From 683dd399a903e56356c12437dc193a2970dac3ad88ef6cb706d48b294709736b Mon Sep 17 00:00:00 2001 From: Stefan Dirsch Date: Thu, 22 Feb 2018 12:53:53 +0000 Subject: [PATCH] Accepting request 578983 from home:fcrozat:branches:X11:XOrg - U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch, U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch, U_xwayland-avoid-race-condition-on-new-keymap.patch, U_xwayland-remove-dirty-window-unconditionally-on-unre.patch: * Various crash and bug fixes in XWayland server (bgo#791383, bgo#790502). OBS-URL: https://build.opensuse.org/request/show/578983 OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=692 --- ...rocess-cursor-warping-without-an-xwl.patch | 92 +++++++++++++++++ ...-up-cleanly-on-Wayland-socket-errors.patch | 99 +++++++++++++++++++ ...d-avoid-race-condition-on-new-keymap.patch | 42 ++++++++ ...dirty-window-unconditionally-on-unre.patch | 67 +++++++++++++ xorg-x11-server.changes | 10 ++ xorg-x11-server.spec | 10 ++ 6 files changed, 320 insertions(+) create mode 100644 U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch create mode 100644 U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch create mode 100644 U_xwayland-avoid-race-condition-on-new-keymap.patch create mode 100644 U_xwayland-remove-dirty-window-unconditionally-on-unre.patch diff --git a/U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch b/U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch new file mode 100644 index 0000000..758bfb7 --- /dev/null +++ b/U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch @@ -0,0 +1,92 @@ +From e96bd477395af3c2c3157ebda0f55ea4b672a114 Mon Sep 17 00:00:00 2001 +From: Lyude Paul +Date: Tue, 6 Feb 2018 12:41:47 -0500 +Subject: [PATCH] xwayland: Don't process cursor warping without an xwl_seat +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Unfortunately, on my machine Xwayland immediately crashes when I try to +start it. gdb backtrace: + + #0 0x00007ffff74f0e79 in wl_proxy_marshal () from target:/lib64/libwayland-client.so.0 + #1 0x0000000000413172 in zwp_confined_pointer_v1_destroy (zwp_confined_pointer_v1=0x700000000) + at hw/xwayland/Xwayland@exe/pointer-constraints-unstable-v1-client-protocol.h:612 + #2 0x0000000000418bc0 in xwl_seat_destroy_confined_pointer (xwl_seat=0x8ba2a0) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2839 + #3 0x0000000000418c09 in xwl_seat_unconfine_pointer (xwl_seat=0x8ba2a0) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2849 + #4 0x0000000000410d97 in xwl_cursor_confined_to (device=0xa5a000, screen=0x8b9d80, window=0x9bdb70) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland.c:328 + #5 0x00000000004a8571 in ConfineCursorToWindow (pDev=0xa5a000, pWin=0x9bdb70, generateEvents=1, + confineToScreen=0) at /home/lyudess/Projects/xserver/dix/events.c:900 + #6 0x00000000004a94b7 in ScreenRestructured (pScreen=0x8b9d80) + at /home/lyudess/Projects/xserver/dix/events.c:1387 + #7 0x0000000000502386 in RRScreenSizeNotify (pScreen=0x8b9d80) + at /home/lyudess/Projects/xserver/randr/rrscreen.c:160 + #8 0x000000000041a83c in update_screen_size (xwl_output=0x8e7670, width=3840, height=2160) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:203 + #9 0x000000000041a9f0 in apply_output_change (xwl_output=0x8e7670) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:252 + #10 0x000000000041aaeb in xdg_output_handle_done (data=0x8e7670, xdg_output=0x8e7580) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-output.c:307 + #11 0x00007ffff50e9d1e in ffi_call_unix64 () at ../src/x86/unix64.S:76 + #12 0x00007ffff50e968f in ffi_call (cif=, fn=, rvalue=, + avalue=) at ../src/x86/ffi64.c:525 + #13 0x00007ffff74f3d8b in wl_closure_invoke () from target:/lib64/libwayland-client.so.0 + #14 0x00007ffff74f0928 in dispatch_event.isra () from target:/lib64/libwayland-client.so.0 + #15 0x00007ffff74f1be4 in wl_display_dispatch_queue_pending () from target:/lib64/libwayland-client.so.0 + #16 0x00007ffff74f200b in wl_display_roundtrip_queue () from target:/lib64/libwayland-client.so.0 + #17 0x0000000000418cad in InitInput (argc=12, argv=0x7fffffffd9c8) + at /home/lyudess/Projects/xserver/hw/xwayland/xwayland-input.c:2867 + #18 0x00000000004a20e3 in dix_main (argc=12, argv=0x7fffffffd9c8, envp=0x7fffffffda30) + at /home/lyudess/Projects/xserver/dix/main.c:250 + #19 0x0000000000420cb2 in main (argc=12, argv=0x7fffffffd9c8, envp=0x7fffffffda30) + at /home/lyudess/Projects/xserver/dix/stubmain.c:34 + +This appears to be the result of xwl_cursor_confined_to() and +xwl_screen_get_default_seat(). While not against protocol, mutter ends +up sending xdg_output before wl_seat. xwl_screen_get_default_seat() +makes the naïve assumption that we always have a valid seat, we end up +returning a pointer to the empty list itself instead of an actual seat +and causing ourselves to segfault. + +So, actually return NULL in xwl_screen_get_default_seat() if the seat +list is empty, and skip any pointer confinement processing in +xwl_cursor_confined_to() when we don't have a seat setup yet. + +Signed-off-by: Lyude Paul +Reviewed-by: Adam Jackson +(cherry picked from commit 98edb9a35e2cdd61355656b82975d7f2b6a9f0e6) +--- + hw/xwayland/xwayland.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 0e7929715..d0bdf36a4 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -159,6 +159,9 @@ xwl_window_from_window(WindowPtr window) + static struct xwl_seat * + xwl_screen_get_default_seat(struct xwl_screen *xwl_screen) + { ++ if (xorg_list_is_empty(&xwl_screen->seat_list)) ++ return NULL; ++ + return container_of(xwl_screen->seat_list.prev, + struct xwl_seat, + link); +@@ -218,6 +221,10 @@ xwl_cursor_confined_to(DeviceIntPtr device, + if (!xwl_seat) + xwl_seat = xwl_screen_get_default_seat(xwl_screen); + ++ /* xwl_seat hasn't been setup yet, don't do anything just yet */ ++ if (!xwl_seat) ++ return; ++ + if (window == screen->root) { + xwl_seat_unconfine_pointer(xwl_seat); + return; +-- +2.16.1 + diff --git a/U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch b/U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch new file mode 100644 index 0000000..9d4e367 --- /dev/null +++ b/U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch @@ -0,0 +1,99 @@ +From fe46cbea0f19959d469ca4d1f09be379dc7b1e45 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Tue, 21 Nov 2017 14:45:13 +0100 +Subject: [PATCH xserver] =?UTF-8?q?xwayland:=20Give=20up=20=E2=80=9Ccleanl?= + =?UTF-8?q?y=E2=80=9C=20on=20Wayland=20socket=20errors?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Xwayland is a pretty standard Wayland client, we want to be able to +capture core dumps on crashes. + +Yet using "-core" causes any FatalError() to generate a core dump, +meaning that we would get a core file for all Wayland server crashes, +which would generate a lot of false positives. + +Instead of using FatalError() on Wayland socket errors, give up cleanly +to avoid dumping core files when "-core" is used. + +See also: https://bugzilla.gnome.org/show_bug.cgi?id=790502 + and: https://bugzilla.gnome.org/show_bug.cgi?id=789086 + +Reviewed-by: Adam Jackson +Signed-off-by: Olivier Fourdan +--- + hw/xwayland/xwayland.c | 26 +++++++++++++++++++++----- + 1 file changed, 21 insertions(+), 5 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 638022180..c5a3ae7ae 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -73,6 +73,22 @@ ddxBeforeReset(void) + } + #endif + ++ _X_NORETURN ++static void _X_ATTRIBUTE_PRINTF(1, 2) ++xwl_give_up(const char *f, ...) ++{ ++ va_list args; ++ ++ va_start(args, f); ++ VErrorFSigSafe(f, args); ++ va_end(args); ++ ++ CloseWellKnownConnections(); ++ OsCleanup(TRUE); ++ fflush(stderr); ++ exit(1); ++} ++ + void + ddxUseMsg(void) + { +@@ -719,13 +735,13 @@ xwl_read_events (struct xwl_screen *xwl_screen) + + ret = wl_display_read_events(xwl_screen->display); + if (ret == -1) +- FatalError("failed to read Wayland events: %s\n", strerror(errno)); ++ xwl_give_up("failed to read Wayland events: %s\n", strerror(errno)); + + xwl_screen->prepare_read = 0; + + ret = wl_display_dispatch_pending(xwl_screen->display); + if (ret == -1) +- FatalError("failed to dispatch Wayland events: %s\n", strerror(errno)); ++ xwl_give_up("failed to dispatch Wayland events: %s\n", strerror(errno)); + } + + static int +@@ -752,7 +768,7 @@ xwl_dispatch_events (struct xwl_screen *xwl_screen) + wl_display_prepare_read(xwl_screen->display) == -1) { + ret = wl_display_dispatch_pending(xwl_screen->display); + if (ret == -1) +- FatalError("failed to dispatch Wayland events: %s\n", ++ xwl_give_up("failed to dispatch Wayland events: %s\n", + strerror(errno)); + } + +@@ -761,13 +777,13 @@ xwl_dispatch_events (struct xwl_screen *xwl_screen) + pollout: + ready = xwl_display_pollout(xwl_screen, 5); + if (ready == -1 && errno != EINTR) +- FatalError("error polling on XWayland fd: %s\n", strerror(errno)); ++ xwl_give_up("error polling on XWayland fd: %s\n", strerror(errno)); + + if (ready > 0) + ret = wl_display_flush(xwl_screen->display); + + if (ret == -1 && errno != EAGAIN) +- FatalError("failed to write to XWayland fd: %s\n", strerror(errno)); ++ xwl_give_up("failed to write to XWayland fd: %s\n", strerror(errno)); + + xwl_screen->wait_flush = (ready == 0 || ready == -1 || ret == -1); + } +-- +2.14.3 + diff --git a/U_xwayland-avoid-race-condition-on-new-keymap.patch b/U_xwayland-avoid-race-condition-on-new-keymap.patch new file mode 100644 index 0000000..a3722be --- /dev/null +++ b/U_xwayland-avoid-race-condition-on-new-keymap.patch @@ -0,0 +1,42 @@ +From 16fd18479d2f617adf0e6de922586441be3808eb Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Fri, 15 Dec 2017 16:43:47 +0100 +Subject: [PATCH] xwayland: avoid race condition on new keymap +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When the Wayland compositor notifies of a new keymap, for the first X11 +client using the keyboard, the last slave keyboard used might still not +be set (i.e. “lastSlave” is still NULL). + +As a result, the new keymap is not applied, and the first X11 window +will have the wrong keymap set initially. + +Apply the new keymap to the master keyboard as long as there's one. + +Bugzilla: https://bugzilla.gnome.org/show_bug.cgi?id=791383 +Signed-off-by: Olivier Fourdan +Reviewed-by: Peter Hutterer +Signed-off-by: Peter Hutterer +(cherry picked from commit 170c95978530f6373bdf4488116902b273f3abf4) +--- + hw/xwayland/xwayland-input.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c +index f2564d5d3..d96e6f2a4 100644 +--- a/hw/xwayland/xwayland-input.c ++++ b/hw/xwayland/xwayland-input.c +@@ -639,7 +639,7 @@ keyboard_handle_keymap(void *data, struct wl_keyboard *keyboard, + XkbDeviceApplyKeymap(xwl_seat->keyboard, xkb); + + master = GetMaster(xwl_seat->keyboard, MASTER_KEYBOARD); +- if (master && master->lastSlave == xwl_seat->keyboard) ++ if (master) + XkbDeviceApplyKeymap(master, xkb); + + XkbFreeKeyboard(xkb, XkbAllComponentsMask, TRUE); +-- +2.16.1 + diff --git a/U_xwayland-remove-dirty-window-unconditionally-on-unre.patch b/U_xwayland-remove-dirty-window-unconditionally-on-unre.patch new file mode 100644 index 0000000..51c9003 --- /dev/null +++ b/U_xwayland-remove-dirty-window-unconditionally-on-unre.patch @@ -0,0 +1,67 @@ +From f6cd99ed79c17e3aa04b8821d10ca95939bd8675 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Wed, 24 Jan 2018 17:45:37 +0100 +Subject: [PATCH] xwayland: remove dirty window unconditionally on unrealize +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is a rare occurrence of a crash in Xwayland for which I don't have +the reproducing steps, just a core file. + +The backtrace looks as follow: + + #0 raise () from /usr/lib64/libc.so.6 + #1 abort () from /usr/lib64/libc.so.6 + #2 OsAbort () at utils.c:1361 + #3 AbortServer () at log.c:877 + #4 FatalError () at log.c:1015 + #5 OsSigHandler () at osinit.c:154 + #6 + #7 xwl_glamor_pixmap_get_wl_buffer () at xwayland-glamor.c:162 + #8 xwl_screen_post_damage () at xwayland.c:514 + #9 block_handler () at xwayland.c:665 + #10 BlockHandler () at dixutils.c:388 + #11 WaitForSomething () at WaitFor.c:219 + #12 Dispatch () at dispatch.c:422 + #13 dix_main () at main.c:287 + +The crash is caused by dereferencing “xwl_pixmap->buffer” in +xwl_glamor_pixmap_get_wl_buffer() because “xwl_pixmap” is NULL. + +Reason for this is because the corresponding pixmap is from the root +window and xwayland is rootless by default. + +This can happen if the window was mapped, redirected, damaged and +unredirected immediately, before the damage is processed by Xwayland. + +Make sure to remove the dirty window from the damage list on unrealize +to prevent this from happening. + +Credit goes to Adam Jackson and Daniel Stone + for finding the root cause the issue. + +Signed-off-by: Olivier Fourdan +Reviewed-by: Daniel Stone +(cherry picked from commit 3362422e8413dd9f231cfac50ce0a0862525b1bf) +--- + hw/xwayland/xwayland.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 939f3392c..0e7929715 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -454,8 +454,7 @@ xwl_unrealize_window(WindowPtr window) + return ret; + + wl_surface_destroy(xwl_window->surface); +- if (RegionNotEmpty(DamageRegion(xwl_window->damage))) +- xorg_list_del(&xwl_window->link_damage); ++ xorg_list_del(&xwl_window->link_damage); + DamageUnregister(xwl_window->damage); + DamageDestroy(xwl_window->damage); + if (xwl_window->frame_callback) +-- +2.16.1 + diff --git a/xorg-x11-server.changes b/xorg-x11-server.changes index 76b0b01..a286e92 100644 --- a/xorg-x11-server.changes +++ b/xorg-x11-server.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Feb 22 10:54:41 UTC 2018 - fcrozat@suse.com + +- U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch, + U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch, + U_xwayland-avoid-race-condition-on-new-keymap.patch, + U_xwayland-remove-dirty-window-unconditionally-on-unre.patch: + * Various crash and bug fixes in XWayland server (bgo#791383, + bgo#790502). + ------------------------------------------------------------------- Fri Feb 9 15:13:00 UTC 2018 - sndirsch@suse.com diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index 36ac111..5fd3759 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -215,6 +215,11 @@ Patch215: u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch Patch216: u_os-inputthread-Force-unlock-when-stopping-thread.patch Patch217: u_xfree86-add-default-modes-for-16-9-and-16-10.patch +Patch300: U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch +Patch301: U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch +Patch302: U_xwayland-avoid-race-condition-on-new-keymap.patch +Patch303: U_xwayland-remove-dirty-window-unconditionally-on-unre.patch + Patch1000: n_xserver-optimus-autoconfig-hack.patch Patch1162: b_cache-xkbcomp-output-for-fast-start-up.patch @@ -365,6 +370,11 @@ sh %{SOURCE92} --verify . %{SOURCE91} ### patch222 might not be applicable anymore #%patch1222 -p1 +%patch300 -p1 +%patch301 -p1 +%patch302 -p1 +%patch303 -p1 + %patch1301 -p1 %patch1302 -p1 %patch1303 -p1