On 01/27/2016 05:44 AM, Michael Catanzaro wrote: > Hi, > > GNOME Chess in F23 has been crashing when promoting pawns. This is easy > to reproduce by turning off the computer player in Preferences, > starting a new game, and just moving pawns across the board. It turns > out to be due to our new hardening flags. > > This is https://bugzilla.redhat.com/show_bug.cgi?id=1280470 > > The hardening flags seem to somehow be breaking a GObject signal > accumulator, where the signal is emitted from a libtool convenience > library, but the value is returned from outside the convenience > library. > > My workaround is just to add %undefine _hardened_build to the specfile, > because I have no clue what else to do. > > I wonder if other applications are experiencing similar crashes. We had similar issues when signal callbacks are called through incorrect function types. Here is an example: <https://bugzilla.gnome.org/show_bug.cgi?id=706470> The backtrace with its register dump suggests that the upper 32 bits of the return value from the signal were clipped. Unfortunately, the glib signals mechanism does not have compile-time or run-time type checks, so it can easily happen, but is somewhat difficult to track down. It seems that g_cclosure_user_marshal_ENUM__VOID invokes the callback with an int return value, but the registered callback (_chess_application_show_promotion_type_selector_chess_scene_choose_promotion_type) has a return type of PieceType *. Any change in register allocation can make this bug appear and disappear, it's not related to the hardening flags. Florian -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
