FS#68839 - [cairo] segv in xfce4-session

Attached to Project: Arch Linux
Opened by Christian Hesse (eworm) - Thursday, 03 December 2020, 22:57 GMT
Last edited by Jan Alexander Steffens (heftig) - Friday, 04 December 2020, 12:30 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Jan Alexander Steffens (heftig)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
The process xfce4-session crashes with segv when opening the log-out dialog second time:

Process 121251 (xfce4-session) of user 1000 dumped core.

Stack trace of thread 121251:
#0 0x00007f658216c615 raise (libc.so.6 + 0x3d615)
#1 0x00007f6582155862 abort (libc.so.6 + 0x26862)
#2 0x00007f6582155747 __assert_fail_base.cold (libc.so.6 + 0x26747)
#3 0x00007f6582164bf6 __assert_fail (libc.so.6 + 0x35bf6)
#4 0x00007f658272dcdf cairo_surface_mark_dirty_rectangle (libcairo.so.2 + 0x68cdf)
#5 0x00007f65827560d0 n/a (libcairo.so.2 + 0x910d0)
#6 0x00007f658272dc39 cairo_surface_mark_dirty_rectangle (libcairo.so.2 + 0x68c39)
#7 0x00007f658272e255 cairo_surface_mark_dirty (libcairo.so.2 + 0x69255)
#8 0x00007f658288a4ad gdk_pixbuf_get_from_window (libgdk-3.so.0 + 0x404ad)
#9 0x0000555d1a44af1f xfsm_logout_dialog (xfce4-session + 0x1ff1f)
#10 0x0000555d1a44beba n/a (xfce4-session + 0x20eba)
#11 0x0000555d1a44c0a6 n/a (xfce4-session + 0x210a6)
#12 0x00007f658236e8f4 g_main_context_dispatch (libglib-2.0.so.0 + 0x528f4)
#13 0x00007f65823c2821 n/a (libglib-2.0.so.0 + 0xa6821)
#14 0x00007f658236de43 g_main_loop_run (libglib-2.0.so.0 + 0x51e43)
#15 0x00007f6582b2a4ff gtk_main (libgtk-3.so.0 + 0x1e14ff)
#16 0x0000555d1a43d17f main (xfce4-session + 0x1217f)
#17 0x00007f6582157152 __libc_start_main (libc.so.6 + 0x28152)
#18 0x0000555d1a43d3ee _start (xfce4-session + 0x123ee)

Stack trace of thread 121264:
#0 0x00007f658222446f __poll (libc.so.6 + 0xf546f)
#1 0x00007f65823c27af n/a (libglib-2.0.so.0 + 0xa67af)
#2 0x00007f658236d121 g_main_context_iteration (libglib-2.0.so.0 + 0x51121)
#3 0x00007f658236d172 n/a (libglib-2.0.so.0 + 0x51172)
#4 0x00007f658239bd31 n/a (libglib-2.0.so.0 + 0x7fd31)
#5 0x00007f65823033e9 start_thread (libpthread.so.0 + 0x93e9)
#6 0x00007f658222f293 __clone (libc.so.6 + 0x100293)

Stack trace of thread 121265:
#0 0x00007f658222446f __poll (libc.so.6 + 0xf546f)
#1 0x00007f65823c27af n/a (libglib-2.0.so.0 + 0xa67af)
#2 0x00007f658236de43 g_main_loop_run (libglib-2.0.so.0 + 0x51e43)
#3 0x00007f65825a9fe8 n/a (libgio-2.0.so.0 + 0x101fe8)
#4 0x00007f658239bd31 n/a (libglib-2.0.so.0 + 0x7fd31)
#5 0x00007f65823033e9 start_thread (libpthread.so.0 + 0x93e9)
#6 0x00007f658222f293 __clone (libc.so.6 + 0x100293)

Stack trace of thread 121266:
#0 0x00007f6582229d5d syscall (libc.so.6 + 0xfad5d)
#1 0x00007f65823bb90b g_cond_wait_until (libglib-2.0.so.0 + 0x9f90b)
#2 0x00007f658233e813 n/a (libglib-2.0.so.0 + 0x22813)
#3 0x00007f658233e9a4 g_async_queue_timeout_pop (libglib-2.0.so.0 + 0x229a4)
#4 0x00007f658239ec8a n/a (libglib-2.0.so.0 + 0x82c8a)
#5 0x00007f658239bd31 n/a (libglib-2.0.so.0 + 0x7fd31)
#6 0x00007f65823033e9 start_thread (libpthread.so.0 + 0x93e9)
#7 0x00007f658222f293 __clone (libc.so.6 + 0x100293)

Additional info:
cairo 1.17.4-1

Steps to reproduce:
* install cairo 1.17.4-1
* log in to xfce session
* open log-out dialog
* open log-out dialog again
This task depends upon

Closed by  Jan Alexander Steffens (heftig)
Friday, 04 December 2020, 12:30 GMT
Reason for closing:  Fixed
Additional comments about closing:  cairo 1.17.4-2
Comment by Christian Hesse (eworm) - Friday, 04 December 2020, 00:00 GMT
I tried to bisect, but could not reproduce when building with autotools.
Any idea why building with meson could cause this?
Comment by Evangelos Foutras (foutrelis) - Friday, 04 December 2020, 05:08 GMT
The difference with meson is that cairo-xlib-xcb is now enabled; disabling it avoids the crash. (I'm not sure if it's a bug in cairo or xfce4-session.)

I posted my findings to https://gitlab.freedesktop.org/cairo/cairo/-/issues/438

Loading...