When Xwayland requests that a wl_surface be created and the X event is
handled before the wayland requests, a surface ID is stored to
window->surface_id and the window is added to the unpaired window list. When
weston_wm_create_surface is called, the window is removed from the list and
window->surface_id is set to zero. If window->surface_id is not zero when
weston_wm_window_destroy is called, the window is assumed to be in the
unpaired window list and wl_list_remove is called. If
weston_wm_window_handle_surface_id is called and the surface has already
been created, the window is not added to the unpaired window list, but
window->surface_id isn't set to zero. When the window is destroyed, removing
the window from the list is attempted anyway and a crash occurs.
This patch stores the surface ID in a temporary variable and only assigns it
to window->surface_id when the window is added to the unpaired window list.
Otherwise window->surface_id is set to zero to maintain its use as a flag
variable.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=80273
Signed-off-by: Tyler Veness <calcmogul@gmail.com>
* hasn't been created yet. In that case put the window on
* the unpaired window list and continue when the surface gets
* created. */
- window->surface_id = client_message->data.data32[0];
- resource = wl_client_get_object(wm->server->client,
- window->surface_id);
- if (resource)
+ uint32_t surface = client_message->data.data32[0];
+ resource = wl_client_get_object(wm->server->client, surface);
+ if (resource) {
+ window->surface_id = 0;
xserver_map_shell_surface(window,
wl_resource_get_user_data(resource));
- else
+ }
+ else {
+ window->surface_id = surface;
wl_list_insert(&wm->unpaired_window_list, &window->link);
+ }
}
static void
projects / profile / ivi / weston-ivi-shell.git / commitdiff