Bug#703726: [PATCH] libcogl12: SIGSEGV in cogl_onscreen_add_frame_callback
On Fri, Mar 29, 2013 at 1:57 AM, Daniel Vacek neel...@gmail.com wrote: Hi, I can confirm the bug and this patch fixes it. Ok, the problem is elsewhere. This patch won't fix the bug. Instead we must realize there is no bug. I tested the patch with LD_PRELOAD of 'fixed' library and it was all right. But after I installed lib to the system the problem did not disappear. So I investigated a little more. The bug is gone even with LD_PRELOAD of unpatched library and it turned out to this: neelx@sweeney:~$ ldd `which totem` | grep libcogl.so libcogl.so.9 = /usr/lib/i386-linux-gnu/libcogl.so.9 (0xb7278000) libcogl.so.12 = /usr/lib/i386-linux-gnu/libcogl.so.12 (0xb62c4000) neelx@sweeney:~$ LD_PRELOAD=/usr/lib/i386-linux-gnu/libcogl.so.12 ldd `which totem` | grep libcogl.so /usr/lib/i386-linux-gnu/libcogl.so.12 (0xb766) libcogl.so.9 = /usr/lib/i386-linux-gnu/libcogl.so.9 (0xb7135000) neelx@sweeney:~$ ldd `which gnome-shell` | grep libcogl.so libcogl.so.9 = /usr/lib/i386-linux-gnu/libcogl.so.9 (0xb6799000) libcogl.so.12 = /usr/lib/i386-linux-gnu/libcogl.so.12 (0xb52c) neelx@sweeney:~$ LD_PRELOAD=/usr/lib/i386-linux-gnu/libcogl.so.12 ldd `which gnome-shell` | grep libcogl.so /usr/lib/i386-linux-gnu/libcogl.so.12 (0xb768d000) libcogl.so.9 = /usr/lib/i386-linux-gnu/libcogl.so.9 (0xb668e000) llibcogl12 It's fine as long as it get's loaded _before_the_old_ version (surprisingly). neelx@sweeney:~$ readelf -d `which totem` | grep libcogl.so 0x0001 (NEEDED) Shared library: [libcogl.so.9] neelx@sweeney:~$ readelf -d `which gnome-shell` | grep libcogl.so 0x0001 (NEEDED) Shared library: [libcogl.so.9] Well, so the point is, totem or gnome-shell needs libcogl.so.9, but other library/ies they depends on (namely package libclutter-1.0-0 (= 1.13.10-1)) needs libcogl.so.12. As of version 1.14.0-1 package libclutter-1.0-0 correctly breaks libcogl9 and libcogl11. So should the package libcogl12 probably Break libclutter-1.0-0 ( 1.14.0-1)? --nX -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#703726: [PATCH] libcogl12: SIGSEGV in cogl_onscreen_add_frame_callback
Hi,
I can confirm the bug and this patch fixes it.
Basicaly it crashed in cogl_onscreen_add_frame_callback because
macro COGL_TAILQ_REMOVE in cogl_onscreen_remove_frame_callback
incorrectly removed an element from queue and corrupted the queue and
tail pointer.
--- a/cogl/cogl-queue.h 2011-08-12 15:45:58.0 +0200
+++ b/cogl/cogl-queue.h 2013-03-29 01:06:20.049909221 +0100
@@ -614,14 +614,18 @@
COGL_QMD_SAVELINK(oldprev, (elm)-field.tqe_prev); \
COGL_QMD_TAILQ_CHECK_NEXT(elm, field); \
COGL_QMD_TAILQ_CHECK_PREV(elm, field); \
-if ((COGL_TAILQ_NEXT((elm), field)) != NULL)\
+(*(elm)-field.tqe_prev)-field.tqe_next = \
+COGL_TAILQ_NEXT((elm), field); \
+if ((COGL_TAILQ_NEXT((elm), field)) != NULL) { \
COGL_TAILQ_NEXT((elm), field)-field.tqe_prev = \
(elm)-field.tqe_prev; \
-else { \
+if (COGL_TAILQ_NEXT((elm), field)-field.tqe_next == NULL) \
+(head)-tqh_last = \
+(*(elm)-field.tqe_prev)-field.tqe_next; \
+} else {\
(head)-tqh_last = (elm)-field.tqe_prev; \
COGL_QMD_TRACE_HEAD(head); \
} \
-*(elm)-field.tqe_prev = COGL_TAILQ_NEXT((elm), field); \
COGL_TRASHIT(*oldnext); \
COGL_TRASHIT(*oldprev); \
COGL_QMD_TRACE_ELEM((elm)-field); \
--nX
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
