From e0dc5d47cb5f29deec495efd958fcd5f6f833389 Mon Sep 17 00:00:00 2001 From: Dima Ryazanov Date: Thu, 10 May 2018 00:53:38 -0700 Subject: [PATCH] Fix a crash when unlocking or unconfining a pointer In GNOME (but not in Weston), if a window loses focus, the client first receives the focus event, then the unlock/unconfine event. This causes toytoolkit to dereference a NULL window when unlocking or unconfining the pointer. To repro: - Run weston-confine - Click the window - Alt-Tab away from it Result: [1606837.869] wl_keyboard@19.modifiers(63944, 524352, 0, 0, 0) [1606837.926] wl_keyboard@19.leave(63945, wl_surface@15) [1606837.945] wl_pointer@18.leave(63946, wl_surface@15) [1606837.956] wl_pointer@18.frame() [1606837.961] zwp_confined_pointer_v1@26.unconfined() Segmentation fault (core dumped) To fix this, get the input from the window instead of the other way around. Signed-off-by: Dima Ryazanov Reviewed-by: Pekka Paalanen --- clients/window.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/clients/window.c b/clients/window.c index bcf2b017c..dee4455f1 100644 --- a/clients/window.c +++ b/clients/window.c @@ -286,6 +286,7 @@ struct window { confined_pointer_unconfined_handler_t pointer_unconfined_handler; struct zwp_confined_pointer_v1 *confined_pointer; + struct input *confined_input; struct widget *confined_widget; bool confined; @@ -4788,8 +4789,8 @@ static void locked_pointer_locked(void *data, struct zwp_locked_pointer_v1 *locked_pointer) { - struct input *input = data; - struct window *window = input->pointer_focus; + struct window *window = data; + struct input *input = window->locked_input; window->pointer_locked = true; @@ -4804,8 +4805,8 @@ static void locked_pointer_unlocked(void *data, struct zwp_locked_pointer_v1 *locked_pointer) { - struct input *input = data; - struct window *window = input->pointer_focus; + struct window *window = data; + struct input *input = window->locked_input; window_unlock_pointer(window); @@ -4860,7 +4861,7 @@ window_lock_pointer(struct window *window, struct input *input) ZWP_POINTER_CONSTRAINTS_V1_LIFETIME_ONESHOT); zwp_locked_pointer_v1_add_listener(locked_pointer, &locked_pointer_listener, - input); + window); window->locked_input = input; window->locked_pointer = locked_pointer; @@ -4902,8 +4903,8 @@ static void confined_pointer_confined(void *data, struct zwp_confined_pointer_v1 *confined_pointer) { - struct input *input = data; - struct window *window = input->pointer_focus; + struct window *window = data; + struct input *input = window->confined_input; window->confined = true; @@ -4918,8 +4919,8 @@ static void confined_pointer_unconfined(void *data, struct zwp_confined_pointer_v1 *confined_pointer) { - struct input *input = data; - struct window *window = input->pointer_focus; + struct window *window = data; + struct input *input = window->confined_input; window_unconfine_pointer(window); @@ -4984,8 +4985,9 @@ window_confine_pointer_to_rectangles(struct window *window, zwp_confined_pointer_v1_add_listener(confined_pointer, &confined_pointer_listener, - input); + window); + window->confined_input = input; window->confined_pointer = confined_pointer; window->confined_widget = NULL; @@ -5046,6 +5048,7 @@ window_unconfine_pointer(struct window *window) zwp_confined_pointer_v1_destroy(window->confined_pointer); window->confined_pointer = NULL; window->confined = false; + window->confined_input = NULL; } static void