On 03/11/2011 07:32 PM, Iskren Chernev wrote: > Hello, > > I found a bug and fixed it with the patch :) > > *to reproduce:* > run compositor on top of x11 > > repeat > run flower > drag & drop it a little > move the pointer in and out of the compositor/flower > Ctrl+C the flower client > > it would break eventually > > *problem:* > I found that the linked list surface->destroy_listener_list got corrupted at > some point (it was not circular any more, strange next/prev etc), which > causes the crash. > > *solution:* > The problem was in wl_list_remove -- when you erase an element, you don't > mark it as 'erased', by setting prev/next to NULL for example. Then if you > erase it again the list becomes corrupt. I nullified the prev/next and check > in the begining of wl_list_remove for not-in-list elements and just ignore > them. That seems to fix it. > > Regards, > Iskren > > > > _______________________________________________ > wayland-devel mailing list > [email protected] > http://lists.freedesktop.org/mailman/listinfo/wayland-devel
Unfortunately your fix only papers over the real problem, which is that the list got corrupted at some point. It would not actually solve the problem. The source of the corruption needs to be located and fixed; it could be removing something twice, inserting something twice, or the like. You could push ahead with this if you were interested. _______________________________________________ wayland-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/wayland-devel
