Skip to content

xfwm4 SEGV when window is destroyed just after its creation

Submitted by Marek Marczykowski

Assigned to Olivier Fourdan @olivier

Link to original bug (#10489)

Description

Created attachment 5234 Proposed patch, suitable for 4.6, 4.8, 4.10 and perhaps later

"Client" object is still queued for drawing frame, while the window is destroyed. If that happens quickly, "Client" object would be freed by clientUnframe, before drawing the frame for the first time.

This bug is rather old, but still happens in 4.10.0. Perhaps related to #10365. And exactly the same as https://bugzilla.redhat.com/show_bug.cgi?id=879696

Stacktrace:

#0  0x00007fb807921a38 in __strchr_sse42 () from /lib64/libc.so.6
#1  0x000000000041f7a3 in frameDrawWin (c=c@entry=0x1669780) at frame.c:964
#2  0x0000000000420f7e in update_frame_idle_cb (data=0x1669780) at frame.c:1224
#3  0x00007fb809072a55 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#4  0x00007fb809072d88 in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
#5  0x00007fb809073182 in g_main_loop_run () from /lib64/libglib-2.0.so.0
#6  0x00007fb80b1acfd7 in gtk_main () from /lib64/libgtk-x11-2.0.so.0
#7  0x000000000040b773 in main (argc=1, argv=0x7fffc0142d48) at main.c:627

Patch 5234, "Proposed patch, suitable for 4.6, 4.8, 4.10 and perhaps later":
xfwm4-4.6.1-cleanup-idle-queue.patch

Version: 4.10.0