| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
On Linux the signal will be immediately visible in the epoll_wait() call.
However, on FreeBSD we may need a small delay between kill() call and the
signal being visible to the kevent() call. This sometimes happens when the
signal processing and kevent processing runs on different CPUs in the
kernel, so becomes more likely when the system is under load (e.g. running
all tests in parallel).
See https://github.com/jiixyj/epoll-shim/pull/32
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
|
| |
If we are compiling against a version of FreeBSD where MSG_CMSG_CLOEXEC
does not work, use the fallback directly. This was only fixed recently
(in https://cgit.freebsd.org/src/commit/?id=6ceacebdf52211).
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
|
| |
This allows running the tests on FreeBSD without mounting fdescfs.
Previously you had to run `mount -t fdescfs -o linrdlnk null /dev/fd` to
get file descriptors >=3 listed in /dev/fd.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
| |
FreeBSD provides a PROC_TRACE_STATUS procctl(2) to detect this directly.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
| |
/dev/fd exists on all operating systems I can test (Linux, FreeBSD, macOS),
whereas /proc/self/fd only appears to exist on Linux.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
|
| |
FreeBSD does not provide epoll(7) and instead requires an external library,
epoll-shim, that implements epoll() using kqueue(2)
Co-authored-by: Jan Beich <jbeich@FreeBSD.org>
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
|
| |
On some systems (e.g. FreeBSD with the latest epoll-shim), fcntl is
declared as a macro instead of a function. Wrap the definition here in
parantheses to avoid function-macro expansion.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
|
| |
|
|
|
|
|
| |
Destroy our custom global object at end of run so we no longer "leak"
it.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the new flagged marshal+destroy function in generated code.
It's intended as a replacement for all existing wl_proxy_marshal_*
functions, so I've used it to replace them all. This results in a large
update to the scanner test files as well.
We now pass the new WL_MARSHAL_FLAG_DESTROY flag when appropriate, so
the race condition in #86 caused by releasing the display mutex between
marshalling the proxy and destroying the proxy is now gone.
Fixes #86
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sanitizers need to intercept syscalls in the compiler run-time library, as
do these tests. We try to make this work by using dlsym(RTLD_NEXT) to find
the next definition in the chain, but here this approach won't work because
the compiler run-time library is linked into the same elf object as the test
interceptors are.
The sanitizer library supports this by giving the intercept functions a
prefix and making them only weakly alias the real names, so our interceptors
can call the sanitizers interceptors explicitly, which will then use dlsym
to call the real function.
By making our declarations of the sanitizer interceptor function weak we can
handle any combination of intercepts (including none, if there is no
sanitizer). If our declaration is resolves to a NULL pointer, we just use
dlsym.
Signed-off-by: Fergus Dall <sidereal@google.com>
|
| |
|
|
|
|
|
|
|
| |
The connection_demarshal test writes a 10 byte string into a wayland message,
but doesn't pad it out to a four byte boundary. This leads to the last 32-bit
word of the message being partially uninitialized, which triggers an msan
violation when the message is written to the socket.
Signed-off-by: Fergus Dall <sidereal@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for_each_helper tries to calculate a one-past-the-end pointer for its
wl_array input. This is fine when the array has one or more entries, but we
initialize arrays by setting wl_array.data to NULL. Pointer arithmetic is
only defined when both the pointer operand and the result point to the same
allocation, or one-past-the-end of that allocation. As NULL points to no
allocation, no pointer arithmetic can be performed on it, not even adding 0,
even if the result is never dereferenced.
This is caught by clang's ubsan from version 10.
Many tests already hit this case, but I added an explicit test for iterating
over an empty wl_map.
Signed-off-by: Fergus Dall <sidereal@google.com>
|
| |
|
|
|
|
|
|
|
| |
This previously would have caused a memory leak and incorrect
comments.
Signed-off-by: James Legg <lankyleggy@gmail.com>
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
|
| |
|
|
|
|
|
|
| |
Currently a null string passed into a non-nullable argument of a message
will decode succesfully, probably resulting in the handler function
crashing. Instead treat it the same way we do non-nullable objects and ids.
Signed-off-by: Fergus Dall <sidereal@google.com>
|
| |
|
|
|
|
|
|
|
|
| |
In these tests, message sizes are inconsistently encoded in either the upper
or lower 16 bits of the second word of the message. Resolve this in favour
of using the upper 16 bits, as this is how messages are supposed to be
encoded, even though that aspect of message decoding isn't being tested
here.
Signed-off-by: Fergus Dall <sidereal@google.com>
|
| |
|
|
| |
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can't just unconditionally read the optional arguments (and also read
it as a void* despite actually being an int).
While this happens to work on most architectures because the first few
variadic arguments are passed in registers, this is non-portable and
causes a crash on architectures that set bounds on variadic function
arguments (for example CHERI-enabled architectures). It could also cause
problems on big-endian architectures that pass variadic arguments on the
stack rather than in registers.
For CHERI-MIPS, reading sizeof(void*) causes a read of 16 bytes from the
bounded varargs capability. This always crashes since even calls with the
optional argument only have 4 bytes available.
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
| |
This is already done in autotools, and fixes the build with glibc < 2.17.
Signed-off-by: Loïc Yhuel <loic.yhuel@softathome.com>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This is the style used in wayland.xml which is the only file we really
care about for git blame information. So let's adjust all others to that
style for consistency and fix editorconfig to avoid messing this up in
the future.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows to include client and server headers in the same file
fixing warnings like
In file included from ../subprojects/wlroots/include/wlr/types/wlr_layer_shell_v1.h:16,
from ../src/desktop.h:16,
from ../src/server.h:13,
from ../tests/testlib.c:8:
tests/59830eb@@footest@sta/wlr-layer-shell-unstable-v1-protocol.h:80:34: warning: redundant redeclaration of ‘zwlr_layer_shell_v1_interface’ [-Wredundant-decls]
80 | extern const struct wl_interface zwlr_layer_shell_v1_interface;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../tests/testlib.h:8,
from ../tests/testlib.c:7:
tests/59830eb@@footest@sta/wlr-layer-shell-unstable-v1-client-protocol.h:77:34: note: previous declaration of ‘zwlr_layer_shell_v1_interface’ was here
77 | extern const struct wl_interface zwlr_layer_shell_v1_interface;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../subprojects/wlroots/include/wlr/types/wlr_layer_shell_v1.h:16,
from ../src/desktop.h:16,
from ../src/server.h:13,
from ../tests/testlib.c:8:
tests/59830eb@@footest@sta/wlr-layer-shell-unstable-v1-protocol.h:106:34: warning: redundant redeclaration of ‘zwlr_layer_surface_v1_interface’ [-Wredundant-decls]
106 | extern const struct wl_interface zwlr_layer_surface_v1_interface;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../tests/testlib.h:8,
from ../tests/testlib.c:7:
tests/59830eb@@footest@sta/wlr-layer-shell-unstable-v1-client-protocol.h:103:34: note: previous declaration of ‘zwlr_layer_surface_v1_interface’ was here
103 | extern const struct wl_interface zwlr_layer_surface_v1_interface;
Signed-off-by: Guido Günther <agx@sigxcpu.org>
Closes: #158
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wayland requires a binary, wayland-scanner, to be run during the build
process. For any configuration other than native builds (including
cross compiling and even 32-bit x86 builds on an x86-64 build machine)
Wayland's build process builds and uses its own wayland-scanner.
For any builds using a cross file, wayland-scanner is built for the host
machine and therefore cannot be executed during the build of the Wayland
libraries. Instead builds using a cross file must execute the build
machine's wayland-scanner (typically /usr/bin/wayland-scanner).
As such, to build Wayland's libraries for a non-native ABI a package
manager must build and install /usr/bin/wayland-scanner first. But then
the build for the native ABI then rebuilds wayland-scanner itself and
doesn't use the system's, and worse, wants to install its own, which
conflicts with the /usr/bin/wayland-scanner already installed!
So, add the -Dscanner=... option to control whether to install
wayland-scanner.
Signed-off-by: Matt Turner <mattst88@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In file included from ../tests/connection-test.c:43:
In file included from ../tests/test-compositor.h:30:
../src/wayland-client.h:40:10: fatal error: 'wayland-client-protocol.h' file not found
#include "wayland-client-protocol.h"
^~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../tests/display-test.c:45:
In file included from ../src/wayland-server.h:104:
src/wayland-server-protocol.h:4454:2: error: unterminated /* comment
/**
^
In file included from ../tests/cpp-compile-test.cpp:2:
In file included from src/wayland-server-protocol.h:8:
In file included from ../src/wayland-server.h:104:
src/wayland-server-protocol.h:3:2: error: unterminated conditional directive
#ifndef WAYLAND_SERVER_PROTOCOL_H
^
../tests/headers-protocol-test.c:33:2: error: including wayland-server-protocol.h did not include wayland-server.h!
#error including wayland-server-protocol.h did not include wayland-server.h!
^
In file included from ../tests/headers-protocol-test.c:26:
In file included from src/wayland-client-protocol.h:8:
In file included from ../src/wayland-client.h:40:
src/wayland-client-protocol.h:1358:2: error: unterminated conditional directive
#ifndef WL_SHM_FORMAT_ENUM
^
In file included from ../tests/protocol-logger-test.c:34:
In file included from ../src/wayland-client.h:40:
src/wayland-client-protocol.h:2613:1: error: unterminated /* comment
/**
^
../tests/resources-test.c:49:36: error: use of undeclared identifier 'wl_seat_interface'
res = wl_resource_create(client, &wl_seat_interface, 4, 0);
^
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running tests with ASan, proxy-test fails at the proxy_tag test:
==27843==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f65a732dada in __interceptor_malloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:144
#1 0x7f65a71cb3ea in wl_display_add_protocol_logger src/wayland-server.c:1813
#2 0x557c640c0980 in proxy_tag tests/proxy-test.c:104
#3 0x557c640c1159 in run_test tests/test-runner.c:153
#4 0x557c640c1e2e in main tests/test-runner.c:337
#5 0x7f65a6ea0ee2 in __libc_start_main (/usr/lib/libc.so.6+0x26ee2)
SUMMARY: AddressSanitizer: 32 byte(s) leaked in 1 allocation(s).
Destroying the logger fixes the leak.
Signed-off-by: Simon Ser <contact@emersion.fr>
Fixes: 493ab79bd2cd ("proxy: Add API to tag proxy objects")
|
| |
|
|
|
|
|
|
| |
The new test verifies that, for a set of timers and a short sequence
of timer update calls, when the event loop is run the timer callbacks
are run in the expected order.
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This change expands the `event_loop_timer` test to use two different
timers with different timeouts; it now implicitly checks that e.g.
both timers do not expire at the same time, and that the first timer
expiring does not prevent the second from doing so. (While such failure
modes are unlikely with timer event sources based on individual
timerfds, they are possible when multiple timers share a common timerfd.)
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The implementation of timer event sources based on timerfds ensured
specific edge-case behavior with regards to removing and updating timers:
Calls to `wl_event_loop_dispatch` will dispatch all timer event sources
that have expired up to that point, with one exception. When multiple
timer event sources are due to be dispatched in a single call of
`wl_event_loop_dispatch`, calling wl_event_source_remove` from within a
timer event source callback will prevent the removed event source's
callback from being called. Note that disarming or updating one of the
later timers that is due to be dispatched, from within a timer callback,
will NOT prevent that timer's callback from being invoked by
`wl_event_loop_dispatch`.
This commit adds a test that verifies the above behavior. (Because
epoll_wait is not documented to return timerfds in chronological order,
(although it does, in practice), the test code does not depend on the
order in which timers are dispatched.)
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
| |
Otherwise an invalid protocol will print warnings to stdout but won't
make the build fail.
Signed-off-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
While the default Unix socket buffer size on Linux is relatively
small, on some computers the default size may be configured to
be huge, making the overflow test never actually overflow the
Wayland display socket.
The changed code now explicitly sets the display socket send buffer
size to be small enough to guarantee an overflow.
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change ensures that the compositor process is not able to respond
to any of the noop requests sent by the client process, by using the
test compositor's `stop_display` mechanism to coordinate when the
compositor should stop processing messages.
(Before this change, it was possible that one of the calls of
wl_event_loop_dispatch in the compositor process could respond to all
the client's noop requests before returning.)
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
|
|
| |
At higher warning levels, GCC complains about unused variables.
Remove two completely unused, and one set-but-not-used, variables from
display-test to make it happy.
Signed-off-by: Daniel Stone <daniels@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Meson is a next generation build system, simpler than Autotools and also faster
and more portable. Most importantly, it will make integrating ASan easier in
CI.
The goal is to maintain feature parity of the Meson build with the
Autotools build, until such time when we can drop the latter.
Add a script which generates the desired Doxygen configuration for our various
output formats and executes it using that configuration. This is not something
Meson can or should do.
Fixes: https://gitlab.freedesktop.org/wayland/wayland/issues/80
[daniels: Changed to bump version, use GitLab issues URL, remove header
checks not used in any code, remove pre-pkg-config Expat
support, added missing include paths to wayland-egl and
cpp-compile-test, added GitLab CI.
Bumped version, removed unnecessary pkg-config paths.]
[daniels: Properly install into mandir/man3 via some gross
paramaterisation, generate real stamp files.]
Pekka:
- squashed patches
- removed MAKEFLAGS from meson CI
- remove unused PACKAGE* defines
- fix up scanner dependency handling
- instead of host_scanner option, build wayland-scanner twice when cross-compiling
- changed .pc files to match more closely the autotools versions
- reorder doxygen man sources to reduce diff to autotools
- fix pkgconfig.generate syntax warnings (new in Meson)
- bump meson version to 0.47 for configure_file(copy) and run_command(check)
- move doc tool checks into doc/meson.build, needed in more places
- make all doc tools mandatory if building docs
- check dot and doxygen versions
- add build files under doc/publican
- reindent to match Weston Meson style
Simon:
- Remove install arg from configure_file
- Don't build wayland-scanner twice during cross-build
- Fix naming of the threads dependency
- Store tests in dict
- Add missing HAVE_* decls for functions
- Remove unused cc_native variable
- Make doxygen targets a dict
- Make dot_gv a dict
- Use dicts in man_pages
- Make decls use dicts
- Make generated_headers use dicts
- Align Meson version number with autotool's
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Signed-off-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The tests that run exec-fd-leak-checker expect the binary to be located
in the current directory. This is not always the case; for instance, the
binaries could be built under `tests`, but be invoked under the
top-level build directory.
We can use an environment variable to control what's the location of the
test binaries, and fall back to the current directory if the variable is
unset.
Reviewed-by: Daniel Stone <daniels@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Including wayland-server-core.h in wayland-private.h is problematic
because wayland-private.h is included by wayland-scanner which should be
able to build against non-POSIX platforms (e.g. MinGW). The only reason
that wayland-server-core.h was included in wayland-private.h was for the
wl_private_signal definitions, so move those to a
wayland-server-private.h file that can be included by both
wayland-server.c and the tests.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This test makes sure that after wl_global_remove:
* The global_remove event is sent to existing clients
* Binding to the removed global still works
* A new client will not see the removed global advertised
Signed-off-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
|
|
|
|
| |
When doing unity builds via meson (example project:
https://github.com/swaywm/sway) multiple source files are glued together
via #include directives. Having every wayland-scanner generated source
file have an identifier named '*types[]' will lead to errors in these
unity builds if two or more of these are joined.
Signed-off-by: Marty E. Plummer <hanetzer@startmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The new display test runs a client that makes a very large number of
trivial requests. After responding to initial setup requests, the server
is paused, letting the trivial requests fill up the Unix socket buffer,
making further writes to the socket fail. The test then checks that the
client sets an appropriate error code, and does not abort or crash.
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
| |
This test creates a wl_seat global, then tries to bind to it with the wl_output
interface.
Signed-off-by: Simon Ser <simon.ser@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an application and a toolkit share the same Wayland connection,
it will receive events with each others objects. For example if the
toolkit manages a set of surfaces, and the application another set, if
both the toolkit and application listen to pointer focus events,
they'll receive focus events for each others surfaces.
In order for the toolkit and application layers to identify whether a
surface is managed by itself or not, it cannot only rely on retrieving
the proxy user data, without going through all it's own proxy objects
finding whether it's one of them.
By adding the ability to "tag" a proxy object, the toolkit and
application can use the tag to identify what the user data pointer
points to something known.
To create a tag, the recommended way is to define a statically allocated
constant char array containing some descriptive string. The tag will be
the pointer to the non-const pointer to the beginning of the array.
For example, to identify whether a focus event is for a surface managed
by the code in question:
static const char *my_tag = "my tag";
static void
pointer_enter(void *data,
struct wl_pointer *wl_pointer,
uint32_t serial,
struct wl_surface *surface,
wl_fixed_t surface_x,
wl_fixed_t surface_y)
{
struct window *window;
const char * const *tag;
tag = wl_proxy_get_tag((struct wl_proxy *) surface);
if (tag != &my_tag)
return;
window = wl_surface_get_user_data(surface);
...
}
...
static void
init_window_surface(struct window *window)
{
struct wl_surface *surface;
surface = wl_compositor_create_surface(compositor);
wl_surface_set_user_data(surface, window);
wl_proxy_set_tag((struct wl_proxy *) surface,
&my_tag);
}
Signed-off-by: Jonas Ådahl <jadahl@gmail.com>
|
| |
|
|
|
|
|
|
| |
The pointer operand to the binary `+` operator must be to a complete
object type. Since we are working with byte sizes, use `char *` for
arithmetic instead.
Signed-off-by: Michael Forney <mforney@mforney.org>
|
| |
|
|
|
|
|
|
|
| |
Rather than have two versions of the macro with slightly different
interfaces, just use wl_container_of internally.
This also removes use of statement expressions, a GNU C extension.
Signed-off-by: Michael Forney <mforney@mforney.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The printf() format specifier "%m" is a glibc extension to print
the string returned by strerror(errno). While supported by other
libraries (e.g. uClibc and musl), it is not widely portable.
In Wayland code the format string is often passed to a logging
function that calls other syscalls before the conversion of "%m"
takes place. If one of such syscall modifies the value in errno,
the conversion of "%m" will incorrectly report the error string
corresponding to the new value of errno.
Remove all the occurrences of the specifier "%m" in Wayland code
by using directly the string returned by strerror(errno).
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The test runs wayland_scanner on a set of XML protocol files which
have malformed element names, and confirms that an error is produced
and indicates the correct line.
Copyright notifications are not included in the test files, as
they are not code; of course, the project license still applies.
Signed-off-by: Manuel Stoeckl <code@mstoeckl.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The size argument to wl_connection_demarshal() is taken from the message by the
caller wl_client_connection_data(), therefore 'size' is untrusted data
controllable by a Wayland client. The size should always be at least the header
size, otherwise the header is invalid.
If the size is smaller than header size, it leads to reading past the end of
allocated memory. Furthermore if size is zero, wl_closure_init() changes
behaviour and leaves num_arrays uninitialized, leading to access of arbitrary
memory.
Check that 'size' fits at least the header. The space for arguments is already
properly checked.
This makes the request_bogus_size test free of errors under Valgrind.
Fixes: https://gitlab.freedesktop.org/wayland/wayland/issues/52
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Reviewed-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This attempts to reproduce the error conditions from
https://gitlab.freedesktop.org/wayland/wayland/issues/52 and make it crash.
While the crash was repeatable in my tests, it depends on garbage on stack
leading to access of invalid memory, which is not guaranteed.
This is a FAIL_TEST, so that the following fix commit can be verified.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.com>
Reviewed-by: Simon Ser <contact@emersion.fr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many languages such as C++ or Rust have an unwinding error-reporting
mechanism. Code in these languages can (and must!) wrap request handling
callbacks in unwind guards to avoid undefined behaviour.
As a consequence such code will detect internal server errors, but have
no way to communicate such failures to the client.
This adds a WL_DISPLAY_ERROR_IMPLEMENTATION error to wl_display so that
such code can notify (and disconnect) clients which hit internal bugs.
While servers can currently abuse other wl_display errors for the same
effect, adding an explicit error code allows clients to tell the
difference between errors which are their fault and errors which are the
server's fault. This is particularly interesting for automated bug
reporting.
v2: Rename error from "internal" to "implementation", in sympathy with
X11's BadImplementation error.
Add more justification in the commit message.
Signed-off-by: Christopher James Halse Rogers <christopher.halse.rogers@canonical.com>
Acked-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There are far better ways to detect memory leaks, such as either
valgrind or ASan. Having Meson makes it really easy to use these tools
in our tests, and we can do that in CI as well.
Having these local wrappers actually completely broke ASan usage, so
remove them in favour of using the more powerful options.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
Clang will rightly point out that example_sockaddr_un in socket-test
will get discarded from the compilation unit as it is completely unused.
Put in a couple of lines which of no value other than stopping Clang
from complaining.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Clang warns that it can silently discard a non-volatile write to a NULL
pointer (perhaps it constitutes undefined behaviour?), and recommends
changing it to volatile.
This patch slavishly complies with the demand of the unfeeling machine.
Signed-off-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Attempting to demarshal message with array or string longer than its
body should return failure. Handling the length correctly is tricky when
it gets to near-UINT32_MAX values. Unexpected overflows can cause
crashes and other security issues.
These tests verify that demarshalling such message gives failure instead
of crash.
v2: Added consts, serialized opcode and size properly, updated style.
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Acked-by: Derek Foreman <derek.foreman.samsung@gmail.com>
|
