Bug#495483: Another instance of the DoSwapInterval segfault
Hi,
I have the DoSwapInterval segfault with Xorg 1.4.2 too on a MacBook
Pro (amd64). It can be systematically triggered e.g. by calling
gnome-screensaver-preferences. The trace is the same as already given
by other people (see below for the exact trace). Faulty line 80 of
GL/glx/swap_interval.c:80 says:
(void) (*cx->pGlxScreen->swapInterval)(cx->drawPriv, interval);
knowing that the swapInterval field is set in GL/glx/glxdri.c to
function __glXDRIdrawableSwapInterval from GL/glx/glxdri.c. The code
of this latter function (the function that certainly segfaults) is
static int
__glXDRIdrawableSwapInterval(__GLXdrawable *baseDrawable, int interval)
{
__GLXDRIdrawable *draw = (__GLXDRIdrawable *) baseDrawable;
__glXDRIdrawableFoo(draw);
draw->driDrawable->swap_interval = interval;
return 0;
}
Now, there is a comment on top of the code of glXDRIdrawableFoo that
says:
/**
* \bug
* We're jumping through hoops here to get the DRIdrawable which the DRI
* driver tries to keep to it self... cf. FIXME in \c createDrawable.
*/
Could it be related to the crash?
Alternatively, could it be possible that the cast from "__GLXdrawable *"
to "__GLXDRIdrawable *" (a cast which expects that the room needed
for the extra field driDrawable does not wrongly overlap with some
elsewhere useful data) is wrongly compiled by gcc at some optimization
levels (I'm not a C expert)? Definition of __GLXDRIdrawable is:
typedef struct __GLXDRIdrawable __GLXDRIdrawable;
struct __GLXDRIdrawable {
__GLXdrawable base;
__DRIdrawable *driDrawable;
};
I'm ready to recompile the package after some changes are made, if
needed.
Regards,
Hugo Herbelin
** Trace of the segfault **
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fab2517c6e0 (LWP 3238)]
0x000000000002bfe2 in ?? ()
(gdb) backtrace full
#0 0x000000000002bfe2 in ?? ()
No symbol table info available.
#1 0x00007fab22507a20 in DoSwapInterval (cl=<value optimized out>,
pc=0x2f60920 "\235\020\004", do_swap=0) at ../../../GL/glx/swap_interval.c:80
client = (ClientPtr) 0x2f96e50
tag = 1
cx = <value optimized out>
interval = 1
__func__ = "DoSwapInterval"
#2 0x00007fab224e5732 in __glXDisp_VendorPrivate (cl=0x2f61e60,
pc=0x2f60920 "\235\020\004") at ../../../GL/glx/glxcmds.c:2328
No locals.
#3 0x00007fab224e98a5 in __glXDispatch (client=0x2f96e50)
at ../../../GL/glx/glxext.c:561
stuff = (xGLXSingleReq *) 0x2f60920
opcode = <value optimized out>
cl = (__GLXclientState *) 0x2f61e60
retval = 1
#4 0x000000000044f7d2 in Dispatch () at ../../dix/dispatch.c:502
result = <value optimized out>
client = (ClientPtr) 0x2f96e50
nready = 0
start_tick = 520
#5 0x0000000000436bd5 in main (argc=9, argv=0x7fff2d19d248, envp=<value optimized out>)
at ../../dix/main.c:452
i = 1
error = 0
xauthfile = <value optimized out>
alwaysCheckForInput = {0, 1}
(gdb)
Reply to: