libweston: ensure backend is not loaded twice
authorPekka Paalanen <pekka.paalanen@collabora.co.uk>
Tue, 29 Aug 2017 14:04:12 +0000 (17:04 +0300)
committerPekka Paalanen <pekka.paalanen@collabora.co.uk>
Wed, 4 Oct 2017 13:18:06 +0000 (16:18 +0300)
Check and ensure that a compositor can only load one backend
successfully. If a backend fails to load, it is theoretically possible
to try another backend. Once loading succeeds, only destroying the
compositor would allow "unloading" a backend.

If backend init fail, ensure the backend pointer remains NULL to avoid
calling into a half-loaded backend on e.g. compositor destruction.

Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Ian Ray <ian.ray@ge.com>
Acked-by Daniel Stone <daniels@collabora.com>

libweston/compositor.c

index 53bbf55..71a9b38 100644 (file)
@@ -5653,6 +5653,11 @@ weston_compositor_load_backend(struct weston_compositor *compositor,
        int (*backend_init)(struct weston_compositor *c,
                            struct weston_backend_config *config_base);
 
+       if (compositor->backend) {
+               weston_log("Error: attempt to load a backend when one is already loaded\n");
+               return -1;
+       }
+
        if (backend >= ARRAY_LENGTH(backend_map))
                return -1;
 
@@ -5660,7 +5665,12 @@ weston_compositor_load_backend(struct weston_compositor *compositor,
        if (!backend_init)
                return -1;
 
-       return backend_init(compositor, config_base);
+       if (backend_init(compositor, config_base) < 0) {
+               compositor->backend = NULL;
+               return -1;
+       }
+
+       return 0;
 }
 
 WL_EXPORT int