[PATCH weston] compositor: fix crash when destroying incompletely created output
Derek Foreman
derekf at osg.samsung.com
Wed Aug 5 14:20:15 PDT 2015
On 30/07/15 08:23 PM, Dawid Gajownik wrote:
> When output can't be created in foo_backend_create_output(),
> weston_output_destroy() is called without executing
> weston_compositor_add_output(). In such a case output->link is not initialized
> and causes application crash on wl_list_remove(&output->link).
>
> This problem happens when drm, fbdev, rdp, rpi or wayland backend is used.
Good catch!
However, can we get the same result by making weston_output_init() call
wl_list_init(&output->link)?
I think that'd be simple enough not to require a comment to explain
what's going on...
>
> Signed-off-by: Dawid Gajownik <gajownik at gmail.com>
> ---
> src/compositor.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/src/compositor.c b/src/compositor.c
> index 66c3eee..30924f6 100644
> --- a/src/compositor.c
> +++ b/src/compositor.c
> @@ -3893,7 +3893,11 @@ weston_output_destroy(struct weston_output *output)
> weston_presentation_feedback_discard_list(&output->feedback_list);
>
> weston_compositor_remove_output(output->compositor, output);
> - wl_list_remove(&output->link);
> +
> + /* output->link might be not initialized if foo_backend_create_output()
> + * ends before weston_compositor_add_output() */
> + if (output->link.prev && output->link.next)
> + wl_list_remove(&output->link);
>
> wl_signal_emit(&output->compositor->output_destroyed_signal, output);
> wl_signal_emit(&output->destroy_signal, output);
>
More information about the wayland-devel
mailing list