After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 369523 - segfault by gdk_region_polygon()
segfault by gdk_region_polygon()
Status: RESOLVED NOTGNOME
Product: gtk+
Classification: Platform
Component: Backend: X11
2.10.x
Other All
: Normal critical
: ---
Assigned To: gtk-bugs
gtk-bugs
Depends on:
Blocks:
 
 
Reported: 2006-11-02 17:24 UTC by ville
Modified: 2006-12-28 08:20 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description ville 2006-11-02 17:24:17 UTC 
Steps to reproduce:
1. run pioneers (http://pio.sourceforge.net/)
2. Join in a game
3. When moving slider between game board window and chat window to the top,
the program crashes and dissapears (segfault) 



Stack trace:
Core was generated by `/usr/local/bin/pioneers'.
Program terminated with signal 11, Segmentation fault.

+ Trace 81961

  • #0 IA__gdk_region_polygon
    at gdkpolyreg-generic.c line 406
  • #0 IA__gdk_region_polygon
    at gdkpolyreg-generic.c line 406
  • #1 guimap_display
    at common/gtk/guimap.c line 897
  • #2 expose_map_cb
    at common/gtk/guimap.c line 98
  • #3 _gtk_marshal_BOOLEAN__BOXED
    at gtkmarshalers.c line 84
  • #4 g_closure_invoke
    from /usr/lib/libgobject-2.0.so.0
  • #5 g_signal_chain_from_overridden
    from /usr/lib/libgobject-2.0.so.0
  • #6 g_signal_emit_valist
    from /usr/lib/libgobject-2.0.so.0
  • #7 g_signal_emit
    from /usr/lib/libgobject-2.0.so.0
  • #8 gtk_widget_event_internal
    at gtkwidget.c line 3911
  • #9 IA__gtk_main_do_event
    at gtkmain.c line 1403
  • #10 gdk_window_process_updates_internal
    at gdkwindow.c line 2324
  • #11 IA__gdk_window_process_all_updates
    at gdkwindow.c line 2387
  • #12 gtk_container_idle_sizer
    at gtkcontainer.c line 1113
  • #13 g_source_is_destroyed
    from /usr/lib/libglib-2.0.so.0
  • #14 g_main_context_dispatch
    from /usr/lib/libglib-2.0.so.0
  • #15 g_main_context_check
    from /usr/lib/libglib-2.0.so.0
  • #16 g_main_loop_run
    from /usr/lib/libglib-2.0.so.0
  • #17 IA__gtk_main
    at gtkmain.c line 1024
  • #18 main
    at client/common/main.c line 61 


Other information:
This crash happens when all of the points are zeroes (x and y)
that is following code causes the crash:

GdkPoint points[6];
for (int i = 0; i < 6; ++i) {
points[i].x = 0; points[i].y = 0;
}
gdk_region_polygon(points, 6, GDK_EVEN_ODD_RULE);
Comment 1 Carlos Garnacho 2006-11-02 17:48:09 UTC 
perhaps gdk_region_polygon() should guard against negative points count, but even if it's fixed in Gtk+, there's clearly a bug in pioneers