Ubuntu
at-spi package

All GNOME programs segfault immediately on AMD64

Bug #37760 reported by David Huggins-Daines
6
Affects Status Importance Assigned to Milestone
at-spi
Fix Released
Medium
at-spi (Ubuntu)
Fix Released
Medium
Daniel Holbach

Bug Description

Something is seriously (64-bit?) broken in libatk-bridge.so. All of my GNOME programs (not just the help viewer!) are now segfaulting immediately on launch. The backtrace is similar to the one I reported for Yelp. This doesn't seem to happen on PowerPC so I am presuming it to be a 64-bit issue.

Deleting /usr/lib/gtk-2.0/modules/libatk-bridge.so fixes this problem, and everything now runs again (presumably sans accessibility support).

Revision history for this message
David Huggins-Daines (dhuggins) wrote :

This was a really stupid bug and very easy to fix. Here is the patch:

--- at-spi-1.7.6/atk-bridge/bridge.c~ 2006-02-27 12:28:13.000000000 -0500
+++ at-spi-1.7.6/atk-bridge/bridge.c 2006-04-02 15:05:27.000000000 -0400
@@ -311,7 +311,7 @@
                canonical_display_name = g_strdup (display_env);
                display_p = strrchr (canonical_display_name, ':');
                screen_p = strrchr (canonical_display_name, '.');
- if (screen_p && display_p && ((guint) screen_p > (guint) display_p))
+ if (screen_p && display_p && ((gulong) screen_p > (gulong) display_p))
                {
                    *screen_p = '\0';
                }

Revision history for this message
David Huggins-Daines (dhuggins) wrote :

Sorry - I spoke too soon. This does not fix all the problems, only some of them (gnome-terminal works again, but firefox doesn't). Also, there are a number of other similar errors in the code, for which I have included another patch. I am actively trying to track this down, as it is very annoying.

--- at-spi-1.7.6.orig/cspi/bonobo/cspi-bonobo.c
+++ at-spi-1.7.6/cspi/bonobo/cspi-bonobo.c
@@ -100,7 +100,7 @@
   canonical_display_name = g_strdup (display_env);
   display_p = strrchr (canonical_display_name, ':');
   screen_p = strrchr (canonical_display_name, '.');
- if (screen_p && display_p && ((guint) screen_p > (guint) display_p))
+ if (screen_p && display_p && ((gulong) screen_p > (gulong) display_p))
   {
       *screen_p = '\0';
   }
--- at-spi-1.7.6.orig/registryd/registry-main.c
+++ at-spi-1.7.6/registryd/registry-main.c
@@ -56,7 +56,7 @@
       display_name = g_strdup (gdk_display_get_name (gdk_display_get_default ()));
       cp = strrchr (display_name, '.');
       dp = strrchr (display_name, ':');
- if (cp && dp && ((guint) cp > (guint) dp)) *cp = '\0';
+ if (cp && dp && ((gulong) cp > (gulong) dp)) *cp = '\0';
   }

   reg_env = bonobo_activation_registration_env_set ( reg_env, "AT_SPI_DISPLAY",

Revision history for this message
David Huggins-Daines (dhuggins) wrote :

Okay, here is the real bug, nailed to the wall. It is trying to free memory on the stack! I guess this just happens to not break on i386? Anyway, please apply this patch in addition to the above ones. Everything (yelp, firefox, etc) is working for me now.

This should also resolve all of the "yelp doesn't work on AMD64" bugs, such as 34384 and a bunch of others.

--- at-spi-1.7.6/atk-bridge/bridge.c~ 2006-04-02 16:00:16.000000000 -0400
+++ at-spi-1.7.6/atk-bridge/bridge.c 2006-04-02 16:07:18.000000000 -0400
@@ -694,7 +694,7 @@

   g_free (e.type);

- if (e.any_data._release) CORBA_free (&e.any_data._value);
+ if (e.any_data._release) CORBA_free (e.any_data._value);

   va_end (args);

Revision history for this message
c7d2f5c8667d26fffd5e7772d632c76d (c7d2f5c8667d26fffd5e7772d632c76d-deactivatedaccount) wrote :

Just FYI, the (guint) casts bug is already filed upstream at http://bugzilla.gnome.org/show_bug.cgi?id=333883 .

Revision history for this message
David Huggins-Daines (dhuggins) wrote :

Okay, actually, the fix noted above doesn't seem to really fix everything. Now update-notifier and some other programs are breaking.

I think that there is something fundamentally wrong with the way that the atk-bridge is trying to free things here but I don't know enough about the internals of ORBit and so forth to fix it properly.

Of course, commenting out the CORBA_free call entirely makes everything "work", but it certainly leaks memory. I guess I will stick to manually removing libatk-bridge.so for the time being.

Sebastien Bacher (seb128)
Changed in at-spi:
assignee: nobody → dholbach
Revision history for this message
Daniel Holbach (dholbach) wrote :

 at-spi (1.7.7-0ubuntu2) dapper; urgency=low
 .
   * debian/patches/fix-64bit-casts.patch:
     - applied patch from http://bugzilla.gnome.org/show_bug.cgi?id=333883
       (Malone: #37760)
   * debian/patches/revert-memory-leak-fix.patch:
     - reverted patch from http://bugzilla.gnome.org/show_bug.cgi?id=331924 -
       we rather live with small memory leaks than GNOME exploding - thanks
       for leading the way: <email address hidden>
 .
 at-spi (1.7.7-0ubuntu1) dapper; urgency=low
 .
   * New upstream release:
     - Documentation improvements:
       - cspi API coverage complete
       - doxygen used at build time, when available
       - IDL documentation is now available
     - New locales: dz (Dzongkha), ka (Georgian)
     - localization reinstated generally
     - Cleanup:
       - private cspi_ methods stripped from the libraries
       - build fixes for some platforms
       - leak fixes
   * debian/rules:
     - small fix, which makes .pot happy.

Changed in at-spi:
status: Unconfirmed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in at-spi:
status: Confirmed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in at-spi:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.