If for some reason that errno is neither value (ENOMEM or
EINVAL), then prior to this patch, there would be a NULL
deref in wl_closure_lookup(...) at the "else if" conditional
when closure == NULL. Also, closure might not be NULL but still
fall into the block due to the wl_closure_lookup < 0 condition...
in that case, we need to destroy the closure to avoid a memory
leak.
Currently, wl_connection_demarshal only sets errno to ENOMEM
or EINVAL... we've already checked for ENOMEM so remove check
for EINVAL (just assume it). Also, call wl_closure_destroy(...)
unconditionally in the "else if" block (assume it can handle
NULL closure, too, which it does right now).
Signed-off-by: U. Artie Eoff <ullysses.a.eoff@intel.com>
This implements a simple fix for the blocking problem that occurs when
updating a timer event source after the timer expires, but before its
callback is dispatched. This can happen when another event happens during the
same epoll wakeup as the timer event, and causes the read() call in
wl_event_source_timer_dispatch() to block for the updated duration of the
timer.
We never want this read() call to block, so I believe it makes sense for the
timerfd to be non-blocking, and we simply ignore the case where the read fails
with EAGAIN. We still report all other errors as before, and still ignore the
actual value read from the socket.
With this change, the event_loop_timer_updates unit test case I submitted
previously now passes, and weston appears to work as before.
I've noticed a blocking problem in Wayland's event-loop code when updating
timer event sources. The problem occurs if you update the timer at a point
after is has expired, but before it has been dispatched, i.e. from an event
callback that happens during the same epoll wakeup.
When the timer is subsequently dispatched, wl_event_source_timer_dispatch
blocks for the duration of the new timeout in its call to read() from the
timer fd (which is the expected behaviour according to the man page for
timerfd_settime).
This isn't too uncommon a scenario - for example, a socket with an associated
timeout timer. You'd typically want to update the timer when reading from the
socket. This is how I noticed the issue, since I was setting a timeout of
1 minute, and saw my server blocking for this duration!
The following patch adds a (currently failing) test case to Wayland's
event-loop-test.c. It demonstrates the problem using two timers, which are
set to expire at the same time. The first timer to receive its expiry
callback updates the other timer with a much larger timeout, which then
causes the test to block for this timeout before calling the second timer's
callback.
As for a fix, I'm not so sure (which is why I thought I'd post the failing
test case first to show what I mean). I notice that it doesn't actually do
anything with the value read from the timerfd socket, which gives the number
of times the timer expired since the last read, or when the timer was last
updated (which blocks if the timer hasn't yet expired). I believe this value
should always read as 1 anyway, since we don't use periodic timers.
A simple fix would be to use the TFD_NONBLOCK option when creating the
timerfd, ensuring that the read call won't block. We'd then have to ignore
the case when the read returns EAGAIN.
If a message was too big to fit in the connection buffer, the code
in wl_buffer_put would just write past the end of it.
I haven't seen any real world use case that would trigger this bug, but
it was possible to trigger it by sending a long enough string to the
wl_data_source.offer request.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=69267
In order to set a logging function all the time, the output we get
needs to be useful. Logging about trivial things like the socket
we're using and when clients disconnect doesn't realy help anyone.
Solves this build error:
tests/fixed-benchmark.o: In function `benchmark':
./wayland/tests/fixed-benchmark.c:82: undefined reference to `clock_gettime'
./wayland/tests/fixed-benchmark.c:84: undefined reference to `clock_gettime'
Signed-off-by: Bryce Harrington <b.harrington@samsung.com>
"the callback event will arrive after the next output refresh" is wrong,
if you interpret "output refresh" as framebuffer flip or the moment when
the new pixels turn into light the first time. Weston has probably never
worked this way.
Weston triggers the frame callbacks when it submits repainting commands
to the GPU, which is before the framebuffer flip.
Strike the incorrect claim, and the rest of the paragraph which no
longer offers useful information.
As a replacement, expand on the "throttling and driving animations"
characteristic. The main purpose is to let clients animate at the
display refresh rate, while avoiding drawing frames that will never be
presented.
The new claim is that the server should give some time between
triggering frame callbacks and repainting itself, for clients to draw
and commit. This is somewhat intimate with the repaint scheduling
algorithm a compositor uses, but hopefully the right intention.
Another point of this update is to imply, that frame callbacks should
not be used to count compositor repaint cycles nor monitor refresh
cycles. It has never been guaranteed to work. Removing the mention of
frame callback without an attach hopefully discourages such use.
v2: Don't just remove a paragraph, but add useful information about the
request's intent.
v3: Specify the order of posting frame callbacks.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Cc: Axel Davy <axel.davy@ens.fr>
Cc: Jason Ekstrand <jason@jlekstrand.net>
I suppose the purpose was to print just one GEN line for each doxygen
rule being executed, not print the doxygen command.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
The doxygen.man make target was not a real file that was generated,
therefore the man page rule was ran on every make invocation. Replace it
with a real file that is produced by the man page rule.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Fixes the build failure where the protocol headers were not generated at
all before compiling src/.libs/libwayland_server_la-wayland-server.o.
The failure was reproducable by starting fresh with 'git clean -dxf' and
not having any wayland headers installed system-wide.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Same reason as commit cd31275f28b0a04d2ec5426dc81e875197b47e52 from weston:
The scanner needs to be good enough. If it crashes or fails to report
invalid input, that needs to get fixed.
In some cases, like Xwayland, stdout and stderr are redirected to
/dev/null, losing us valuable information, while wl_log can be
overridden, allowing us to send it to a log file instead. This
can help debugging immensely.
The code very intentionally emits a lot of redundant declarations
to simplify the scanner code. Somebody building with -Wredundant-decls
would have compile errors, so emit special pragmas to turn those
warnings off.
These pragmas should be ignored outside of gcc/clang.
errno is supposed to be positive, not negative. It seems that
everything else that calls display_fatal_error() calls it with
a positive error code, so do it here as well.
Clarify when the pending and current buffer transform and scale values
change, and what exactly happens on commit.
This matches what Weston currently does.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
The wl_display events (error and delete_id) need to be handled even
if the default queue doesn't get dispatched for a while. For example,
a busy EGL rendering loop hits wl_display.sync every eglSwapBuffers()
and we need to process the delete_id events to maintain the object ID
data structure.
As it is, that doesn't happen, but with this change we special case
wl_display events. We put them on a custom, private queue and when
dispatching events, we always dispatch display_queue events first.
The wl_display proxy should still be the default_queue, so that objects
created from wl_display requests get assigned to that.
The previous implementation of the wl_container_of macro was
dereferencing the sample pointer in order to get an address of the
member to calculate the offset. Ideally this shouldn't cause any
problems because the dereference doesn't actually cause the address to
be read from so it shouldn't matter if the pointer is uninitialised.
However this is probably technically invalid and could cause undefined
behavior. Clang appears to take advantage of this undefined behavior
and doesn't bother doing the subtraction. It also gives a warning when
it does this.
The documentation for wl_container_of implies that it should only be
given an initialised pointer and if that is done then there is no
problem with clang. However this is quite easy to forget and doesn't
cause any problems or warnings with gcc so it's quite easy to
accidentally break clang.
To fix the problem this changes the macro to use pointer -
offsetof(__typeof__(sample), member) so that it doesn't need to deref
the sample pointer. This does however require that the __typeof__
operator is supported by the compiler. In practice we probably only
care about gcc and clang and both of these happily support the
operator.
The previous implementation was also using __typeof__ but it had a
fallback path avoiding it when the operator isn't available. The
fallback effectively has undefined behaviour and it is targetting
unknown compilers so it is probably not a good idea to leave it in.
Instead, this patch just removes it. If someone finds a compiler that
doesn't have __typeof__ but does work with the old implementation then
maybe they could add it back in as a special case.
This patch removes the initialisation anywhere where the sample
pointer was being unitialised before using wl_container_of. The
documentation for the macro has also been updated to specify that this
is OK.
"data" is the name of the void* argument in the implementation.
While we probably shouldn't use such an easily-collidable name,
just rename the callback's argument to callback_data for now.
Even if nothing receives the even, the arguments still need to be valid.
The test is sending out event 0 from the wl_display interface, which is
the error event. This requires arg 0 to be a valid object and arg 2 to
be a non-null string. The test just leaves that undefined, causing
intermittent test failures.
As it is, the resource destroy test doesn't need to send an event to
validate the various resource destroy hooks, so we can just remove the
call to wl_resource_post_event() alltogether.
Thanks to Matt Turner <mattst88@gmail.com> for pointing out the failure.
Make it clear that multiple requests before commit are allowed and how it
is handled.
Signed-off-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Jasper St. Pierre <jstpierre@mecheye.net>
Clarify some semantics of wl_subsurface.place_below and
wl_subsurface.place_below that were not specified.
Signed-off-by: Jonas Ådahl <jadahl@gmail.com>
Reviewed-by: Jasper St. Pierre <jstpierre@mecheye.net>
