Bug 98204

Summary: gtk2 application segfault with libxi 1.7.7
Product: xorg Reporter: j.witteveen
Component: Lib/XiAssignee: Xorg Project Team <xorg-team>
Status: RESOLVED MOVED QA Contact: Xorg Project Team <xorg-team>
Severity: major    
Priority: medium    
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Attachments:
Description Flags
Behavioral improvement none

Description j.witteveen 2016-10-11 11:49:53 UTC 
Since libxi 1.7.7 GTK2 applications crash when certain input devices are plugged in. At least some Wacom tablets and Microsoft game controllers trigger a segmentation fault. Removing lines 224 and 225 from src/XListDev.c:XListInputDevices

    if (!s)
        goto out;

prevents the error from happening. These lines were added in commit 19a9cd6, the only commit from 1.7.6 to 1.7.7.

Mentions:
https://bugs.archlinux.org/task/51298
https://bbs.archlinux.org/viewtopic.php?pid=1659799
https://lwn.net/Articles/703097/
Comment 1 j.witteveen 2016-10-11 14:20:34 UTC 
Created attachment 127213 [details] [review]
Behavioral improvement

Jan de Groot observed (https://bugs.archlinux.org/task/51298) that the problem is caused by gtk not checking a return value for NULL. As the man page for xlistinputdevices says nothing about return values, the best we could do is to behave the best we can and not set any call-by-reference value when we may fail and return NULL. This prevents gtk from trying to loop over a NULL array.
Comment 2 j.witteveen 2016-10-12 09:33:41 UTC 
Of course, the patch does not address the actual bug that SizeClassInfo sometimes returns 0 and causes XListInputDevices to bail out.
Comment 3 j.witteveen 2016-10-13 15:59:16 UTC 
GTK notes that at the very least the documentation is wrong and 1.7.7 diverged from the documented behavior by no longer returning at least the core pointer.

https://bugzilla.gnome.org/show_bug.cgi?id=772794
Comment 4 j.witteveen 2016-10-20 19:36:06 UTC 
Apparently the bug tracker is not a central place of development, as my patch was reinvented on the mailing list: https://lists.freedesktop.org/archives/xorg-devel/2016-October/051608.html
Comment 5 GitLab Migration User 2018-08-10 20:15:12 UTC 
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/xorg/lib/libxi/issues/8.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.