeyStatus: xorg:fglrx - ATI/AMD proprietary FGLRX graphics driver (Proprietary, Enabled, In use)
LightdmDisplayLog:

LightdmGreeterLog:

LightdmLog:

MachineType: TOSHIBA Satellite L450D
ProcCmdline: /usr/bin/gtk-window-decorator
ProcEnviron:
 PATH=(custom, user)
 LANG=en_IE.UTF-8
 SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.0.0-8-generic root=UUID=f147b097-ecd0-41d9-95ec-e089cec9192a ro quiet splash vt.handoff=7
SegvAnalysis:
 Segfault happened at: 0x40ca7c <get_button_position+236>: mov 0x20(%rdi),%r11d
 PC (0x0040ca7c) ok
 source "0x20(%rdi)" (0x00000020) not located in a known VMA region (needed readable region)!
 destination "%r11d" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: compiz
StacktraceTop:
 get_button_position ()
 ?? ()
 ?? () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
 gtk_menu_popup () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
 action_menu_map ()
Title: gtk-window-decorator crashed with SIGSEGV in get_button_position()
UdevDb: Error: [Errno 2] No such file or directory
UpgradeStatus: Upgraded to oneiric on 2011-04-30 (108 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare www-data
dmi.bios.date: 11/17/2009
dmi.bios.vendor: TOSHIBA
dmi.bios.version: V1.20
dmi.board.name: NBWAE
dmi.board.vendor: TOSHIBA
dmi.board.version: 1.00
dmi.chassis.asset.tag: *
dmi.chassis.type: 10
dmi.chassis.vendor: TOSHIBA
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnTOSHIBA:bvrV1.20:bd11/17/2009:svnTOSHIBA:pnSatelliteL450D:pvrPSLY5E-01M01LEN:rvnTOSHIBA:rnNBWAE:rvr1.00:cvnTOSHIBA:ct10:cvrN/A:
dmi.product.name: Satellite L450D
dmi.product.version: PSLY5E-01M01LEN
dmi.sys.vendor: TOSHIBA
version.compiz: compiz 1:0.9.5.0-0ubuntu5
version.fglrx-installer: fglrx-installer N/A
version.ia32-libs: ia32-libs 20090808ubuntu13
version.libdrm2: libdrm2 2.4.26-1ubuntu1
version.libgl1-mesa-dri: libgl1-mesa-dri 7.11-0ubuntu3
version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
version.libgl1-mesa-glx: libgl1-mesa-glx 7.11-0ubuntu3
version.xserver-xorg: xserver-xorg 1:7.6+7ubuntu6
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.6.0-1ubuntu13
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:6.14.99~git20110811.g93fc084-0ubuntu1
version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.15.901-1ubuntu2
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:0.0.16+git20110411+8378443-1

Revision history for this message
jmullee (jmullee) wrote :
visibility: private → public
Revision history for this message
Alex Launi (alexlauni) wrote :

Sadly apport did not get a good trace from your crash. Is this something that happens regularly or did it just happen this one time?

Changed in compiz (Ubuntu):
status: New → Incomplete
Revision history for this message
jmullee (jmullee) wrote :
Download full text (4.5 KiB)

Figuring out how to get a backtrace was a bit tricky, there should be a howto or somesuch .. https://wiki.edubuntu.org/DebuggingProgramCrash is incomplete and lacks detail.

root@tosh:/usr/src# gdb /usr/lib/debug/usr/bin/gtk-window-decorator /var/crash/_usr_bin_gtk-window-decorator.1000.core
GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /usr/lib/debug/usr/bin/gtk-window-decorator...done.

warning: core file may not match specified executable file.
[New LWP 2493]
[New LWP 2495]
[New LWP 3025]
[New LWP 3024]
Core was generated by `/usr/bin/gtk-window-decorator'.
Program terminated with signal 11, Segmentation fault.
#0 get_button_position (d=<optimized out>, i=3, width=1366, height=768, x=0x7fffd04187b0, y=0x7fffd04187b4, w=0x7fffd04187b8, h=0x7fffd04187bc) at /build/buildd/compiz-0.9.5.0/gtk/window-decorator/cairo.c:832
832 /build/buildd/compiz-0.9.5.0/gtk/window-decorator/cairo.c: No such file or directory.
 in /build/buildd/compiz-0.9.5.0/gtk/window-decorator/cairo.c
(gdb) backtrace full
#0 get_button_position (d=<optimized out>, i=3, width=1366, height=768, x=0x7fffd04187b0, y=0x7fffd04187b4, w=0x7fffd04187b8, h=0x7fffd04187bc) at /build/buildd/compiz-0.9.5.0/gtk/window-decorator/cairo.c:832
No locals.
#1 0x00007fffd0418858 in ?? ()
No symbol table info available.
#2 0x0000000000413d66 in position_action_menu (menu=0x2532000, x=0x7fffd0418858, y=0x7fffd041885c, push_in=0x2532158, user_data=0x24f14b0) at /build/buildd/compiz-0.9.5.0/gtk/window-decorator/actionmenu.c:44
        win = 0x24f14b0
        frame = 0x24f0930
        d = <optimized out>
        bx = 6
        by = 0
        width = 1366
        height = 768
#3 0x00007fffd04187b8 in ?? ()
No symbol table info available.
#4 0x00007fffd04187bc in ?? ()
No symbol table info available.
#5 0x000000000250e860 in ?? ()
No symbol table info available.
#6 0x00000000025082e0 in ?? ()
No symbol table info available.
#7 0x0000000002532158 in ?? ()
No symbol table info available.
#8 0x0000000002532000 in ?? ()
No symbol table info available.
#9 0x00000000000001fd in ?? ()
No symbol table info available.
#10 0x000000000250e860 in ?? ()
No symbol table info available.
#11 0x0000000000000006 in ?? ()
No symbol table info available.
#12 0x0000030000000556 in ?? ()
No symbol table info available.
#13 0x0000000000000001 in ?? ()
No symbol table info available.
#14 0x0000000002532000 in ?? ()
No symbol table info available.
#15 0x0000000002532150 in ?? ()
No symbol table info available.
#16 0x00000000023f8000 in ?? ()
No symbol table info available.
#17 0x0000000000000001 in ?? ()
No symbol table info available.
#18 0x0000000000000001 in ?? ()
No symbol table info available.
#19 0x0000000000413cb0 in ?? () at /build/buildd/compiz-0.9.5.0/gt...

Read more...

Revision history for this message
jmullee (jmullee) wrote :
Download full text (5.9 KiB)

looks like the culprit is "d->frame->titlebar_height"

#################

action_menu_map (WnckWindow *win, long button, Time time) {
...

if (!button || button == 1)
 {
 gtk_menu_popup (GTK_MENU (action_menu), NULL, NULL, position_action_menu, (gpointer) win, button, time);

// CALLS :

position_action_menu (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer user_data)
 {
 WnckWindow *win = (WnckWindow *) user_data;
 ...
 gint bx, by, width, height;
 wnck_window_get_client_window_geometry (win, x, y, &width, &height);
 if ((*theme_get_button_position) (d, BUTTON_MENU, width, height, &bx, &by, &width, &height))

// WHICH CALLS

get_button_position (decor_t *d, gint i, gint width, gint height, gint *x, gint *y, gint *w, gint *h)
 {
 ...
// FAULT : SIGSEGV
 *y = bpos[i].y + bpos[i].yh * height + bpos[i].yth * (d->frame->titlebar_height - 17);

#################

grep_-n_^_/usr/src/compiz-0.9.5.0/gtk/window-decorator/cairo.c_|_head_-n_850_|_tail_-n_70
intermixed with gdb disassemble /m

809:gboolean
810:get_button_position_(decor_t_*d,
811:_____gint____i,
812:_____gint____width,
813:_____gint____height,
814:_____gint____*x,
815:_____gint____*y,
816:_____gint____*w,
817:_____gint____*h)
818:{
___0x000000000040c995_<+5>:________push___%rbx
819:____if_(i_>_BUTTON_MENU)
___0x000000000040c992_<+2>:________cmp____$0x3,%esi
___0x000000000040c996_<+6>:________jg_____0x40ca4f_<get_button_position+191>
820:________return_FALSE;
___0x000000000040c990_<+0>:________xor____%eax,%eax
821:
822:____if_(d->frame_window)
___0x000000000040c99c_<+12>:________cmpq___$0x0,0x218(%rdi)
___0x000000000040c9a4_<+20>:________je_____0x40ca58_<get_button_position+200>
823:____{
824:________*x_=_bpos[i].x_+_bpos[i].xw_*_width_+_d->frame->win_extents.left_+_4;
___0x000000000040c9aa_<+26>:________movslq_%esi,%r10
___0x000000000040c9ad_<+29>:________mov____0x8(%rdi),%rdi
___0x000000000040c9b1_<+33>:________lea____(%r10,%r10,4),%r11
___0x000000000040c9b5_<+37>:________shl____$0x3,%r11
___0x000000000040c9b9_<+41>:________mov____0x61daf0(%r11),%eax
___0x000000000040c9c0_<+48>:________imul___%edx,%eax
___0x000000000040c9c3_<+51>:________add____0x61dae0(%r11),%eax
___0x000000000040c9ca_<+58>:________add____(%rdi),%eax
___0x000000000040c9cc_<+60>:________add____$0x4,%eax
___0x000000000040c9cf_<+63>:________mov____%eax,(%r8)
825:________*y_=_bpos[i].y_+_bpos[i].yh_*_height_+_bpos[i].yth_*
___0x000000000040c9d5_<+69>:________mov____0x61daf4(%r11),%ebx
___0x000000000040c9df_<+79>:________imul___0x61db00(%r11),%eax
___0x000000000040c9e7_<+87>:________imul___%ecx,%ebx
___0x000000000040c9ea_<+90>:________add____%ebx,%eax
___0x000000000040c9ec_<+92>:________add____0x61dae4(%r11),%eax
826:____________(d->frame->titlebar_height_-_17)_+_d->frame->win_extents.top_+_2;
___0x000000000040c9d2_<+66>:________mov____0x20(%rdi),%eax
___0x000000000040c9dc_<+76>:________sub____$0x11,%eax
___0x000000000040c9f3_<+99>:________add____0x8(%rdi),%eax
___0x000000000040c9f6_<+102>:________add____$0x2,%eax
___0x000000000040c9f9_<+105>:________mov____%eax,(%r9)
827:____}
828:____else
829:____{
830:________*x_=_bpos[i].x_+_bpos[i].xw_*_width;
___0x000000000040ca58_<+200>:________movslq_%esi,%r10
___0x000...

Read more...

jmullee (jmullee)
Changed in compiz (Ubuntu):
status: Incomplete → New
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 update_border_extents (frame=<optimized out>) at /build/buildd/compiz-0.9.5.92+bzr2791/gtk/window-decorator/cairo.c:915
 ?? ()
 ?? ()
 ?? ()
 ?? ()

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in compiz (Ubuntu):
status: New → Invalid
Revision history for this message
Apport retracing service (apport) wrote : Crash report cannot be processed
Download full text (5.5 KiB)

Thank you for your report!

However, processing it in order to get sufficient information for the
developers failed (it does not generate an useful symbolic stack trace). This
might be caused by some outdated packages which were installed on your system
at the time of the report:

libgcc1 version 1:4.6.1-7ubuntu1 required, but 1:4.6.1-7ubuntu2 is available
outdated debug symbol package for libavahi-common3: package version 0.6.30-4ubuntu1 dbgsym version 0.6.30-0ubuntu2
libdecoration0 version 1:0.9.5.0-0ubuntu5 required, but 1:0.9.5.92+bzr2791-0ubuntu1 is available
outdated debug symbol package for libtiff4: package version 3.9.5-1ubuntu1 dbgsym version 3.9.4-5ubuntu6
compiz-gnome version 1:0.9.5.0-0ubuntu5 required, but 1:0.9.5.92+bzr2791-0ubuntu1 is available
compizconfig-backend-gconf version 0.9.5.0-0ubuntu1 required, but 0.9.5.92-0ubuntu2 is available
fontconfig version 2.8.0-3ubuntu1 required, but 2.8.0-3ubuntu2 is available
outdated debug symbol package for libnih1: package version 1.0.3-4ubuntu2 dbgsym version 1.0.3-1ubuntu1
outdated debug symbol package for libsigc++-2.0-0c2a: package version 2.2.9-1 dbgsym version 2.2.4.2-1ubuntu1
libpam-modules version 1.1.3-1ubuntu3 required, but 1.1.3-2ubuntu1 is available
libpam0g version 1.1.3-1ubuntu3 required, but 1.1.3-2ubuntu1 is available
outdated debug symbol package for dbus: package version 1.4.12-4ubuntu2 dbgsym version 1.4.6-1ubuntu6.1
libpam-modules-bin version 1.1.3-1ubuntu3 required, but 1.1.3-2ubuntu1 is available
outdated debug symbol package for busybox-initramfs: package version 1:1.18.4-2ubuntu1 dbgsym version 1:1.17.1-10ubuntu1
outdated debug symbol package for psmisc: package version 22.14-1 dbgsym version 22.13-1
outdated debug symbol package for libslang2: package version 2.2.4-2ubuntu1 dbgsym version 2.2.2-4ubuntu2
compiz-plugins-default version 1:0.9.5.0-0ubuntu5 required, but 1:0.9.5.92+bzr2791-0ubuntu1 is available
libfontconfig1 version 2.8.0-3ubuntu1 required, but 2.8.0-3ubuntu2 is available
outdated debug symbol package for libk5crypto3: package version 1.9.1+dfsg-1ubuntu1 dbgsym version 1.8.3+dfsg-5ubuntu2.1
libudev0 version 173-0ubuntu1 required, but 173-0ubuntu3 is available
udev version 173-0ubuntu1 required, but 173-0ubuntu3 is available
outdated debug symbol package for libavahi-client3: package version 0.6.30-4ubuntu1 dbgsym version 0.6.30-0ubuntu2
metacity-common version 1:2.34.0-0ubuntu2 required, but 1:2.34.1-1ubuntu1 is available
outdated debug symbol package for passwd: package version 1:4.1.4.2+svn3283-3ubuntu2 dbgsym version 1:4.1.4.2+svn3283-3ubuntu1
outdated debug symbol package for libkrb5-3: package version 1.9.1+dfsg-1ubuntu1 dbgsym version 1.8.3+dfsg-5ubuntu2.1
outdated debug symbol package for libglibmm-2.4-1c2a: package version 2.28.1-1 dbgsym version 2.28.0-1
fontconfig-config version 2.8.0-3ubuntu1 required, but 2.8.0-3ubuntu2 is available
libcompizconfig0 version 0.9.5.0-0ubuntu2 required, but 0.9.5.92-0ubuntu2 is available
libklibc version 1.5.22-1ubuntu1 required, but 1.5.22-1ubuntu2 is available
libglib2.0-0 version 2.29.16-0ubuntu1 required, but 2.29.16-0ubuntu2 is available
outdated debug symbol package for libdbus-1-3: package version ...

Read more...

tags: removed: need-amd64-retrace
Revision history for this message
Mark Campbell (campbemw) wrote :

I see this on up-to-date Ubuntu 12.04 when a window is maximized and I press Alt-spacebar to get to the window menu.

To post a comment you must log in.