fixed bug in wl_list
Marty Jack
martyj19 at comcast.net
Sat Mar 12 03:07:57 PST 2011
On 03/11/2011 07:32 PM, Iskren Chernev wrote:
> Hello,
>
> I found a bug and fixed it with the patch :)
>
> *to reproduce:*
> run compositor on top of x11
>
> repeat
> run flower
> drag & drop it a little
> move the pointer in and out of the compositor/flower
> Ctrl+C the flower client
>
> it would break eventually
>
> *problem:*
> I found that the linked list surface->destroy_listener_list got corrupted at some point (it was not circular any more, strange next/prev etc), which causes the crash.
>
> *solution:*
> The problem was in wl_list_remove -- when you erase an element, you don't mark it as 'erased', by setting prev/next to NULL for example. Then if you erase it again the list becomes corrupt. I nullified the prev/next and check in the begining of wl_list_remove for not-in-list elements and just ignore them. That seems to fix it.
>
> Regards,
> Iskren
>
>
>
> _______________________________________________
> wayland-devel mailing list
> wayland-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/wayland-devel
Unfortunately your fix only papers over the real problem, which is that the list got corrupted at some point. It would not actually solve the problem. The source of the corruption needs to be located and fixed; it could be removing something twice, inserting something twice, or the like. You could push ahead with this if you were interested.
More information about the wayland-devel
mailing list