[mutter/gnome-3-28] cogl/pipeline: Don't try to access to free'd pointer data



commit 8d936a410cc10c57b7c0071f85a23997653d4281
Author: Marco Trevisan (TreviƱo) <mail 3v1n0 net>
Date:   Fri May 17 19:35:46 2019 +0000

    cogl/pipeline: Don't try to access to free'd pointer data
    
    When free'ing a pipeline we destroy the BigState first and then the fragment and
    vertex snippets lists using the big state pointer which is now invalid.
    This causes a crash  when G_SLICE=always-malloc is set and using MALLOC_CHECK_.
    
    So, invert the operations by free'ing the snippet lists first, and the big state
    afterwards.
    
    https://gitlab.gnome.org/GNOME/mutter/merge_requests/581
    
    
    (cherry picked from commit 7e0d185120ea116c91a8db60276971d3fecece80)

 cogl/cogl/cogl-pipeline.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/cogl/cogl/cogl-pipeline.c b/cogl/cogl/cogl-pipeline.c
index da2d2ce7e..6a77cda7f 100644
--- a/cogl/cogl/cogl-pipeline.c
+++ b/cogl/cogl/cogl-pipeline.c
@@ -492,9 +492,6 @@ _cogl_pipeline_free (CoglPipeline *pipeline)
       _cogl_bitmask_destroy (&uniforms_state->changed_mask);
     }
 
-  if (pipeline->differences & COGL_PIPELINE_STATE_NEEDS_BIG_STATE)
-    g_slice_free (CoglPipelineBigState, pipeline->big_state);
-
   if (pipeline->differences & COGL_PIPELINE_STATE_LAYERS)
     {
       g_list_foreach (pipeline->layer_differences,
@@ -508,6 +505,9 @@ _cogl_pipeline_free (CoglPipeline *pipeline)
   if (pipeline->differences & COGL_PIPELINE_STATE_FRAGMENT_SNIPPETS)
     _cogl_pipeline_snippet_list_free (&pipeline->big_state->fragment_snippets);
 
+  if (pipeline->differences & COGL_PIPELINE_STATE_NEEDS_BIG_STATE)
+    g_slice_free (CoglPipelineBigState, pipeline->big_state);
+
   g_list_free (pipeline->deprecated_get_layers_list);
 
   recursively_free_layer_caches (pipeline);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]