[PATCH weston] xwm: Fix a weston crash when a window surface is created after unmap

Pekka Paalanen ppaalanen at gmail.com
Fri Apr 10 00:04:03 PDT 2015 

On Thu,  9 Apr 2015 14:48:22 -0500
Derek Foreman <derekf at osg.samsung.com> wrote:

> If windows are created and quickly destroyed it's possible that they'll be
> on the unpaired window list at the time of surface creation.  The surface
> destroy listener for that surface isn't properly freed and a crash happens
> some time later.
> 
> This patch removes the window from the unpaired list during unmap, so we
> should never get to the destroy handler with a surface destroy listener set.
> 
> Just in case there's another path to that failure, I've also removed the
> surface destroy listener in the destory handler.
> 
> Signed-off-by: Derek Foreman <derekf at osg.samsung.com>
> ---
> 
> This applies on top of my earlier xwm patch (Add and use helper function...)
> and stops a very hard to trigger segfault in weston.
> 
>  xwayland/window-manager.c | 11 +++++++++++
>  1 file changed, 11 insertions(+)
> 
> diff --git a/xwayland/window-manager.c b/xwayland/window-manager.c
> index 5d22ded..cab7e20 100644
> --- a/xwayland/window-manager.c
> +++ b/xwayland/window-manager.c
> @@ -1001,6 +1001,14 @@ weston_wm_handle_unmap_notify(struct weston_wm *wm, xcb_generic_event_t *event)
>  	if (!wm_lookup_window(wm, unmap_notify->window, &window))
>  		return;
>  
> +	if (window->surface_id) {
> +		/* Make sure we're not on the unpaired surface list or we
> +		 * could be assigned a surface during surface creation that
> +		 * was mapped before this unmap request.
> +		 */
> +		wl_list_remove(&window->link);
> +		window->surface_id = 0;
> +	}
>  	if (wm->focus_window == window)
>  		wm->focus_window = NULL;
>  	if (window->surface)
> @@ -1207,6 +1215,9 @@ weston_wm_window_destroy(struct weston_wm_window *window)
>  	if (window->surface_id)
>  		wl_list_remove(&window->link);
>  
> +	if (window->surface)
> +		wl_list_remove(&window->surface_destroy_listener.link);
> +
>  	hash_table_remove(window->wm->window_hash, window->id);
>  	free(window);
>  }

Acked by Jasper in IRC, R-b me for details, pushed.
   90f23ca..9a0b2b5  master -> master


Thanks,
pq

More information about the wayland-devel mailing list