Bug 132160
| Summary: | Bundled libglw conflicts with newer OpenMotif, causes GLwMDrawingArea widgets to crash | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Matthew Loff <mnloff> |
| Component: | xorg-x11 | Assignee: | X/OpenGL Maintenance List <xgl-maint> |
| Status: | CLOSED UPSTREAM | QA Contact: | David Lawrence <dkl> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 2 | CC: | xgl-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-10-12 20:50:27 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 123268 | ||
The libGLw included with X is authoritative. It appears to me, that openmotif has forked these interfaces in an incompatible way, without going through proper upstream processes and having the changes done in a manner that does not break ABI. Reassigning to 'openmotif' component, which will probably need to back out this incompatible change in order to preserve the ABI correctly. Actually openmotif is the upstream motif now, it's libGLw that has an unauthorized copy of 4 motif header files. However, openmotif seems to have acknowledged that the tooltips change was unfortunate: http://cvs.motifzone.net/cgi-bin/cvsweb.cgi/openmotif/lib/Xm/PrimitiveP.h?cvsroot=openmotif but those changes are over 1 year old. If openmotif doesn't get updated, the alternative is to change the headers in xc/lib/GLw/GLwXm. I filed this upstream to get some comments on the issue http://freedesktop.org/bugzilla/show_bug.cgi?id=1382 [note to other developers] Me and Kristian discussed this in IRC at length today, and sorted out some things. There are 2 problems: 1) libGLw is including Motif headers which is dumb, because there's no guarantee they match what the installed motif provides. In a perfect world, incompatible changes to interfaces don't occur without bumping library verisons, but openmotif isn't a perfect world it seems. libGLw should not include Motif headers for any really good reason nowadays. 2) Openmotif changed interfaces in an incompatible manner without playing nice. How this one should be solved I think is best handled in the upstream report Kristian filed in comment #3 above. We'll follow up there and try to get some community concensus on the best path to follow for this issue. I can not and will not remove the tool_tip_string from XmPrimitivePart - this will break OpenMotif-2.2.3. libGLw needs to be fixed not to have it's own Motif header files. Reassigning to xorg-x11. The best would be to have a dependency for the appropriate OpenMotif version. We are now tracking this in the upstream bug report at freedesktop:
http://freedesktop.org/bugzilla/show_bug.cgi?id=1382
|
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3 Description of problem: After experiencing crashes in Motif apps whenever a GLwMDrawingArea widget is destructed, I finally tracked down an imcompatibility between the headers of xorg's bundled libGLw library and OpenMotif. (OpenMotif) /lib/Xm/PrimitiveP.h defines XmPrimitivePart as: typedef struct _XmPrimitivePart { Pixel foreground; Dimension shadow_thickness; Pixel top_shadow_color; Pixmap top_shadow_pixmap; Pixel bottom_shadow_color; Pixmap bottom_shadow_pixmap; Dimension highlight_thickness; Pixel highlight_color; Pixmap highlight_pixmap; XtCallbackList help_callback; XtPointer user_data; Boolean traversal_on; Boolean highlight_on_enter; Boolean have_traversal; unsigned char unit_type; XmNavigationType navigation_type; Boolean highlight_drawn; Boolean highlighted; GC highlight_GC; GC top_shadow_GC; GC bottom_shadow_GC; XtCallbackList convert_callback; XtCallbackList popup_handler_callback; XmDirection layout_direction; XmString tool_tip_string; <--- this is a new addition } XmPrimitivePart; ... the last line ("XmString tool_tip_string") is a recent addition to this structure. However, at compilation time, libGLw doesn't use this file, it uses its own stripped-down motif header files. The libGLw file: /xc/lib/GLw/GLwXm/PrimitiveP.h defines XmPrimitivePart as: typedef struct { Pixel foreground; Dimension shadow_thickness; Pixel top_shadow_color; Pixmap top_shadow_pixmap; Pixel bottom_shadow_color; Pixmap bottom_shadow_pixmap; Dimension highlight_thickness; Pixel highlight_color; Pixmap highlight_pixmap; XtCallbackList help_callback; XtPointer user_data; Boolean traversal_on; Boolean highlight_on_enter; Boolean have_traversal; unsigned char unit_type; XmNavigationType navigation_type; Boolean highlight_drawn; Boolean highlighted; GC highlight_GC; GC top_shadow_GC; GC bottom_shadow_GC; #if XmVERSION > 1 XtCallbackList convert_callback; XtCallbackList popup_handler_callback; XmDirection layout_direction; #endif } XmPrimitivePart; ... notice the missing tool_tip_string component. When initializing a GLwMDrawingArea widget, motif will create the XmPrimitivePart struct correctly, but when passed to GLw's Initialize() function, the memory for the tool_tip_string pointer is frequently overwritten, since GLw believes the struct is sizeof(XmString *) bytes smaller than it actually is. At the destruction stage, XtDestroyWidget() will attempt to XmStringFree() the tool_tip_string, which, if it has been overwritten by GLw, is now a dangling pointer -- and your app crashes. Version-Release number of selected component (if applicable): xorg-x11-6.7.0-2 openmotif-2.2.3-2 How reproducible: Always Steps to Reproduce: 1. Create a small Motif app that places a GLwMDrawingArea on an XmForm. 2. Call XtDestroyWidget() on either the GLwMDrawingArea, or the XmForm (since it destroys children recursively) 3. Attempt to malloc() -- for any reason. 4. App will segfault Actual Results: Segmentation fault. Expected Results: App should behave as designed. Additional info: In my case, the app would not segfault until we attempted to malloc() more memory - which made tracking down the bug especially difficult.