[spice-gtk] Fix crash on finishing display rhbz#1069546
Marc-André Lureau
elmarco at fedoraproject.org
Tue Feb 25 15:43:25 UTC 2014
commit 49ee0564ae943345d1ebbd86d208f09119b43a0d
Author: Marc-André Lureau <marcandre.lureau at gmail.com>
Date: Tue Feb 25 16:44:01 2014 +0100
Fix crash on finishing display rhbz#1069546
...-fix-crash-when-releasing-primary-surface.patch | 39 ++++++++++++++++++++
spice-gtk.spec | 7 +++-
2 files changed, 45 insertions(+), 1 deletions(-)
---
diff --git a/0001-display-fix-crash-when-releasing-primary-surface.patch b/0001-display-fix-crash-when-releasing-primary-surface.patch
new file mode 100644
index 0000000..8067f9f
--- /dev/null
+++ b/0001-display-fix-crash-when-releasing-primary-surface.patch
@@ -0,0 +1,39 @@
+From 055a310f655ad436599c4fef965f2b3e7bc0f17f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau at redhat.com>
+Date: Tue, 25 Feb 2014 11:42:47 +0100
+Subject: [PATCH spice-gtk] display: fix crash when releasing primary surface
+
+Since 1fcaaa15f8aca362f9e6afc87fb43cfbccf6ff62, display_surface is
+allocated using gslice. However MSG_DISPLAY_MODE handler didn't allocate
+using GSlice. This can eventually lead to a crash when freeing, such as:
+
+Thread no. 1 (6 frames)
+ #2 g_slice_free1 at gslice.c:1097
+ #3 iter_remove_or_steal at ghash.c:787
+ #4 clear_surfaces at /lib64/libspice-client-glib-2.0.so.8
+ #5 spice_display_channel_finalize at
+ /lib64/libspice-client-glib-2.0.so.8
+ #7 spice_channel_delayed_unref at /lib64/libspice-client-glib-2.0.so.8
+ #12 gtk_main at gtkmain.c:1158
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1069546
+---
+ gtk/channel-display.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gtk/channel-display.c b/gtk/channel-display.c
+index e464abf..96fd764 100644
+--- a/gtk/channel-display.c
++++ b/gtk/channel-display.c
+@@ -886,7 +886,7 @@ static void display_handle_mode(SpiceChannel *channel, SpiceMsgIn *in)
+
+ g_warn_if_fail(c->mark == FALSE);
+
+- surface = spice_new0(display_surface, 1);
++ surface = g_slice_new0(display_surface);
+ surface->format = mode->bits == 32 ?
+ SPICE_SURFACE_FMT_32_xRGB : SPICE_SURFACE_FMT_16_555;
+ surface->width = mode->x_res;
+--
+1.8.5.3
+
diff --git a/spice-gtk.spec b/spice-gtk.spec
index b8b1ac1..86d04af 100644
--- a/spice-gtk.spec
+++ b/spice-gtk.spec
@@ -13,7 +13,7 @@
Name: spice-gtk
Version: 0.23
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A GTK+ widget for SPICE clients
Group: System Environment/Libraries
@@ -21,6 +21,7 @@ License: LGPLv2+
URL: http://spice-space.org/page/Spice-Gtk
#VCS: git:git://anongit.freedesktop.org/spice/spice-gtk
Source0: http://www.spice-space.org/download/gtk/%{name}-%{version}%{?_version_suffix}.tar.bz2
+Patch0001: 0001-display-fix-crash-when-releasing-primary-surface.patch
BuildRequires: intltool
BuildRequires: gtk2-devel >= 2.14
@@ -147,6 +148,7 @@ if [ -n '%{?_version_suffix}' ]; then
fi
pushd spice-gtk-%{version}
+%patch0001 -p1
find . -name '*.stamp' | xargs touch
popd
@@ -268,6 +270,9 @@ rm -rf %{buildroot}%{_datadir}/pkgconfig/spice-protocol.pc
%{_bindir}/spicy-stats
%changelog
+* Tue Feb 25 2014 Marc-André Lureau <marcandre.lureau at redhat.com> - 0.23-2
+- Fix crash on finishing display rhbz#1069546
+
* Mon Feb 10 2014 Marc-André Lureau <marcandre.lureau at redhat.com> - 0.23-1
- Update to spice-gtk 0.23
More information about the scm-commits
mailing list