| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
https://bugs.freedesktop.org/show_bug.cgi?id=71633
|
|
Otherwise the tail of fds_in buffer would just shift beyond the beginning.
That confuses the actual request handler and results in a crash further on
due to corrupted tail.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
|
|
A bug in Weston's toytoolkit gave me an hour of debugging headaches.
Improve the error messages that we send if a client requests an invalid
global, either by name or by version.
|
|
The server requires clients to only allocate one ID ahead of the previously
highest ID in order to keep the ID range tight. Failure to do so will
make the server close the client connection. However, the way we allocate
new IDs is racy. The generated code looks like:
new_proxy = wl_proxy_create(...);
wl_proxy_marshal(proxy, ... new_proxy, ...);
If two threads do this at the same time, there's a chance that thread A
will allocate a proxy, then get pre-empted by thread B which then allocates
a proxy and then passes it to wl_proxy_marshal(). The ID for thread As
proxy will be one higher that the currently highest ID, but the ID for
thread Bs proxy will be two higher. But since thread B prempted thread A
before it could send its new ID, B will send its new ID first, the server
will see the ID from thread Bs proxy first, and will reject it.
We fix this by introducing wl_proxy_marshal_constructor(). This
function is identical to wl_proxy_marshal(), except that it will
allocate a wl_proxy for NEW_ID arguments and send it, all under the
display mutex. By introducing a new function, we maintain backwards
compatibility with older code from the generator, and make sure that
the new generated code has an explicit dependency on a new enough
libwayland-client.so.
A virtual Wayland merit badge goes to Kalle Vahlman, who tracked this
down and analyzed the issue.
Reported-by: Kalle Vahlman <kalle.vahlman@movial.com>
|
|
It would be possible to make the compositor leak file descriptors by
passing descriptors of open unmmapable files to it, such as /dev/null.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
|
|
It's not obvious that these functions are needed so it would be good
to have some documentation for them.
|
|
|
|
|
|
|
|
The generated code only support one new-id per request, since the stubs
return the new proxy. It's still possible to send requests with multiple
new-id arguments, but it must be done with
wl_proxy_marshal_array_constructor().
|
|
This is now public, stable API, so it seems prudent to actually document it.
|
|
Linux will let you mmap a region of a file that is larger than the
size of the file. If you then try to read from that region the process
will get a SIGBUS signal. Currently the clients can use this to crash
a compositor because it can create a pool and lie about the size of
the file which will cause the compositor to try and read past the end
of it. The compositor can't simply check the size of the file to
verify that it is big enough because then there is a race condition
where the client may truncate the file after the check is performed.
This patch adds the following two public functions in the server API
which can be used wrap access to an SHM buffer:
void wl_shm_buffer_begin_access(struct wl_shm_buffer *buffer);
void wl_shm_buffer_end_access(struct wl_shm_buffer *buffer);
The first time wl_shm_buffer_begin_access is called a signal handler
for SIGBUS will be installed. If the signal is caught then the buffer
for the current pool is remapped to an anonymous private buffer at the
same address which allows the compositor to continue without crashing.
The end_access function will then post an error to the buffer
resource.
The current pool is stored as part of some thread-local storage so
that multiple threads can safely independently access separate
buffers.
Eventually we may want to add some more API so that compositors can
hook into the signal handler or replace it entirely if they also want
to do some SIGBUS handling.
|
|
We had a mix of inconsistent names, some of which were non-conformant.
Standardize on all-uppercase-and-underscore naming convention.
https://bugs.freedesktop.org/show_bug.cgi?id=70679
|
|
Print usage if we don't recognize the invocation mode. Also fixes
uninitialized variable warning.
|
|
In wl_display_dispatch_queue, if poll fails then it would previously
return immediately and leak a reference in display->reader_count. Then
if the application ignores the error and tries to read again it will
block forever. This can happen for example if the poll fails with
EINTR which the application might consider to be a recoverable error.
This patch makes it cancel the read so the reader_count will be
decremented when poll fails.
|
|
Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
|
|
The errno is set to EAGAIN when there are undispatched events, according
to L1066 of wayland-client.c.
|
|
Prefer \comment over // in code blocks for consistency's sake and keep
variable definitions separated by a line from the rest of the body.
|
|
|
|
The old description was a bit vague; this commit hopefully improves
describing what is returned.
|
|
This is needed for doxygen to generate output for macro definitions, such
as wl_container_of, that are contained by this file. Classes like
wl_list would be documented regardless.
|
|
This commit adds a bit more detail on the lifecycle of a signal.
|
|
This patch takes Kristian's comments into account, adding a demonstration and
giving a more thorough idea of how wl_listener is used.
|
|
A version of wl_resource_for_each that is safe for iteration when items
in the list are removed.
|
|
|
|
|
|
This warning is unnecessary, since the pointer in question is only used
for pointer arithmetic, but setting it explicitly to NULL doesn't hurt.
|
|
If an interface has a destructor but no 'destroy' method we used to
not emit a destroy method. Now with the fix for missing destroy
requests for wl_pointer etc we need to emit the local wl_*_destroy
always.
|
|
This commit adds support for language bindings on the client half of the
library. The idea is the same as for server-side dispatchers.
Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
|
|
This commit adds support for server-side languages bindings. This is done
in two ways:
1. Adding a wl_resource_set_dispatcher function that corresponds to
wl_resource_set_interface. The only difference between the two functions
is that the new version takes a dispatcher along with the implementation,
data, and destructor. This allows for runtime calling of native language
functions for callbacks instead of having to generate function pointers.
2. Adding versions of wl_resource_post_event and wl_resource_queue_event
that take an array of wl_argument instead of a variable argument list.
This allows for easier run-time argument conversion and removes the need
for libffi-based calling of variadic functions.
Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
|
|
This is the mirror function to wl_proxy_add_listener and is useful
inside client libraries to differentiate events on listeners for which
multiple proxies have been created.
|
|
This macro allows you to correctly iterate through a list of resources
handling the opaque nature of this type.
|
|
Signed-off-by: Bryce Harrington <b.harrington@samsung.com>
|
|
|
|
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
wayland-scanner without arguments prints out usage. With help or --help it
waits for stdin to supply something which isn't quite as informative as
printing out the help.
This patch also moves the strcmp for args up to have all of them in one
location.
|
|
We just declare struct wl_display manually instead.
|
|
|
|
We we're using wl_event_loop_add_idle() here, but if we're failing
because of OOM, that will typically also fail. Instead, use the
existing client->error flag, which will break out of the event
handling loop and shut down the client.
|
|
If we can't allocate a closure, don't just silently continue. Set
client->error so we shut down the client when we're done processing events.
|
|
We're supposed to return number of events dispatched on success, not 0.
Refactor to avoid goto and just return ret.
|
|
Instead, return -1 on out-of-memory. errno will be set to ENOMEM by
the failing malloc.
|
|
Failing with an error message and error code is little nicer. I doubt we'll
hit this case much, but it makes the static analysis happy.
|
|
Functions like wl_argument_from_va_list expect from get_next_argument,
to initialize details->type but when the signature is empty or contains
only version (like in desktop-shell-protocol.c in weston) it is left
uninitialized.
This patch fixes it, by initializing details->type with '\0' value,
signaling end of arguments.
Signed-off-by: Mariusz Ceier <mceier+wayland@gmail.com>
|
|
|
|
We can't do that there, we have to make sure it stays a valid fd until
the application calls wl_display_disconnect(). Otherwise the application
may end up poll()ing on a stale or wrong fd in case another part of the
application (or another thread) triggered a fatal error.
|
|
Getting no data from the socket is not an error condition. This may
happen in case of calling prepare_read() and then read_events() with
no other pending readers and no data in the socket. In general,
read_events() may not queue up events in the given event queue. From
a given threads point of view it doesn't matter whether events were
read and put in a different event queue or no events were read at all.
|
|
If EOF is encountered while reading from the Wayland socket, make
wl_display_read_events() return -1 so that it will be treated as an
error. The documentation for this function states that it will set
errno when there is an error so it additionally makes up an errno of
EPIPE.
If we don't do this then when the compositor quits the Wayland socket
will be become ready for reading but wl_display_dispatch will do
nothing which typically makes the application take up 100% CPU. In
particular eglSwapBuffers will likely get stuck in an infinite busy
loop because it repeatedly calls wl_display_dispatch_queue while it
waits for the frame callback.
https://bugzilla.gnome.org/show_bug.cgi?id=703892
|
|
This patch introduces wl_global_create() and wl_global_destroy() as
replacements for wl_display_add_global() and wl_display_remove_global().
The add/remove_global API did not allow a compositor to indicate
the implemented version of a global, it just took the version from
the interface meta data. The problem is that the meta data
(which lives in libwayland-server.so) can get out of sync with a
compositor implementation. The compositor will then advertise a
higher version of a global than what it actually implements.
The new API lets a compositor pass in a version when it registers
a global, which solves the problem. The add/remove API is deprecated
with this patch and will be removed.
|
|
To allow user program to include wayland-scanner.m4 in tarball, move
the path variables from it into wayland-scanner.pc.
|
