[RFC PATCH xserver] xwayland: Avoid assert failure in flips_stop()

Olivier Fourdan ofourdan at redhat.com
Fri Sep 14 07:09:11 UTC 2018 

On `ClipNotify()`, `present_clip_notify()` will possibly end up issuing
a `flips_stop()` if `check_flip()` returns `FALSE`.

`present_wnmd_check_flip()` however can return `FALSE` in a variety of
cases, before eventually checking with the driver's `check_flip2()`
which in the case of `xwl_present_check_flip2()` makes sure that
`xwl_window->present_window` is not `NULL`.

Hence, if one of the preliminary conditions is not satisfied in
`present_wnmd_check_flip()`, we may end up calling Xwayland's
`xwl_present_flips_stop()` even though `xwl_window->present_window` is
'NULL', which will trigger an assertion failure and consequently a crash
of Xwayland.

A backtrace of such a case looks like:

  #0  __GI_raise (sig=sig at entry=6)
  #1  __GI_abort () at abort.c:79
  #2  OsAbort () at utils.c:1350
  #3  AbortServer () at log.c:877
  #4  FatalError () at log.c:1015
  #5  OsSigHandler () at osinit.c:156
  #6  <signal handler called>
  #7  __GI_raise (sig=sig at entry=6)
  #8  __GI_abort () at abort.c:79
  #9  __assert_fail_base () at assert.c:92
  #10 __GI___assert_fail () at assert.c:101
  #11 xwl_present_flips_stop () at xwayland-present.c:521
  #12 present_wnmd_flips_stop () at present_wnmd.c:159
  #13 present_wnmd_check_flip_window () at present_wnmd.c:332
  #14 present_clip_notify () at present_screen.c:203
  #15 compClipNotify () at compwindow.c:317
  #16 miComputeClips () at mivaltree.c:478
  #17 miValidateTree () at mivaltree.c:681
  #18 MapWindow () at window.c:2699
  #19 ReparentWindow () at window.c:2600
  #20 ProcReparentWindow () at dispatch.c:829
  #21 Dispatch () at dispatch.c:478
  #22 dix_main () at main.c:276
  #23 __libc_start_main () at ../csu/libc-start.c:308
  #24 _start ()

In this case, a forensic examination of the core file showed that
`present_wnmd_check_flip()` returned `FALSE` because
`window->redirectDraw` was `RedirectDrawManual` and not the expected
`RedirectDrawNone`.

Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>
---
 See: https://lists.x.org/archives/xorg-devel/2018-September/057566.html

 hw/xwayland/xwayland-present.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/xwayland/xwayland-present.c b/hw/xwayland/xwayland-present.c
index 316e04443..f77dc4d15 100644
--- a/hw/xwayland/xwayland-present.c
+++ b/hw/xwayland/xwayland-present.c
@@ -518,6 +518,9 @@ xwl_present_flips_stop(WindowPtr window)
     if (!xwl_window)
         return;
 
+    if (xwl_window->present_window == NULL)
+        return;
+
     assert(xwl_window->present_window == window);
 
     xwl_window->present_window = NULL;
-- 
2.19.0

More information about the xorg-devel mailing list