looks like the culprit is "d->frame->titlebar_height"
#################
action_menu_map (WnckWindow *win, long button, Time time) { ...
if (!button || button == 1) { gtk_menu_popup (GTK_MENU (action_menu), NULL, NULL, position_action_menu, (gpointer) win, button, time);
// CALLS :
position_action_menu (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer user_data) { WnckWindow *win = (WnckWindow *) user_data; ... gint bx, by, width, height; wnck_window_get_client_window_geometry (win, x, y, &width, &height); if ((*theme_get_button_position) (d, BUTTON_MENU, width, height, &bx, &by, &width, &height))
// WHICH CALLS
get_button_position (decor_t *d, gint i, gint width, gint height, gint *x, gint *y, gint *w, gint *h) { ... // FAULT : SIGSEGV *y = bpos[i].y + bpos[i].yh * height + bpos[i].yth * (d->frame->titlebar_height - 17);
grep_-n_^_/usr/src/compiz-0.9.5.0/gtk/window-decorator/cairo.c_|_head_-n_850_|_tail_-n_70 intermixed with gdb disassemble /m
809:gboolean 810:get_button_position_(decor_t_*d, 811:_____gint____i, 812:_____gint____width, 813:_____gint____height, 814:_____gint____*x, 815:_____gint____*y, 816:_____gint____*w, 817:_____gint____*h) 818:{ ___0x000000000040c995_<+5>:________push___%rbx 819:____if_(i_>_BUTTON_MENU) ___0x000000000040c992_<+2>:________cmp____$0x3,%esi ___0x000000000040c996_<+6>:________jg_____0x40ca4f_<get_button_position+191> 820:________return_FALSE; ___0x000000000040c990_<+0>:________xor____%eax,%eax 821: 822:____if_(d->frame_window) ___0x000000000040c99c_<+12>:________cmpq___$0x0,0x218(%rdi) ___0x000000000040c9a4_<+20>:________je_____0x40ca58_<get_button_position+200> 823:____{ 824:________*x_=_bpos[i].x_+_bpos[i].xw_*_width_+_d->frame->win_extents.left_+_4; ___0x000000000040c9aa_<+26>:________movslq_%esi,%r10 ___0x000000000040c9ad_<+29>:________mov____0x8(%rdi),%rdi ___0x000000000040c9b1_<+33>:________lea____(%r10,%r10,4),%r11 ___0x000000000040c9b5_<+37>:________shl____$0x3,%r11 ___0x000000000040c9b9_<+41>:________mov____0x61daf0(%r11),%eax ___0x000000000040c9c0_<+48>:________imul___%edx,%eax ___0x000000000040c9c3_<+51>:________add____0x61dae0(%r11),%eax ___0x000000000040c9ca_<+58>:________add____(%rdi),%eax ___0x000000000040c9cc_<+60>:________add____$0x4,%eax ___0x000000000040c9cf_<+63>:________mov____%eax,(%r8) 825:________*y_=_bpos[i].y_+_bpos[i].yh_*_height_+_bpos[i].yth_* ___0x000000000040c9d5_<+69>:________mov____0x61daf4(%r11),%ebx ___0x000000000040c9df_<+79>:________imul___0x61db00(%r11),%eax ___0x000000000040c9e7_<+87>:________imul___%ecx,%ebx ___0x000000000040c9ea_<+90>:________add____%ebx,%eax ___0x000000000040c9ec_<+92>:________add____0x61dae4(%r11),%eax 826:____________(d->frame->titlebar_height_-_17)_+_d->frame->win_extents.top_+_2; ___0x000000000040c9d2_<+66>:________mov____0x20(%rdi),%eax ___0x000000000040c9dc_<+76>:________sub____$0x11,%eax ___0x000000000040c9f3_<+99>:________add____0x8(%rdi),%eax ___0x000000000040c9f6_<+102>:________add____$0x2,%eax ___0x000000000040c9f9_<+105>:________mov____%eax,(%r9) 827:____} 828:____else 829:____{ 830:________*x_=_bpos[i].x_+_bpos[i].xw_*_width; ___0x000000000040ca58_<+200>:________movslq_%esi,%r10 ___0x000000000040ca5f_<+207>:________lea____(%r10,%r10,4),%rax ___0x000000000040ca63_<+211>:________shl____$0x3,%rax ___0x000000000040ca67_<+215>:________mov____0x61daf0(%rax),%r11d ___0x000000000040ca6e_<+222>:________imul___%edx,%r11d ___0x000000000040ca72_<+226>:________add____0x61dae0(%rax),%r11d ___0x000000000040ca79_<+233>:________mov____%r11d,(%r8) 831:________*y_=_bpos[i].y_+_bpos[i].yh_*_height_+_bpos[i].yth_* ___0x000000000040ca80_<+240>:________mov____0x61daf4(%rax),%ebx ___0x000000000040ca8a_<+250>:________imul___0x61db00(%rax),%r11d ___0x000000000040ca92_<+258>:________imul___%ecx,%ebx ___0x000000000040ca95_<+261>:________add____%ebx,%r11d ___0x000000000040ca98_<+264>:________add____0x61dae4(%rax),%r11d ___0x000000000040ca9f_<+271>:________mov____%r11d,(%r9) ___0x000000000040caa2_<+274>:________jmpq___0x40c9fc_<get_button_position+108> ___0x000000000040caa7:________nopw___0x0(%rax,%rax,1) 832:____________(d->frame->titlebar_height_-_17); ___0x000000000040ca5b_<+203>:________mov____0x8(%rdi),%rdi
=>_0x000000000040ca7c_<+236>:________mov____0x20(%rdi),%r11d
___0x000000000040ca86_<+246>:________sub____$0x11,%r11d 833:____} 834: 835:____*w_=_bpos[i].w_+_bpos[i].ww_*_width; ___0x000000000040c9fc_<+108>:________lea____(%r10,%r10,4),%rax ___0x000000000040ca00_<+112>:________mov____0x10(%rsp),%r9 ___0x000000000040ca05_<+117>:________shl____$0x3,%rax ___0x000000000040ca09_<+121>:________imul___0x61daf8(%rax),%edx ___0x000000000040ca10_<+128>:________add____0x61dae8(%rax),%edx ___0x000000000040ca16_<+134>:________mov____%edx,(%r9) 836:____*h_=_bpos[i].h_+_bpos[i].hh_*_height_+_bpos[i].hth_+ ___0x000000000040ca19_<+137>:________imul___0x61dafc(%rax),%ecx ___0x000000000040ca20_<+144>:________add____0x61daec(%rax),%ecx ___0x000000000040ca26_<+150>:________add____0x61db04(%rax),%ecx ___0x000000000040ca32_<+162>:________lea____-0x11(%rcx,%rax,1),%ecx ___0x000000000040ca36_<+166>:________mov____0x18(%rsp),%rax ___0x000000000040ca3b_<+171>:________mov____%ecx,(%rax) 837:________(d->frame->titlebar_height_-_17); ___0x000000000040ca2c_<+156>:________mov____0x20(%rdi),%eax 838: 839:____/*_hack_to_position_multiple_buttons_on_the_right_*/ 840:____if_(i_!=_BUTTON_MENU) ___0x000000000040ca2f_<+159>:________cmp____$0x3,%esi ___0x000000000040ca42_<+178>:________je_____0x40ca4f_<get_button_position+191> 841:________*x_-=_10_+_16_*_i; ___0x000000000040ca44_<+180>:________neg____%esi ___0x000000000040ca46_<+182>:________shl____$0x4,%esi ___0x000000000040ca49_<+185>:________sub____$0xa,%esi ___0x000000000040ca4c_<+188>:________add____%esi,(%r8) 842: 843:____return_TRUE; ___0x000000000040ca3d_<+173>:________mov____$0x1,%eax 844:} ___0x000000000040ca4f_<+191>:________pop____%rbx ___0x000000000040ca50_<+192>:________retq___ ___0x000000000040ca51_<+193>:________nopl___0x0(%rax)
looks like the culprit is "d->frame- >titlebar_ height"
#################
action_menu_map (WnckWindow *win, long button, Time time) {
...
if (!button || button == 1) action_ menu, (gpointer) win, button, time);
{
gtk_menu_popup (GTK_MENU (action_menu), NULL, NULL, position_
// CALLS :
position_ action_ menu (GtkMenu *menu, gint *x, gint *y, gboolean *push_in, gpointer user_data) get_client_ window_ geometry (win, x, y, &width, &height); get_button_ position) (d, BUTTON_MENU, width, height, &bx, &by, &width, &height))
{
WnckWindow *win = (WnckWindow *) user_data;
...
gint bx, by, width, height;
wnck_window_
if ((*theme_
// WHICH CALLS
get_button_position (decor_t *d, gint i, gint width, gint height, gint *x, gint *y, gint *w, gint *h) >titlebar_ height - 17);
{
...
// FAULT : SIGSEGV
*y = bpos[i].y + bpos[i].yh * height + bpos[i].yth * (d->frame-
#################
grep_-n_ ^_/usr/ src/compiz- 0.9.5.0/ gtk/window- decorator/ cairo.c_ |_head_ -n_850_ |_tail_ -n_70
intermixed with gdb disassemble /m
809:gboolean button_ position_ (decor_ t_*d, __gint_ ___width, __gint_ ___height, __gint_ ___*x, __gint_ ___*y, __gint_ ___*w, __gint_ ___*h) 40c995_ <+5>:__ ______push_ __%rbx _if_(i_ >_BUTTON_ MENU) 40c992_ <+2>:__ ______cmp_ ___$0x3, %esi 40c996_ <+6>:__ ______jg_ ____0x40ca4f_ <get_button_ position+ 191> _____return_ FALSE; 40c990_ <+0>:__ ______xor_ ___%eax, %eax _if_(d- >frame_ window) 40c99c_ <+12>:_ _______ cmpq___ $0x0,0x218( %rdi) 40c9a4_ <+20>:_ _______ je_____ 0x40ca58_ <get_button_ position+ 200> _____*x_ =_bpos[ i].x_+_ bpos[i] .xw_*_width_ +_d->frame- >win_extents. left_+_ 4; 40c9aa_ <+26>:_ _______ movslq_ %esi,%r10 40c9ad_ <+29>:_ _______ mov____ 0x8(%rdi) ,%rdi 40c9b1_ <+33>:_ _______ lea____ (%r10,% r10,4), %r11 40c9b5_ <+37>:_ _______ shl____ $0x3,%r11 40c9b9_ <+41>:_ _______ mov____ 0x61daf0( %r11),% eax 40c9c0_ <+48>:_ _______ imul___ %edx,%eax 40c9c3_ <+51>:_ _______ add____ 0x61dae0( %r11),% eax 40c9ca_ <+58>:_ _______ add____ (%rdi), %eax 40c9cc_ <+60>:_ _______ add____ $0x4,%eax 40c9cf_ <+63>:_ _______ mov____ %eax,(% r8) _____*y_ =_bpos[ i].y_+_ bpos[i] .yh_*_height_ +_bpos[ i].yth_ * 40c9d5_ <+69>:_ _______ mov____ 0x61daf4( %r11),% ebx 40c9df_ <+79>:_ _______ imul___ 0x61db00( %r11),% eax 40c9e7_ <+87>:_ _______ imul___ %ecx,%ebx 40c9ea_ <+90>:_ _______ add____ %ebx,%eax 40c9ec_ <+92>:_ _______ add____ 0x61dae4( %r11),% eax _______ __(d->frame- >titlebar_ height_ -_17)_+ _d->frame- >win_extents. top_+_2; 40c9d2_ <+66>:_ _______ mov____ 0x20(%rdi) ,%eax 40c9dc_ <+76>:_ _______ sub____ $0x11,% eax 40c9f3_ <+99>:_ _______ add____ 0x8(%rdi) ,%eax 40c9f6_ <+102>: _______ _add___ _$0x2,% eax 40c9f9_ <+105>: _______ _mov___ _%eax,( %r9) _____*x_ =_bpos[ i].x_+_ bpos[i] .xw_*_width; 40ca58_ <+200>: _______ _movslq_ %esi,%r10 40ca5f_ <+207>: _______ _lea___ _(%r10, %r10,4) ,%rax 40ca63_ <+211>: _______ _shl___ _$0x3,% rax 40ca67_ <+215>: _______ _mov___ _0x61daf0( %rax),% r11d 40ca6e_ <+222>: _______ _imul__ _%edx,% r11d 40ca72_ <+226>: _______ _add___ _0x61dae0( %rax),% r11d 40ca79_ <+233>: _______ _mov___ _%r11d, (%r8) _____*y_ =_bpos[ i].y_+_ bpos[i] .yh_*_height_ +_bpos[ i].yth_ * 40ca80_ <+240>: _______ _mov___ _0x61daf4( %rax),% ebx 40ca8a_ <+250>: _______ _imul__ _0x61db00( %rax),% r11d 40ca92_ <+258>: _______ _imul__ _%ecx,% ebx 40ca95_ <+261>: _______ _add___ _%ebx,% r11d 40ca98_ <+264>: _______ _add___ _0x61dae4( %rax),% r11d 40ca9f_ <+271>: _______ _mov___ _%r11d, (%r9) 40caa2_ <+274>: _______ _jmpq__ _0x40c9fc_ <get_button_ position+ 108> 40caa7: _______ _nopw__ _0x0(%rax, %rax,1) _______ __(d->frame- >titlebar_ height_ -_17); 40ca5b_ <+203>: _______ _mov___ _0x8(%rdi) ,%rdi
810:get_
811:_____gint____i,
812:___
813:___
814:___
815:___
816:___
817:___
818:{
___0x0000000000
819:___
___0x0000000000
___0x0000000000
820:___
___0x0000000000
821:
822:___
___0x0000000000
___0x0000000000
823:____{
824:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
825:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
826:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
827:____}
828:____else
829:____{
830:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
831:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
832:___
___0x0000000000
=>_0x0000000000 40ca7c_ <+236>: _______ _mov___ _0x20(% rdi),%r11d
___0x0000000000 40ca86_ <+246>: _______ _sub___ _$0x11, %r11d _*w_=_bpos[ i].w_+_ bpos[i] .ww_*_width; 40c9fc_ <+108>: _______ _lea___ _(%r10, %r10,4) ,%rax 40ca00_ <+112>: _______ _mov___ _0x10(% rsp),%r9 40ca05_ <+117>: _______ _shl___ _$0x3,% rax 40ca09_ <+121>: _______ _imul__ _0x61daf8( %rax),% edx 40ca10_ <+128>: _______ _add___ _0x61dae8( %rax),% edx 40ca16_ <+134>: _______ _mov___ _%edx,( %r9) _*h_=_bpos[ i].h_+_ bpos[i] .hh_*_height_ +_bpos[ i].hth_ + 40ca19_ <+137>: _______ _imul__ _0x61dafc( %rax),% ecx 40ca20_ <+144>: _______ _add___ _0x61daec( %rax),% ecx 40ca26_ <+150>: _______ _add___ _0x61db04( %rax),% ecx 40ca32_ <+162>: _______ _lea___ _-0x11( %rcx,%rax, 1),%ecx 40ca36_ <+166>: _______ _mov___ _0x18(% rsp),%rax 40ca3b_ <+171>: _______ _mov___ _%ecx,( %rax) _____(d- >frame- >titlebar_ height_ -_17); 40ca2c_ <+156>: _______ _mov___ _0x20(% rdi),%eax _/*_hack_ to_position_ multiple_ buttons_ on_the_ right_* / _if_(i_ !=_BUTTON_ MENU) 40ca2f_ <+159>: _______ _cmp___ _$0x3,% esi 40ca42_ <+178>: _______ _je____ _0x40ca4f_ <get_button_ position+ 191> _____*x_ -=_10_+ _16_*_i; 40ca44_ <+180>: _______ _neg___ _%esi 40ca46_ <+182>: _______ _shl___ _$0x4,% esi 40ca49_ <+185>: _______ _sub___ _$0xa,% esi 40ca4c_ <+188>: _______ _add___ _%esi,( %r8) _return_ TRUE; 40ca3d_ <+173>: _______ _mov___ _$0x1,% eax 40ca4f_ <+191>: _______ _pop___ _%rbx 40ca50_ <+192>: _______ _retq__ _ 40ca51_ <+193>: _______ _nopl__ _0x0(%rax)
833:____}
834:
835:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
836:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
837:___
___0x0000000000
838:
839:___
840:___
___0x0000000000
___0x0000000000
841:___
___0x0000000000
___0x0000000000
___0x0000000000
___0x0000000000
842:
843:___
___0x0000000000
844:}
___0x0000000000
___0x0000000000
___0x0000000000