xserver: Branch 'master'
Keith Packard
keithp at kemper.freedesktop.org
Thu Mar 6 17:16:58 PST 2014
dix/main.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit 78e508c9379b3976ac8e76b7aaa90ba86ad4e443
Author: Andrew Eikum <aeikum at codeweavers.com>
Date: Mon Dec 30 09:15:41 2013 -0600
dix: Clear any existing selections before initializing privates
If there is a selection left over from a previous execution of the
main loop, and that selection has privates allocated for it, the X
server will crash. This is because dixResetPrivates() resets the
privates refcounts to zero without accounting for the reference held
by the selection object. When the selection is then deleted in
InitSelections() after the call to dixResetPrivates(), the refcount
for its privates type goes negative and bad things happen.
To fix this, we should delete any existing selections before calling
dixResetPrivates(). This will properly release the selection's
privates and avoid the crash.
A more thorough description of the problem and a test case to
reproduce the crash is available at a previous mail:
"Negative Selection devPrivates refcount?"
By Andrew Eikum to xorg-devel on 10 Dec 2013
http://lists.freedesktop.org/archives/xorg-devel/2013-December/039492.html
Signed-off-by: Andrew Eikum <aeikum at codeweavers.com>
Reviewed-by: Adam Jackson <ajax at redhat.com>
Signed-off-by: Keith Packard <keithp at keithp.com>
diff --git a/dix/main.c b/dix/main.c
index fcc1ad3..7427e08 100644
--- a/dix/main.c
+++ b/dix/main.c
@@ -175,6 +175,9 @@ dix_main(int argc, char *argv[], char *envp[])
clients[0] = serverClient;
currentMaxClients = 1;
+ /* clear any existing selections */
+ InitSelections();
+
/* Initialize privates before first allocation */
dixResetPrivates();
@@ -192,7 +195,6 @@ dix_main(int argc, char *argv[], char *envp[])
InitAtoms();
InitEvents();
- InitSelections();
InitGlyphCaching();
dixResetRegistry();
ResetFontPrivateIndex();
More information about the xorg-commit
mailing list