andreacavalli
/
xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
xserver-multidpi/Xi
History
Steven McDonald d7a2df0a74 Xi: block SIGIOs while copying device classes around 
I've been seeing sporadic (anywhere from once every few days to 3-4
times a day) crashes and freezes in X. The problematic behaviour isn't
always the same, but I chose a particular incident to debug, and found
that X was segfaulting in updateMotionHistory, on line 575 of
dix/getevents.c.

After some further investigation, I found that the bug was being
triggered when a SIGIO was received in DeepCopyPointerClasses, between
the AllocValuatorClass call (line 540) and updating the to->valuator
pointer (line 545). AllocValuatorClass calls realloc() on to->valuator,
so between these lines, it's not guaranteed to point to allocated
memory.

It seems the SIGIO handler is calling updateMotionHistory, which is
reading the memory pointed to by to->valuator and getting a wrong value
for last_motion, which updates buff to point to wildly the wrong place
and thus generates a segfault when a memcpy() is done into buff.

I am attaching a patch which I've been running on that machine for the
past three days, and haven't yet observed any more crashing or freezing
behaviour. The patch simply calls OsBlockSIGIO while
DeepCopyDeviceClasses is in progress, as the state of the X server's
device data structures is not guaranteed to be in a consistent state
during that time.

Debian bug#744303 <https://bugs.debian.org/744303>

Signed-off-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
 		2014-05-23 11:08:17 +10:00
..
Makefile.am Build Xi/stubs.c once as a convenience library, rather than once for each DDX which wants to use it 2014-03-27 14:09:43 +00:00
allowev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
allowev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgdctl.c Xi: always return BadMatch for XTest devices ChangeDeviceControl requests 2013-05-07 09:40:44 +10:00
chgdctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgfctl.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
chgfctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkbd.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkbd.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkmap.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
chgkmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgprop.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
chgprop.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgptr.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgptr.h Xi: Remove redundant declaration. 2012-05-14 13:17:30 +01:00
closedev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
closedev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
devbell.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
devbell.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
exevents.c Xi: block SIGIOs while copying device classes around 2014-05-23 11:08:17 +10:00
exglobals.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
extinit.c input: un-constify dev->name 2014-02-04 11:27:48 +10:00
getbmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getbmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getdctl.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getdctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getfctl.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getfctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getfocus.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getkmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getkmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getmmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getmmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getprop.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getprop.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getselev.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getselev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getvers.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getvers.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdev.c Xi: Use 'void *' instead of 'Pointer' (which is going away) 2014-01-22 19:56:31 -08:00
grabdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdevb.c Use C99 designated initializers in extension Events 2012-07-09 22:52:30 -07:00
grabdevb.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdevk.c Use C99 designated initializers in extension Events 2012-07-09 22:52:30 -07:00
grabdevk.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
gtmotion.c Fix formatting of address operators 2012-12-05 18:09:48 -06:00
gtmotion.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
listdev.c Xi: remove superfluous cast. 2014-02-04 10:53:59 +10:00
listdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
opendev.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
opendev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
queryst.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
queryst.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
selectev.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
selectev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
sendexev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
sendexev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setbmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
setbmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setdval.c Xi: always return BadMatch for XTest devices ChangeDeviceControl requests 2013-05-07 09:40:44 +10:00
setdval.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setfocus.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setmmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
setmmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setmode.c Xi: always return BadMatch for XTest devices ChangeDeviceControl requests 2013-05-07 09:40:44 +10:00
setmode.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
stubs.c Xi: make stub DeleteInputDeviceRequest call RemoveDevice 2012-05-24 14:57:11 +10:00
ungrdev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdevb.c dix: AllocGrab can copy if an argument is passed in 2013-05-10 14:32:37 +10:00
ungrdevb.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdevk.c dix: AllocGrab can copy if an argument is passed in 2013-05-10 14:32:37 +10:00
ungrdevk.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiallowev.c Xi: allow for XIAllowEvent requests larger than XI < 2.2 size (#68554) 2013-08-30 14:26:55 +10:00
xiallowev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xibarriers.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
xibarriers.h Xi: free barrier code at reset time 2013-05-07 09:41:19 +10:00
xichangecursor.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
xichangecursor.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xichangehierarchy.c Check for calloc() failure in add_master() 2014-01-25 18:54:16 +10:00
xichangehierarchy.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xigetclientpointer.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
xigetclientpointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xigrabdev.c Xi: fix swapped grab mode args for keyboard devices in XIGrabDevice 2013-04-15 10:21:48 +10:00
xigrabdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xipassivegrab.c Xi: check for invalid modifiers for XI2 passive grabs 2014-02-21 10:01:13 +10:00
xipassivegrab.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiproperty.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
xiproperty.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiquerydevice.c Fix formatting of address operators 2012-12-05 18:09:48 -06:00
xiquerydevice.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiquerypointer.c input: drop FP1616 macro 2012-11-19 12:12:23 +10:00
xiquerypointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiqueryversion.c Xi: Clamp XIClient maximal version to XIVersion 2013-08-01 14:51:41 +10:00
xiqueryversion.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiselectev.c Xi: fix touch event selction conflicts (#57301) 2012-12-12 17:25:16 +10:00
xiselectev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xisetclientpointer.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xisetclientpointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xisetdevfocus.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
xisetdevfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiwarppointer.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiwarppointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00