On `ClipNotify()`, `present_clip_notify()` will possibly end up issuing a `flips_stop()` if `check_flip()` returns `FALSE`.
`present_wnmd_check_flip()` however can return `FALSE` in a variety of cases, before eventually checking with the driver's `check_flip2()` which in the case of `xwl_present_check_flip2()` makes sure that `xwl_window->present_window` is not `NULL`. Hence, if one of the preliminary conditions is not satisfied in `present_wnmd_check_flip()`, we may end up calling Xwayland's `xwl_present_flips_stop()` even though `xwl_window->present_window` is 'NULL', which will trigger an assertion failure and consequently a crash of Xwayland. A backtrace of such a case looks like: #0 __GI_raise (sig=sig@entry=6) #1 __GI_abort () at abort.c:79 #2 OsAbort () at utils.c:1350 #3 AbortServer () at log.c:877 #4 FatalError () at log.c:1015 #5 OsSigHandler () at osinit.c:156 #6 <signal handler called> #7 __GI_raise (sig=sig@entry=6) #8 __GI_abort () at abort.c:79 #9 __assert_fail_base () at assert.c:92 #10 __GI___assert_fail () at assert.c:101 #11 xwl_present_flips_stop () at xwayland-present.c:521 #12 present_wnmd_flips_stop () at present_wnmd.c:159 #13 present_wnmd_check_flip_window () at present_wnmd.c:332 #14 present_clip_notify () at present_screen.c:203 #15 compClipNotify () at compwindow.c:317 #16 miComputeClips () at mivaltree.c:478 #17 miValidateTree () at mivaltree.c:681 #18 MapWindow () at window.c:2699 #19 ReparentWindow () at window.c:2600 #20 ProcReparentWindow () at dispatch.c:829 #21 Dispatch () at dispatch.c:478 #22 dix_main () at main.c:276 #23 __libc_start_main () at ../csu/libc-start.c:308 #24 _start () In this case, a forensic examination of the core file showed that `present_wnmd_check_flip()` returned `FALSE` because `window->redirectDraw` was `RedirectDrawManual` and not the expected `RedirectDrawNone`. Signed-off-by: Olivier Fourdan <ofour...@redhat.com> --- See: https://lists.x.org/archives/xorg-devel/2018-September/057566.html hw/xwayland/xwayland-present.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hw/xwayland/xwayland-present.c b/hw/xwayland/xwayland-present.c index 316e04443..f77dc4d15 100644 --- a/hw/xwayland/xwayland-present.c +++ b/hw/xwayland/xwayland-present.c @@ -518,6 +518,9 @@ xwl_present_flips_stop(WindowPtr window) if (!xwl_window) return; + if (xwl_window->present_window == NULL) + return; + assert(xwl_window->present_window == window); xwl_window->present_window = NULL; -- 2.19.0 _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel