[Wayland-bugs] [Bug 67231] New: weston_release_seat() double frees focus_state

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue Jul 23 14:54:12 PDT 2013 

https://bugs.freedesktop.org/show_bug.cgi?id=67231

          Priority: medium
            Bug ID: 67231
          Assignee: wayland-bugs at lists.freedesktop.org
           Summary: weston_release_seat() double frees focus_state
          Severity: major
    Classification: Unclassified
                OS: Linux (All)
          Reporter: rdp.effort at gmail.com
          Hardware: x86-64 (AMD64)
            Status: NEW
           Version: unspecified
         Component: weston
           Product: Wayland

I can reproduce this valgrind error:

using config in current working directory: ./weston.ini
using config in current working directory: ./weston.ini
using config in current working directory: ./weston.ini
[23:30:32.733] unable to checkDescriptor for 0x8812c30
==4837== Invalid write of size 8
==4837==    at 0x4E3DE77: wl_list_remove (wayland-util.c:53)
==4837==    by 0xC8CA0CC: focus_state_destroy (shell.c:421)
==4837==    by 0x4102EB: weston_seat_release (wayland-server.h:171)
==4837==    by 0x884587E: rdp_peer_context_free (compositor-rdp.c:603)
==4837==    by 0x8CF0F69: freerdp_peer_context_free (peer.c:405)
==4837==    by 0x8845BD7: rdp_client_activity (compositor-rdp.c:622)
==4837==    by 0x4E3C1A2: wl_event_loop_dispatch (event-loop.c:421)
==4837==    by 0x4E3A8F4: wl_display_run (wayland-server.c:836)
==4837==    by 0x4083C6: main (compositor.c:3398)
==4837==  Address 0xccfc6a8 is 24 bytes inside a block of size 120 free'd
==4837==    at 0x4C2BA6C: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4837==    by 0x4102EB: weston_seat_release (wayland-server.h:171)
==4837==    by 0x884587E: rdp_peer_context_free (compositor-rdp.c:603)
==4837==    by 0x8CF0F69: freerdp_peer_context_free (peer.c:405)
==4837==    by 0x8845BD7: rdp_client_activity (compositor-rdp.c:622)
==4837==    by 0x4E3C1A2: wl_event_loop_dispatch (event-loop.c:421)
==4837==    by 0x4E3A8F4: wl_display_run (wayland-server.c:836)
==4837==    by 0x4083C6: main (compositor.c:3398)
==4837== 


with this simple actions:
* launch the RDP compositor, (valgrind output/src/weston
--backend=rdp-backend.so --width=800 --height=600)
* connect with xfreerdp client (xfreerdp /v:127.0.0.1)
* open 2 weston-terminal, click on the first one to grab the focus
* kill your xfreerdp, and you have the above backtrace

It matches the second backtrace of #65913, i think we were too fast to close
it.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/wayland-bugs/attachments/20130723/6927b19f/attachment.html>

More information about the Wayland-bugs mailing list