After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 641647 - calling virtual methods with float inout args crashes on x86-64
calling virtual methods with float inout args crashes on x86-64
Status: RESOLVED FIXED
Product: gobject-introspection
Classification: Platform
Component: general
unspecified
Other Linux
: Normal major
: ---
Assigned To: gobject-introspection Maintainer(s)
gobject-introspection Maintainer(s)
Depends on:
Blocks: 625942
 
 
Reported: 2011-02-06 04:52 UTC by Jonathan Matthew
Modified: 2015-02-07 16:47 UTC
See Also:
GNOME target: 3.0
GNOME version: ---

Attachments
Account for arg direction in g_callable_info_get_ffi_arg_types (1.33 KB, patch)
2011-02-06 04:55 UTC, Jonathan Matthew 		committed Details | Review

Description Jonathan Matthew 2011-02-06 04:52:43 UTC 
_g_callable_info_invoke accounts for the arg direction when determining the ffi type to use (using ffi_type_pointer for inout and out args), but g_callable_info_get_ffi_arg_types doesn't.

This causes problems on at least x86-64 because ffi uses SSE registers for floats and general purpose registers for pointers, so when passing a float inout arg, the caller (using _g_callable_info_invoke) passes it in a general purpose register, but the closure (created with g_callable_info_prepare_closure, which calls g_callable_info_get_ffi_arg_types) expects it in an SSE register.  As a result it dereferences a random pointer and crashes.
Comment 1 Jonathan Matthew 2011-02-06 04:55:13 UTC 
Created attachment 180208 [details] [review]
Account for arg direction in g_callable_info_get_ffi_arg_types
Comment 2 Johan (not receiving bugmail) Dahlin 2011-02-08 17:21:44 UTC 
Review of attachment 180208 [details] [review]:

Looks good to me
Comment 3 Jonathan Matthew 2011-02-08 21:53:51 UTC 
Pushed as commit f19d246.
Comment 4 André Klapper 2015-02-07 16:47:25 UTC 
[Mass-moving gobject-introspection tickets to its own Bugzilla product - see bug 708029. Mass-filter your bugmail for this message: introspection20150207 ]