Xwayland segfault in `ProcChangePointerControl`
Description
This is a downstream bug in Fedora, Xwayland crashes in ProcChangePointerControl
Steps to reproduce
Unknown
Expected result
Xwayland works
Actual result
Xwayland crashes in ProcChangePointerControl
Additional info
The backtrace fro mthe downstream bug report reads as:
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/bin/Xwayland :0 -rootless -noreset -accessx -core -auth /run/user/1000/.mu'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
49 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f3c1c082a80 (LWP 2933))]
Thread 1 (Thread 0x7f3c1c082a80 (LWP 2933)):
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
set = {__val = {171516928, 0, 0, 0, 0, 0, 0, 0, 94439322966512, 67108868, 139896154763744, 0, 140735806923376, 0, 0, 7}}
pid = <optimized out>
tid = <optimized out>
ret = <optimized out>
#1 0x00007f3c1c8088a4 in __GI_abort () at abort.c:79
save_stage = 1
act = {__sigaction_handler = {sa_handler = 0x0, sa_sigaction = 0x0}, sa_mask = {__val = {16820053764634595328, 0, 94439322962992, 171515904, 0, 7, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0}}, sa_flags = 479884352, sa_restorer = 0x0}
sigs = {__val = {32, 0, 2, 9223372036854775822, 0, 0, 0, 0, 0, 0, 0, 139895741874180, 139896154763744, 0, 0, 32}}
#2 0x000055e45e4c4c90 in OsAbort () at ../../os/utils.c:1351
No locals.
#3 0x000055e45e4d200c in AbortServer () at ../../os/log.c:879
No locals.
#4 FatalError (f=0x55e45e4fb388 "Caught signal %d (%s). Server aborting\n") at ../../os/log.c:1017
args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7fff9bc759e0, reg_save_area = 0x7fff9bc75910}}
args2 = {{gp_offset = 8, fp_offset = 48, overflow_arg_area = 0x7fff9bc759e0, reg_save_area = 0x7fff9bc75910}}
beenhere = 1
#5 0x000055e45e4c5a7d in OsSigHandler (unused=<optimized out>, sip=0x7fff9bc75b30, signo=11) at ../../os/osinit.c:156
No locals.
#6 OsSigHandler (signo=11, sip=0x7fff9bc75b30, unused=<optimized out>) at ../../os/osinit.c:110
No locals.
#7 <signal handler called>
No locals.
#8 0x000055e45e4868d1 in ProcChangePointerControl (client=0x55e45f4f1c20) at ../../dix/devices.c:2264
dev = <optimized out>
mouse = 0x55e45efe9bb0
ctrl = <error reading variable ctrl (Cannot access memory at address 0x8)>
rc = <optimized out>
stuff = 0x55e45f53d610
#9 0x000055e45e3661c0 in Dispatch () at ../../dix/dispatch.c:497
result = <optimized out>
client = 0x55e45f4f1c20
start_tick = 51295
result = <optimized out>
client = <optimized out>
start_tick = <optimized out>
ext = <optimized out>
#10 dix_main (envp=<optimized out>, argv=0x7fff9bc76298, argc=16) at ../../dix/main.c:276
i = <optimized out>
alwaysCheckForInput = {0, 1}
i = <optimized out>
alwaysCheckForInput = {<optimized out>, <optimized out>}
pScreen = <optimized out>
pScreen = <optimized out>
remember_it = <optimized out>
pScreen = <optimized out>
#11 main (argc=16, argv=0x7fff9bc76298, envp=<optimized out>) at ../../dix/stubmain.c:34
No locals.In dix/devices.c line 2264 reads:
ctrl = mouse->ptrfeed->ctrl;So the theory is that ptrfeed would be NULL there.
In Xwayland we initiate InitPtrFeedbackClassDeviceStruct for all but the touch device (from xwl_touch_proc())
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information