Bug 653947 – Crash in gdk/x11/gdkdevicemanager-xi2.c:get_event_window

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 653947 - Crash in gdk/x11/gdkdevicemanager-xi2.c:get_event_window


Summary:	Crash in gdk/x11/gdkdevicemanager-xi2.c:get_event_window


Status:	RESOLVED FIXED

Product:	gtk+
Classification:	Platform
Component:	Class: GdkDevice
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	gtk-bugs
QA Contact:	Carlos Garnacho

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2011-07-04 13:16 UTC by Guillaume Desmottes
Modified:	2011-07-15 16:39 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Guillaume Desmottes 2011-07-04 13:16:04 UTC

empathy-av crashes when receiving a call with GTK+3 master (3c46df5fcbf6f5b52788302887b3a49b4c173743).

Program terminated with signal 11, Segmentation fault.

+ Trace 227649

#0 get_event_window
at gdkdevicemanager-xi2.c line 881
#0 get_event_window
at gdkdevicemanager-xi2.c line 881
#1 gdk_x11_device_manager_xi2_get_window
at gdkdevicemanager-xi2.c line 1374
#2 _gdk_x11_event_translator_get_window
at gdkeventtranslator.c line 103
#3 gdk_event_source_get_filter_window
at gdkeventsource.c line 114
#4 gdk_event_source_translate_event
at gdkeventsource.c line 188
#5 _gdk_x11_display_queue_events
at gdkeventsource.c line 334
#6 gdk_display_get_event
at gdkdisplay.c line 311
#7 gdk_event_source_dispatch
at gdkeventsource.c line 356
#8 g_main_dispatch
at gmain.c line 2500
#9 g_main_context_dispatch
at gmain.c line 3083
#10 g_main_context_iterate
at gmain.c line 3161
#11 g_main_loop_run
at gmain.c line 3369
#12 gtk_main
at gtkmain.c line 1357
#13 gtk_application_run_mainloop
at gtkapplication.c line 112
#14 g_application_run
at gapplication.c line 1325
#15 main
at empathy-av.c line 163

Comment 1 Guillaume Desmottes 2011-07-04 13:19:36 UTC

I workarounded the crash with this patch but I have no idea if that's the right thing to do.


diff --git a/gdk/x11/gdkdevicemanager-xi2.c b/gdk/x11/gdkdevicemanager-xi2.c
index 29d8fa1..34eabd8 100644
--- a/gdk/x11/gdkdevicemanager-xi2.c
+++ b/gdk/x11/gdkdevicemanager-xi2.c
@@ -1370,6 +1370,8 @@ gdk_x11_device_manager_xi2_get_window (GdkEventTranslator *translator,
     return NULL;
 
   ev = (XIEvent *) xevent->xcookie.data;
+  if (ev == NULL)
+    return NULL;
 
   return get_event_window (translator, ev);
 }

Comment 2 Matthias Clasen 2011-07-11 01:10:25 UTC

Carlos, I think this is in your area.

Comment 3 Carlos Garnacho 2011-07-14 16:33:41 UTC

Hrm, can't reproduce with my current Empathy version, will compile from master later today.

Guillaume, is there any event filter running directly or indirectly in empathy-av (say via Clutter)? while your fix would be good for defensive programming (someone could have already allocated+freed the XGenericEventCookie data), it shouldn't happen at all if only GDK is handling the events.

Comment 4 Guillaume Desmottes 2011-07-15 08:14:32 UTC

Hum weird, I can't reproduce this any more...
Feel free to close the bug.

Comment 5 Carlos Garnacho 2011-07-15 16:39:34 UTC

Thanks for testing, I've pushed a similar fix to the one in comment #1 anyway, it's good to double check for unpolite event filters