Selecting and dragging text after removing keyboard causes SIGSEGV in weston
I've found an issue on a device with a touchscreen and a USB keyboard input. In an application there is a text box which I can select and type text into. After typing text, the USB keyboard is disconnected. The touchscreen is then used to select and drag some of the text around - this reliably causes weston to crash.
A gdb backtrace led me to
weston_touch_start_drag() (at current HEAD: https://gitlab.freedesktop.org/wayland/weston/blob/737ac0d4b3f7b40c345b61ff62dea0550217f063/libweston/data-device.c#L972). It looks like
weston_seat_get_keyboard() will return NULL when there is no keyboard currently present. So there probably needs to be a check that keyboard is not NULL before calling
weston_keyboard_start_grab() in this function. The actual SEGV occurs when
weston_keyboard_set_focus() attempts to dereference the NULL keyboard pointer.
I can submit a merge request myself but I need to get the intended behaviour correct first. If keyboard is NULL should we just skip the calls to
weston_keyboard_start_grab()? Or do we need to bail out of the function with an error condition?
The same issue likely applies to
In our case we're still using weston 2.0.0 but I believe this issue also affects the latest version of weston as
git blame shows the code paths in question haven't changed since 2016.