[PATCH] Xi: reset the sli pointers after copying device classes. (#25640)

Peter Hutterer peter.hutterer at who-t.net
Tue Jan 12 21:20:32 PST 2010 

If the indicator flags have the XkbSLI_IsDefault bit set, the indicator map
and names aren't their own bit of memory but rather point into the
device->key->xkbInfo->desc structure. XkbCopySrvLedInfo knows about this and
leaves the pointers alone.

When copying the classes from the slave to the master, these pointers are
copied and still point to the dev->key class of the slave device. If the
slave device is removed, the memory becomes invalid and a call to modify
this data (e.g. XkbSetIndicators) may cause a deadlock.

The copying of dev->key relies on dev->kbdfeed to be already set up. Hence
the pointers need to be reset once _both_ kbdfeed and key have been copied
into the master device.

X.Org Bug 25640 <http://bugs.freedesktop.org/show_bug.cgi?id=25640>
Fedora Bug 540584 <https://bugzilla.redhat.com/show_bug.cgi?id=540584>

Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
 Xi/exevents.c |   20 ++++++++++++++++++++
 1 files changed, 20 insertions(+), 0 deletions(-)

diff --git a/Xi/exevents.c b/Xi/exevents.c
index cb2452b..ee32ba8 100644
--- a/Xi/exevents.c
+++ b/Xi/exevents.c
@@ -444,6 +444,26 @@ DeepCopyKeyboardClasses(DeviceIntPtr from, DeviceIntPtr to)
         to->key      = NULL;
     }
 
+    /* If a SrvLedInfoPtr's flags are XkbSLI_IsDefault, the names and maps
+     * pointer point into the xkbInfo->desc struct.  XkbCopySrvLedInfo
+     * didn't update the pointers so we need to do it manually here.
+     */
+    if (to->kbdfeed)
+    {
+        KbdFeedbackPtr k;
+
+        for (k = to->kbdfeed; k; k = k->next)
+        {
+            if (!k->xkb_sli)
+                continue;
+            if (k->xkb_sli->flags & XkbSLI_IsDefault)
+            {
+                k->xkb_sli->names = to->key->xkbInfo->desc->names->indicators;
+                k->xkb_sli->maps = to->key->xkbInfo->desc->indicators->maps;
+            }
+        }
+    }
+
     /* We can't just copy over the focus class. When an app sets the focus,
      * it'll do so on the master device. Copying the SDs focus means losing
      * the focus.
-- 
1.6.6

More information about the xorg-devel mailing list