Re: [PATCH v2] present: fix freed pointer access
() retHi,
On Fri, Sep 7, 2018 at 1:16 PM Olivier Fourdan wrote:
>
> > > On 04/09/2018 16:27, Roman Gilg wrote:
> > >
> > > Ok, I just got a failing assert in xwl_present_flips_stop with the patch
> > > when opening a context menu in Steam.
> > > Seems the xwl_present_flips_stop call is coming in too late now after the
> > > presenting window has already been
> > > changed.
>
> I fail to understand how that can be related to Lionel's patch though.
>
> The patch simply moves `present_vblank_notify()` before
> `present_wnmd_flips_stop()` in `present_wnmd_flip_notify()` whereas
> the assertion failure comes from an eniterly different code path, down
> from `present_clip_notify()` which calls
> `present_wnmd_check_flip_window()` which does:
> [...]
I've hit that assertion in xwl_present_flips_stop() as well, but the
backtrace is slightly different, it happened during a
XReparentWindow().
In order to make that email short enough, I've attached how I ended up
to the conclusion that there is a perfectly valid code path that can
lead to xwl_present_flips_stop() with xwl_window->present_window being
NULL and that will cause a crash.
Cheers,
Olivier
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x7f2182f24895 in __GI_abort () at abort.c:79
#2 0x005943f0 in OsAbort () at utils.c:1350
#3 0x00599689 in AbortServer () at log.c:877
#4 0x0059a4fd in FatalError (
f=f@entry=0x5c0770 "Caught signal %d (%s). Server aborting\n")
at log.c:1015
#5 0x005916f5 in OsSigHandler (signo=6, sip=,
unused=) at osinit.c:156
#6
#7 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#8 0x7f2182f24895 in __GI_abort () at abort.c:79
#9 0x7f2182f24769 in __assert_fail_base (
fmt=0x7f218308bea8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
assertion=0x5a6c18 "xwl_window->present_window == window",
file=0x5a6c03 "xwayland-present.c", line=521, function=)
at assert.c:92
#10 0x7f2182f329f6 in __GI___assert_fail (
assertion=assertion@entry=0x5a6c18 "xwl_window->present_window == window",
file=file@entry=0x5a6c03 "xwayland-present.c", line=line@entry=521,
function=function@entry=0x5a6c40 <__PRETTY_FUNCTION__.25116>
"xwl_present_flips_stop") at assert.c:101
#11 0x004395d5 in xwl_present_flips_stop (window=0x21be120)
at xwayland-present.c:521
#12 0x004f8be8 in present_wnmd_flips_stop (window=)
at present_wnmd.c:159
#13 0x004f8e55 in present_wnmd_check_flip_window (window=0x21be120)
at present_wnmd.c:332
#14 0x004f73f3 in present_clip_notify (window=0x21be120, dx=0, dy=0)
at present_screen.c:203
#15 0x00547d4f in compClipNotify (pWin=0x21be120, dx=0, dy=0)
at compwindow.c:317
#16 0x00480b2b in miComputeClips (pParent=pParent@entry=0x21be120,
pScreen=pScreen@entry=0xbbbf00, universe=universe@entry=0x7ffd04c4d1d0,
kind=kind@entry=VTMap, exposed=exposed@entry=0x7ffd04c4d1f0)
at mivaltree.c:478
#17 0x00481057 in miValidateTree (pParent=0x12c5ed0, pChild=0x21be120,
kind=) at mivaltree.c:681
#18 0x0058778a in MapWindow (pWin=0x21be120, client=0x1629a30)
at window.c:2699
#19 0x0058ab2c in ReparentWindow (pWin=0x21be120, pParent=0x12c5ed0,
x=, y=, client=client@entry=0x1629a30)
at window.c:2600
#20 0x009c in ProcReparentWindow (client=0x1629a30)
at dispatch.c:829
#21 0x0055b78e in Dispatch () at dispatch.c:478
#22 0x0055f7d6 in dix_main (argc=12, argv=0x7ffd04c4d4f8,
envp=) at main.c:276
#23 0x7f2182f26413 in __libc_start_main (main=0x42e300 , argc=12,
argv=0x7ffd04c4d4f8, init=, fini=,
rtld_fini=, stack_end=0x7ffd04c4d4e8)
at ../csu/libc-start.c:308
#24 0x0042e33e in _start ()
Unfortunately, the `xwl_window` has been optimized out, so I can't get to the
value of `xwl_window->present_window` in `xwl_present_flips_stop()`:
(gdb) f 11
#11 0x004395d5 in xwl_present_flips_stop (window=0x21be120)
at xwayland-present.c:521
521 assert(xwl_window->present_window == window);
(gdb) p xwl_window->present_window
value has been optimized out
Fortunately, we can recompute its value:
512 static void
513 xwl_present_flips_stop(WindowPtr window)
514 {
515 struct xwl_window *xwl_window = xwl_window_from_window(window);
516 struct xwl_present_window *xwl_present_window =
xwl_present_window_priv(window);
With xwl_window_from_window() being:
259 xwl_window_from_window(WindowPtr window)
260 {
261 struct xwl_window *xwl_window;
262
263 while (window) {
264 xwl_window = xwl_window_get(window);
265 if (xwl_window)
266 return xwl_window;
267
268 window = window->parent;
269 }
270
271 return NULL;
272 }
And xwl_window_get():
129 static struct xwl_window *
130 xwl_window_get(WindowPtr window)
131 {
132 return
Re: [PATCH v2] present: fix freed pointer access
Hi,
On Wed, Sep 5, 2018 at 1:13 PM Olivier Fourdan wrote:
> Hi,
> On Tue, Sep 4, 2018 at 6:28 PM Lionel Landwerlin
> wrote:
> >
> > Oh well...
> > I'm sure you'll be able to fix it faster than me :)
> >
> > -
> > Lionel
> >
> >
> [...]
>
> If I read bug 107314 correctly, the crash occurs after the window has
> been destroyed, so what about that other patch:
>
> https://patchwork.freedesktop.org/patch/247271/
>
> ** plus ** this patch below (just copied for testing purpose), does it
> fix your crash?
Sorry, that's unrelated, please ignore my last post...
So I agree with Lionel's v2 patch
(https://patchwork.freedesktop.org/patch/246007/) to fix the issue
with the use-after-free.
> > On 04/09/2018 16:27, Roman Gilg wrote:
> >
> > Ok, I just got a failing assert in xwl_present_flips_stop with the patch
> > when opening a context menu in Steam.
> > Seems the xwl_present_flips_stop call is coming in too late now after the
> > presenting window has already been
> > changed.
I fail to understand how that can be related to Lionel's patch though.
The patch simply moves `present_vblank_notify()` before
`present_wnmd_flips_stop()` in `present_wnmd_flip_notify()` whereas
the assertion failure comes from an eniterly different code path, down
from `present_clip_notify()` which calls
`present_wnmd_check_flip_window()` which does:
```
325 if (flip_pending) {
326 if (!present_wnmd_check_flip(flip_pending->crtc,
flip_pending->window, flip_pending->pixmap,
327 flip_pending->sync_flip, NULL, 0, 0, NULL))
328 present_wnmd_set_abort_flip(window);
329 } else if (flip_active) {
330 if (!present_wnmd_check_flip(flip_active->crtc,
flip_active->window, flip_active->pixmap,
331 flip_active->sync_flip, NULL,
0, 0, NULL))
332 present_wnmd_flips_stop(window);
333 }
```
`present_wnmd_check_flip()` calls `xwl_present_check_flip2()` which does:
```
424 * Do not flip if there is already another child window doing flips.
425 */
426 if (xwl_window->present_window &&
427 xwl_window->present_window != present_window)
428 return FALSE;
429
```
So here we end up with `assert(xwl_window->present_window == window)`
in `xwl_present_flips_stop()` when `present_wnmd_check_flip()` returns
FALSE, i.e. when `xwl_window->present_window != present_window`.
I'm confused :/
Cheers,
Olivier
___
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH v2] present: fix freed pointer access
Hi,
On Tue, Sep 4, 2018 at 6:28 PM Lionel Landwerlin
wrote:
>
> Oh well...
> I'm sure you'll be able to fix it faster than me :)
>
> -
> Lionel
>
> On 04/09/2018 16:27, Roman Gilg wrote:
>
> Ok, I just got a failing assert in xwl_present_flips_stop with the patch when
> opening a context menu in Steam. Seems the xwl_present_flips_stop call is
> coming in too late now after the presenting window has already been changed.
>
[...]
If I read bug 107314 correctly, the crash occurs after the window has
been destroyed, so what about that other patch:
https://patchwork.freedesktop.org/patch/247271/
** plus ** this patch below (just copied for testing purpose), does it
fix th your crash?
From 676597fcd6ee907f4d3f165dd0b5de746f7c8131 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan
Date: Wed, 5 Sep 2018 13:08:03 +0200
Subject: [PATCH xserver] xwayland: ignore sync callback if window is destroyed
If the window is destroyed, there is no need to send the vblank notify
event.
This should avoid a crash in present_vblank_notify()
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107314
Signed-off-by: Olivier Fourdan
---
hw/xwayland/xwayland-present.c | 4
1 file changed, 4 insertions(+)
diff --git a/hw/xwayland/xwayland-present.c b/hw/xwayland/xwayland-present.c
index 316e04443..b1751c846 100644
--- a/hw/xwayland/xwayland-present.c
+++ b/hw/xwayland/xwayland-present.c
@@ -276,6 +276,10 @@ xwl_present_sync_callback(void *data,
event->pending = FALSE;
+/* Is the window destroyed already ? */
+if (!xwl_present_window)
+return;
+
if (event->abort) {
/* Event might have been aborted */
if (event->buffer_released)
--
2.17.1
___
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH v2] present: fix freed pointer access
Oh well... I'm sure you'll be able to fix it faster than me :) - Lionel On 04/09/2018 16:27, Roman Gilg wrote: Ok, I just got a failing assert in xwl_present_flips_stop with the patch when opening a context menu in Steam. Seems the xwl_present_flips_stop call is coming in too late now after the presenting window has already been changed. #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x7f9f5a5f1801 in __GI_abort () at abort.c:79 #2 0x564a52bda52a in OsAbort () at ../../src/xserver/os/utils.c:1350 #3 0x564a52bdf733 in AbortServer () at ../../src/xserver/os/log.c:877 #4 0x564a52be0555 in FatalError (f=f@entry=0x564a52c21c70 "Caught signal %d (%s). Server aborting\n") at ../../src/xserver/os/log.c:1015 #5 0x564a52bd7613 in OsSigHandler (signo=6, sip=, unused=) at ../../src/xserver/os/osinit.c:156 #6 #7 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #8 0x7f9f5a5f1801 in __GI_abort () at abort.c:79 #9 0x7f9f5a5e139a in __assert_fail_base (fmt=0x7f9f5a7687d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x564a52c0d9e0 "xwl_window->present_window == window", file=file@entry=0x564a52c0d9a8 "../../src/xserver/hw/xwayland/xwayland-present.c", line=line@entry=516, function=function@entry=0x564a52c0da20 <__PRETTY_FUNCTION__.25179> "xwl_present_flips_stop") at assert.c:92 #10 0x7f9f5a5e1412 in __GI___assert_fail (assertion=assertion@entry=0x564a52c0d9e0 "xwl_window->present_window == window", file=file@entry=0x564a52c0d9a8 "../../src/xserver/hw/xwayland/xwayland-present.c", line=line@entry=516, function=function@entry=0x564a52c0da20 <__PRETTY_FUNCTION__.25179> "xwl_present_flips_stop") at assert.c:101 #11 0x564a52aa817b in xwl_present_flips_stop (window=0x564a544fda10) at ../../src/xserver/hw/xwayland/xwayland-present.c:516 #12 0x564a52b65968 in present_wnmd_flips_stop (window=out>) at ../../src/xserver/present/present_wnmd.c:159 #13 0x564a52b65bc5 in present_wnmd_check_flip_window (window=0x564a544fda10) at ../../src/xserver/present/present_wnmd.c:332 #14 0x564a52b642af in present_clip_notify (window=0x564a544fda10, dx=896, dy=471) at ../../src/xserver/present/present_screen.c:203 #15 0x564a52b3a422 in compClipNotify (pWin=0x564a544fda10, dx=896, dy=471) at ../../src/xserver/composite/compwindow.c:317 #16 0x564a52ae950a in miComputeClips (pParent=pParent@entry=0x564a544fda10, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9cb0, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:478 #17 0x564a52ae9833 in miComputeClips (pParent=pParent@entry=0x564a54868030, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9d60, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:428 #18 0x564a52ae9833 in miComputeClips (pParent=pParent@entry=0x564a54867ea0, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9e10, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:428 #19 0x564a52ae9ab3 in miValidateTree (pParent=0x564a53fb0570, pChild=0x564a54867ea0, kind=) at ../../src/xserver/mi/mivaltree.c:681 #20 0x564a52af08a1 in miResizeWindow (pWin=0x564a54867ea0, x=896, y=471, w=, h=, pSib=0x0) at ../../src/xserver/mi/miwindow.c:467 #21 0x564a52b3 in compResizeWindow (pWin=0x564a54867ea0, x=, y=, w=, h=, pSib=) at ../../src/xserver/composite/compwindow.c:407 #22 0x564a52b31144 in ConfigureWindow (pWin=, mask=, vlist=vlist@entry=0x564a5420c620, client=client@entry=0x564a542020c0) at ../../src/xserver/dix/window.c:2422 #23 0x564a52b00469 in ProcConfigureWindow (client=0x564a542020c0) at ../../src/xserver/dix/dispatch.c:916 #24 0x564a52b06178 in Dispatch () at ../../src/xserver/dix/dispatch.c:478 #25 0x564a52b0a178 in dix_main (argc=6, argv=0x7fff351da2a8, envp=) at ../../src/xserver/dix/main.c:276 #26 0x7f9f5a5d2b97 in __libc_start_main (main=0x564a52a9cf30 , argc=6, argv=0x7fff351da2a8, init=, fini=, rtld_fini=, stack_end=0x7fff351da298) at ../csu/libc-start.c:310 #27 0x564a52a9cf6a in _start () ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH v2] present: fix freed pointer access
Ok, I just got a failing assert in xwl_present_flips_stop with the patch when opening a context menu in Steam. Seems the xwl_present_flips_stop call is coming in too late now after the presenting window has already been changed. > #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x7f9f5a5f1801 in __GI_abort () at abort.c:79 #2 0x564a52bda52a in OsAbort () at ../../src/xserver/os/utils.c:1350 #3 0x564a52bdf733 in AbortServer () at ../../src/xserver/os/log.c:877 #4 0x564a52be0555 in FatalError (f=f@entry=0x564a52c21c70 "Caught signal %d (%s). Server aborting\n") at ../../src/xserver/os/log.c:1015 #5 0x564a52bd7613 in OsSigHandler (signo=6, sip=, unused=) at ../../src/xserver/os/osinit.c:156 #6 #7 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #8 0x7f9f5a5f1801 in __GI_abort () at abort.c:79 #9 0x7f9f5a5e139a in __assert_fail_base (fmt=0x7f9f5a7687d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x564a52c0d9e0 "xwl_window->present_window == window", file=file@entry=0x564a52c0d9a8 "../../src/xserver/hw/xwayland/xwayland-present.c", line=line@entry=516, function=function@entry=0x564a52c0da20 <__PRETTY_FUNCTION__.25179> "xwl_present_flips_stop") at assert.c:92 #10 0x7f9f5a5e1412 in __GI___assert_fail (assertion=assertion@entry=0x564a52c0d9e0 "xwl_window->present_window == window", file=file@entry=0x564a52c0d9a8 "../../src/xserver/hw/xwayland/xwayland-present.c", line=line@entry=516, function=function@entry=0x564a52c0da20 <__PRETTY_FUNCTION__.25179> "xwl_present_flips_stop") at assert.c:101 #11 0x564a52aa817b in xwl_present_flips_stop (window=0x564a544fda10) at ../../src/xserver/hw/xwayland/xwayland-present.c:516 #12 0x564a52b65968 in present_wnmd_flips_stop (window=) at ../../src/xserver/present/present_wnmd.c:159 #13 0x564a52b65bc5 in present_wnmd_check_flip_window (window=0x564a544fda10) at ../../src/xserver/present/present_wnmd.c:332 #14 0x564a52b642af in present_clip_notify (window=0x564a544fda10, dx=896, dy=471) at ../../src/xserver/present/present_screen.c:203 #15 0x564a52b3a422 in compClipNotify (pWin=0x564a544fda10, dx=896, dy=471) at ../../src/xserver/composite/compwindow.c:317 #16 0x564a52ae950a in miComputeClips (pParent=pParent@entry=0x564a544fda10, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9cb0, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:478 #17 0x564a52ae9833 in miComputeClips (pParent=pParent@entry=0x564a54868030, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9d60, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:428 #18 0x564a52ae9833 in miComputeClips (pParent=pParent@entry=0x564a54867ea0, pScreen=pScreen@entry=0x564a53de3970, universe=universe@entry=0x7fff351d9e10, kind=kind@entry=VTOther, exposed=exposed@entry=0x7fff351d9e30) at ../../src/xserver/mi/mivaltree.c:428 #19 0x564a52ae9ab3 in miValidateTree (pParent=0x564a53fb0570, pChild=0x564a54867ea0, kind=) at ../../src/xserver/mi/mivaltree.c:681 #20 0x564a52af08a1 in miResizeWindow (pWin=0x564a54867ea0, x=896, y=471, w=, h=, pSib=0x0) at ../../src/xserver/mi/miwindow.c:467 #21 0x564a52b3 in compResizeWindow (pWin=0x564a54867ea0, x=, y=, w=, h=, pSib=) at ../../src/xserver/composite/compwindow.c:407 #22 0x564a52b31144 in ConfigureWindow (pWin=, mask=, vlist=vlist@entry=0x564a5420c620, client=client@entry=0x564a542020c0) at ../../src/xserver/dix/window.c:2422 #23 0x564a52b00469 in ProcConfigureWindow (client=0x564a542020c0) at ../../src/xserver/dix/dispatch.c:916 #24 0x564a52b06178 in Dispatch () at ../../src/xserver/dix/dispatch.c:478 #25 0x564a52b0a178 in dix_main (argc=6, argv=0x7fff351da2a8, envp=) at ../../src/xserver/dix/main.c:276 #26 0x7f9f5a5d2b97 in __libc_start_main (main=0x564a52a9cf30 , argc=6, argv=0x7fff351da2a8, init=, fini=, rtld_fini=, stack_end=0x7fff351da298) at ../csu/libc-start.c:310 #27 0x564a52a9cf6a in _start () ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH v2] present: fix freed pointer access
So I have it running now without problems for a few days. I tested it once with CS:GO and Hitman and there were no crashes. I can't test the suspend recovery because this is currently not working due to a problem in KWin. Tested-by: Roman Gilg ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH v2] present: fix freed pointer access
On Mon, Aug 27, 2018 at 2:06 AM Lionel Landwerlin < lionel.g.landwer...@intel.com> wrote: > v2: Still notify aborted flips (Roman) I also want to test it later this week when I've finished some other work, but for now: Reviewed-by: Roman Gilg ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
[PATCH v2] present: fix freed pointer access
When a vblank has been marked as aborted, it's going to be free in the flip_notify function when stopped. We can't notify it after it's stopped because the pointer is invalid. Valgrind backtrace: ==5331== Invalid read of size 8 ==5331==at 0x212B4D: present_vblank_notify (present_vblank.c:34) ==5331==by 0x21439B: present_wnmd_flip_notify (present_wnmd.c:194) ==5331==by 0x21439B: present_wnmd_event_notify (present_wnmd.c:228) ==5331==by 0x156216: xwl_present_sync_callback (xwayland-present.c:282) ==5331==by 0x6570FCD: ffi_call_unix64 (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4) ==5331==by 0x657093E: ffi_call (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4) ==5331==by 0x4DDB183: ??? (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x4DD79D8: ??? (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x4DD8EA3: wl_display_dispatch_queue_pending (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x14BCCA: xwl_read_events (xwayland.c:814) ==5331==by 0x2AC0D0: ospoll_wait (ospoll.c:651) ==5331==by 0x2A5322: WaitForSomething (WaitFor.c:208) ==5331==by 0x27574B: Dispatch (dispatch.c:421) ==5331== Address 0x1b44dc98 is 40 bytes inside a block of size 184 free'd ==5331==at 0x48369EB: free (vg_replace_malloc.c:530) ==5331==by 0x213B0A: present_wnmd_free_idle_vblanks (present_wnmd.c:118) ==5331==by 0x213B0A: present_wnmd_flips_stop (present_wnmd.c:161) ==5331==by 0x2143EF: present_wnmd_flip_notify (present_wnmd.c:192) ==5331==by 0x2143EF: present_wnmd_event_notify (present_wnmd.c:228) ==5331==by 0x156216: xwl_present_sync_callback (xwayland-present.c:282) ==5331==by 0x6570FCD: ffi_call_unix64 (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4) ==5331==by 0x657093E: ffi_call (in /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4) ==5331==by 0x4DDB183: ??? (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x4DD79D8: ??? (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x4DD8EA3: wl_display_dispatch_queue_pending (in /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0) ==5331==by 0x14BCCA: xwl_read_events (xwayland.c:814) ==5331==by 0x2AC0D0: ospoll_wait (ospoll.c:651) ==5331==by 0x2A5322: WaitForSomething (WaitFor.c:208) ==5331== Block was alloc'd at ==5331==at 0x48377D5: calloc (vg_replace_malloc.c:711) ==5331==by 0x212D9F: present_vblank_create (present_vblank.c:69) ==5331==by 0x214014: present_wnmd_pixmap (present_wnmd.c:610) ==5331==by 0x21576C: proc_present_pixmap (present_request.c:150) ==5331==by 0x27599D: Dispatch (dispatch.c:479) ==5331==by 0x279945: dix_main (main.c:276) ==5331==by 0x633AB16: (below main) (libc-start.c:310) v2: Still notify aborted flips (Roman) Signed-off-by: Lionel Landwerlin Reviewed-by: Daniel Stone Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107314 --- present/present_wnmd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/present/present_wnmd.c b/present/present_wnmd.c index 80ffb014e..a26a54f6a 100644 --- a/present/present_wnmd.c +++ b/present/present_wnmd.c @@ -188,10 +188,11 @@ present_wnmd_flip_notify(present_vblank_ptr vblank, uint64_t ust, uint64_t crtc_ window_priv->flip_active = vblank; window_priv->flip_pending = NULL; +present_vblank_notify(vblank, PresentCompleteKindPixmap, PresentCompleteModeFlip, ust, crtc_msc); + if (vblank->abort_flip) present_wnmd_flips_stop(window); -present_vblank_notify(vblank, PresentCompleteKindPixmap, PresentCompleteModeFlip, ust, crtc_msc); present_wnmd_flip_try_ready(window); } -- 2.18.0 ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
