Accepting request 578983 from home:fcrozat:branches:X11:XOrg

- U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch,
  U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch,
  U_xwayland-avoid-race-condition-on-new-keymap.patch,
  U_xwayland-remove-dirty-window-unconditionally-on-unre.patch:
  * Various crash and bug fixes in XWayland server (bgo#791383,
    bgo#790502).

OBS-URL: https://build.opensuse.org/request/show/578983
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=692

U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch

@@ -0,0 +1,92 @@
+From e96bd477395af3c2c3157ebda0f55ea4b672a114 Mon Sep 17 00:00:00 2001
+From: Lyude Paul <lyude@redhat.com>
+Date: Tue, 6 Feb 2018 12:41:47 -0500
+Subject: [PATCH] xwayland: Don't process cursor warping without an xwl_seat
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Unfortunately, on my machine Xwayland immediately crashes when I try to
+start it. gdb backtrace:
+
+ #0  0x00007ffff74f0e79 in wl_proxy_marshal () from target:/lib64/libwayland-client.so.0
+ #1  0x0000000000413172 in zwp_confined_pointer_v1_destroy (zwp_confined_pointer_v1=0x700000000)
+     at hw/xwayland/Xwayland@exe/pointer-constraints-unstable-v1-client-protocol.h:612
+ #2  0x0000000000418bc0 in xwl_seat_destroy_confined_pointer (xwl_seat=0x8ba2a0)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2839
+ #3  0x0000000000418c09 in xwl_seat_unconfine_pointer (xwl_seat=0x8ba2a0)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2849
+ #4  0x0000000000410d97 in xwl_cursor_confined_to (device=0xa5a000, screen=0x8b9d80, window=0x9bdb70)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland.c:328
+ #5  0x00000000004a8571 in ConfineCursorToWindow (pDev=0xa5a000, pWin=0x9bdb70, generateEvents=1,
+     confineToScreen=0) at /home/lyudess/Projects/xserver/dix/events.c:900
+ #6  0x00000000004a94b7 in ScreenRestructured (pScreen=0x8b9d80)
+     at /home/lyudess/Projects/xserver/dix/events.c:1387
+ #7  0x0000000000502386 in RRScreenSizeNotify (pScreen=0x8b9d80)
+     at /home/lyudess/Projects/xserver/randr/rrscreen.c:160
+ #8  0x000000000041a83c in update_screen_size (xwl_output=0x8e7670, width=3840, height=2160)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:203
+ #9  0x000000000041a9f0 in apply_output_change (xwl_output=0x8e7670)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:252
+ #10 0x000000000041aaeb in xdg_output_handle_done (data=0x8e7670, xdg_output=0x8e7580)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:307
+ #11 0x00007ffff50e9d1e in ffi_call_unix64 () at ../src/x86/unix64.S:76
+ #12 0x00007ffff50e968f in ffi_call (cif=<optimized out>, fn=<optimized out>, rvalue=<optimized out>,
+     avalue=<optimized out>) at ../src/x86/ffi64.c:525
+ #13 0x00007ffff74f3d8b in wl_closure_invoke () from target:/lib64/libwayland-client.so.0
+ #14 0x00007ffff74f0928 in dispatch_event.isra () from target:/lib64/libwayland-client.so.0
+ #15 0x00007ffff74f1be4 in wl_display_dispatch_queue_pending () from target:/lib64/libwayland-client.so.0
+ #16 0x00007ffff74f200b in wl_display_roundtrip_queue () from target:/lib64/libwayland-client.so.0
+ #17 0x0000000000418cad in InitInput (argc=12, argv=0x7fffffffd9c8)
+     at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2867
+ #18 0x00000000004a20e3 in dix_main (argc=12, argv=0x7fffffffd9c8, envp=0x7fffffffda30)
+     at /home/lyudess/Projects/xserver/dix/main.c:250
+ #19 0x0000000000420cb2 in main (argc=12, argv=0x7fffffffd9c8, envp=0x7fffffffda30)
+    at /home/lyudess/Projects/xserver/dix/stubmain.c:34
+
+This appears to be the result of xwl_cursor_confined_to() and
+xwl_screen_get_default_seat(). While not against protocol, mutter ends
+up sending xdg_output before wl_seat. xwl_screen_get_default_seat()
+makes the naïve assumption that we always have a valid seat, we end up
+returning a pointer to the empty list itself instead of an actual seat
+and causing ourselves to segfault.
+
+So, actually return NULL in xwl_screen_get_default_seat() if the seat
+list is empty, and skip any pointer confinement processing in
+xwl_cursor_confined_to() when we don't have a seat setup yet.
+
+Signed-off-by: Lyude Paul <lyude@redhat.com>
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+(cherry picked from commit 98edb9a35e2cdd61355656b82975d7f2b6a9f0e6)
+---
+ hw/xwayland/xwayland.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
+index 0e7929715..d0bdf36a4 100644
+--- a/hw/xwayland/xwayland.c
++++ b/hw/xwayland/xwayland.c
+@@ -159,6 +159,9 @@ xwl_window_from_window(WindowPtr window)
+ static struct xwl_seat *
+ xwl_screen_get_default_seat(struct xwl_screen *xwl_screen)
+ {
++    if (xorg_list_is_empty(&xwl_screen->seat_list))
++        return NULL;
++
+     return container_of(xwl_screen->seat_list.prev,
+                         struct xwl_seat,
+                         link);
+@@ -218,6 +221,10 @@ xwl_cursor_confined_to(DeviceIntPtr device,
+     if (!xwl_seat)
+         xwl_seat = xwl_screen_get_default_seat(xwl_screen);
+ 
++    /* xwl_seat hasn't been setup yet, don't do anything just yet */
++    if (!xwl_seat)
++        return;
++
+     if (window == screen->root) {
+         xwl_seat_unconfine_pointer(xwl_seat);
+         return;
+-- 
+2.16.1
+

U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch

@@ -0,0 +1,99 @@
+From fe46cbea0f19959d469ca4d1f09be379dc7b1e45 Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Tue, 21 Nov 2017 14:45:13 +0100
+Subject: [PATCH xserver] =?UTF-8?q?xwayland:=20Give=20up=20=E2=80=9Ccleanl?=
+ =?UTF-8?q?y=E2=80=9C=20on=20Wayland=20socket=20errors?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Xwayland is a pretty standard Wayland client, we want to be able to
+capture core dumps on crashes.
+
+Yet using "-core" causes any FatalError() to generate a core dump,
+meaning that we would get a core file for all Wayland server crashes,
+which would generate a lot of false positives.
+
+Instead of using FatalError() on Wayland socket errors, give up cleanly
+to avoid dumping core files when "-core" is used.
+
+See also: https://bugzilla.gnome.org/show_bug.cgi?id=790502
+     and: https://bugzilla.gnome.org/show_bug.cgi?id=789086
+
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+---
+ hw/xwayland/xwayland.c | 26 +++++++++++++++++++++-----
+ 1 file changed, 21 insertions(+), 5 deletions(-)
+
+diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
+index 638022180..c5a3ae7ae 100644
+--- a/hw/xwayland/xwayland.c
++++ b/hw/xwayland/xwayland.c
+@@ -73,6 +73,22 @@ ddxBeforeReset(void)
+ }
+ #endif
+ 
++ _X_NORETURN
++static void _X_ATTRIBUTE_PRINTF(1, 2)
++xwl_give_up(const char *f, ...)
++{
++    va_list args;
++
++    va_start(args, f);
++    VErrorFSigSafe(f, args);
++    va_end(args);
++
++    CloseWellKnownConnections();
++    OsCleanup(TRUE);
++    fflush(stderr);
++    exit(1);
++}
++
+ void
+ ddxUseMsg(void)
+ {
+@@ -719,13 +735,13 @@ xwl_read_events (struct xwl_screen *xwl_screen)
+ 
+     ret = wl_display_read_events(xwl_screen->display);
+     if (ret == -1)
+-        FatalError("failed to read Wayland events: %s\n", strerror(errno));
++        xwl_give_up("failed to read Wayland events: %s\n", strerror(errno));
+ 
+     xwl_screen->prepare_read = 0;
+ 
+     ret = wl_display_dispatch_pending(xwl_screen->display);
+     if (ret == -1)
+-        FatalError("failed to dispatch Wayland events: %s\n", strerror(errno));
++        xwl_give_up("failed to dispatch Wayland events: %s\n", strerror(errno));
+ }
+ 
+ static int
+@@ -752,7 +768,7 @@ xwl_dispatch_events (struct xwl_screen *xwl_screen)
+            wl_display_prepare_read(xwl_screen->display) == -1) {
+         ret = wl_display_dispatch_pending(xwl_screen->display);
+         if (ret == -1)
+-            FatalError("failed to dispatch Wayland events: %s\n",
++            xwl_give_up("failed to dispatch Wayland events: %s\n",
+                        strerror(errno));
+     }
+ 
+@@ -761,13 +777,13 @@ xwl_dispatch_events (struct xwl_screen *xwl_screen)
+ pollout:
+     ready = xwl_display_pollout(xwl_screen, 5);
+     if (ready == -1 && errno != EINTR)
+-        FatalError("error polling on XWayland fd: %s\n", strerror(errno));
++        xwl_give_up("error polling on XWayland fd: %s\n", strerror(errno));
+ 
+     if (ready > 0)
+         ret = wl_display_flush(xwl_screen->display);
+ 
+     if (ret == -1 && errno != EAGAIN)
+-        FatalError("failed to write to XWayland fd: %s\n", strerror(errno));
++        xwl_give_up("failed to write to XWayland fd: %s\n", strerror(errno));
+ 
+     xwl_screen->wait_flush = (ready == 0 || ready == -1 || ret == -1);
+ }
+-- 
+2.14.3
+

U_xwayland-avoid-race-condition-on-new-keymap.patch

@@ -0,0 +1,42 @@
+From 16fd18479d2f617adf0e6de922586441be3808eb Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Fri, 15 Dec 2017 16:43:47 +0100
+Subject: [PATCH] xwayland: avoid race condition on new keymap
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When the Wayland compositor notifies of a new keymap, for the first X11
+client using the keyboard, the last slave keyboard used might still not
+be set (i.e. “lastSlave” is still NULL).
+
+As a result, the new keymap is not applied, and the first X11 window
+will have the wrong keymap set initially.
+
+Apply the new keymap to the master keyboard as long as there's one.
+
+Bugzilla: https://bugzilla.gnome.org/show_bug.cgi?id=791383
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+(cherry picked from commit 170c95978530f6373bdf4488116902b273f3abf4)
+---
+ hw/xwayland/xwayland-input.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c
+index f2564d5d3..d96e6f2a4 100644
+--- a/hw/xwayland/xwayland-input.c
++++ b/hw/xwayland/xwayland-input.c
+@@ -639,7 +639,7 @@ keyboard_handle_keymap(void *data, struct wl_keyboard *keyboard,
+     XkbDeviceApplyKeymap(xwl_seat->keyboard, xkb);
+ 
+     master = GetMaster(xwl_seat->keyboard, MASTER_KEYBOARD);
+-    if (master && master->lastSlave == xwl_seat->keyboard)
++    if (master)
+         XkbDeviceApplyKeymap(master, xkb);
+ 
+     XkbFreeKeyboard(xkb, XkbAllComponentsMask, TRUE);
+-- 
+2.16.1
+

U_xwayland-remove-dirty-window-unconditionally-on-unre.patch

@@ -0,0 +1,67 @@
+From f6cd99ed79c17e3aa04b8821d10ca95939bd8675 Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Wed, 24 Jan 2018 17:45:37 +0100
+Subject: [PATCH] xwayland: remove dirty window unconditionally on unrealize
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This is a rare occurrence of a crash in Xwayland for which I don't have
+the reproducing steps, just a core file.
+
+The backtrace looks as follow:
+
+  #0  raise () from /usr/lib64/libc.so.6
+  #1  abort () from /usr/lib64/libc.so.6
+  #2  OsAbort () at utils.c:1361
+  #3  AbortServer () at log.c:877
+  #4  FatalError () at log.c:1015
+  #5  OsSigHandler () at osinit.c:154
+  #6  <signal handler called>
+  #7  xwl_glamor_pixmap_get_wl_buffer () at xwayland-glamor.c:162
+  #8  xwl_screen_post_damage () at xwayland.c:514
+  #9  block_handler () at xwayland.c:665
+  #10 BlockHandler () at dixutils.c:388
+  #11 WaitForSomething () at WaitFor.c:219
+  #12 Dispatch () at dispatch.c:422
+  #13 dix_main () at main.c:287
+
+The crash is caused by dereferencing “xwl_pixmap->buffer” in
+xwl_glamor_pixmap_get_wl_buffer() because “xwl_pixmap” is NULL.
+
+Reason for this is because the corresponding pixmap is from the root
+window and xwayland is rootless by default.
+
+This can happen if the window was mapped, redirected, damaged and
+unredirected immediately, before the damage is processed by Xwayland.
+
+Make sure to remove the dirty window from the damage list on unrealize
+to prevent this from happening.
+
+Credit goes to Adam Jackson <ajax@nwnk.net> and Daniel Stone
+<daniel@fooishbar.org> for finding the root cause the issue.
+
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Reviewed-by: Daniel Stone <daniels@collabora.com>
+(cherry picked from commit 3362422e8413dd9f231cfac50ce0a0862525b1bf)
+---
+ hw/xwayland/xwayland.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c
+index 939f3392c..0e7929715 100644
+--- a/hw/xwayland/xwayland.c
++++ b/hw/xwayland/xwayland.c
+@@ -454,8 +454,7 @@ xwl_unrealize_window(WindowPtr window)
+         return ret;
+ 
+     wl_surface_destroy(xwl_window->surface);
+-    if (RegionNotEmpty(DamageRegion(xwl_window->damage)))
+-        xorg_list_del(&xwl_window->link_damage);
++    xorg_list_del(&xwl_window->link_damage);
+     DamageUnregister(xwl_window->damage);
+     DamageDestroy(xwl_window->damage);
+     if (xwl_window->frame_callback)
+-- 
+2.16.1
+

xorg-x11-server.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu Feb 22 10:54:41 UTC 2018 - fcrozat@suse.com
+
+- U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch,
+  U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch,
+  U_xwayland-avoid-race-condition-on-new-keymap.patch,
+  U_xwayland-remove-dirty-window-unconditionally-on-unre.patch:
+  * Various crash and bug fixes in XWayland server (bgo#791383,
+    bgo#790502).
+
 -------------------------------------------------------------------
 Fri Feb  9 15:13:00 UTC 2018 - sndirsch@suse.com
 

xorg-x11-server.spec

@@ -215,6 +215,11 @@ Patch215:       u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch
 Patch216:       u_os-inputthread-Force-unlock-when-stopping-thread.patch
 Patch217:       u_xfree86-add-default-modes-for-16-9-and-16-10.patch
 
+Patch300:       U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch
+Patch301:       U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch
+Patch302:       U_xwayland-avoid-race-condition-on-new-keymap.patch
+Patch303:       U_xwayland-remove-dirty-window-unconditionally-on-unre.patch
+
 Patch1000:      n_xserver-optimus-autoconfig-hack.patch
 
 Patch1162:      b_cache-xkbcomp-output-for-fast-start-up.patch
@@ -365,6 +370,11 @@ sh %{SOURCE92} --verify . %{SOURCE91}
 ### patch222 might not be applicable anymore
 #%patch1222 -p1
 
+%patch300 -p1
+%patch301 -p1
+%patch302 -p1
+%patch303 -p1
+
 %patch1301 -p1
 %patch1302 -p1
 %patch1303 -p1