[PATCH xserver] os: append, rather than prepend, any new input thread fds
Peter Hutterer
peter.hutterer at who-t.net
Tue Aug 9 07:45:30 UTC 2016
xf86AddEnabledDevice() prepends the new fd to the list,
xf86RemoveEnabledDevice() then searches for a matching fd and removes that
entry. If this is done for the same fd (and since we lose all information but
the actual fd) we usually unregister virtual devices in reverse order, causing
a dereference of already released memory.
Case in point:
- the wacom driver calls xf86AddEnabledDevice() once for the physical device,
then multiple times for the virtual subdevices
- when the physical device is unplugged, the driver calls
xf86RemoveEnabledDevice() for the physical device
- all we have is the fd, so we end up removing the last virtual device from
the fd set
- xf86DeleteInput() frees the physical device's pInfo
- the fd goes crazy with ENODEV, but a read_input() now passes the already
freed pInfo for the physical device
- boom
Fix this by appending to the fd list to provide bug-for-bug compatibility with
the old SIGIO code. This needs to be fixed in the driver, but meanwhile not
crashing the server provides for better user experience.
Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
os/inputthread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/os/inputthread.c b/os/inputthread.c
index 40a0443..489c18d 100644
--- a/os/inputthread.c
+++ b/os/inputthread.c
@@ -198,7 +198,7 @@ InputThreadRegisterDev(int fd,
dev->readInputArgs = readInputArgs;
input_lock();
- xorg_list_add(&dev->node, &inputThreadInfo->devs);
+ xorg_list_append(&dev->node, &inputThreadInfo->devs);
FD_SET(fd, &inputThreadInfo->fds);
--
2.7.4
More information about the xorg-devel
mailing list