[directfb-dev] [PATCH] fusion: don't detach reaction if already removed from reactor

Thu, 21 Nov 2013 12:28:17 -0800 

Hi,

In DirectFB-single, event_dispatcher_loop() running in the dispatch thread 
could race
with fusion_reactor_detach() so that when the latter takes the reactor's lock 
it attempts
to retire an invalid reaction from the reactor which leads to a segmentation 
fault.
Checking if the reaction item it valid before calling direct_list_remove() 
fixes it.

The patch is for directfb-1.6 and fixes the attached 
dfb_window_allocation_test.c test.

Ilyes

#include <stdio.h>
#include <string.h>
#include <stdlib.h>

#include <directfb.h>
#include <idirectfb.h>
#include <display/idirectfbsurface.h>

/* TC_DIRECTFB_MEMLEAK_WINDOWS_32 */

int
main( int argc, char *argv[] )
{
     int                     i;
     DFBResult               ret;
     IDirectFB              *dfb;

     IDirectFBDisplayLayer  *layer;

     ret = DirectFBInit( &argc, &argv );
     if (ret)
          return -1;

     ret = DirectFBCreate( &dfb );
     if (ret)
          return -1;

     dfb->SetCooperativeLevel( dfb, DFSCL_EXCLUSIVE );

     dfb->GetDisplayLayer( dfb, DLID_PRIMARY, &layer );

     /* 100k iterations */
     for (i = 0; i < 1024 * 100; i++)
     {
         IDirectFBWindow *window;
         IDirectFBSurface *surface;

         DFBWindowDescription desc;

         memset( &desc, 0, sizeof( desc ) );

         desc.flags = DWDESC_CAPS | DWDESC_WIDTH | DWDESC_HEIGHT | 
DWDESC_PIXELFORMAT;
         desc.caps = DWCAPS_ALPHACHANNEL | DWCAPS_DOUBLEBUFFER;
         desc.width = 512;
         desc.height = 512;
         desc.pixelformat = DSPF_ARGB;

         ret = layer->CreateWindow( layer, &desc, &window );

         if (ret != DFB_OK)
             break;

         window->SetOpacity( window, 0 );

         window->Resize( window, rand() % 1024, rand() % 768 );
         window->SetOpacity( window, 255 );

         window->GetSurface( window, &surface );

         surface->Flip( surface, NULL, 0 );
         surface->Release( surface );

         window->Destroy( window );
         window->Release( window );

         printf("iteration: %d\n", i);
     }

     layer->Release( layer );

     dfb->Release( dfb );

     return (ret == DFB_OK) ? 0 : -1;
}

Attachment: 0001-fusion-don-t-detach-reaction-if-already-removed-from.patch
Description: 0001-fusion-don-t-detach-reaction-if-already-removed-from.patch

_______________________________________________
directfb-dev mailing list
directfb-dev@directfb.org
http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev

Reply via email to