Wayland: Fix segfault when receiving tablet/touch events for surfaces that have already been destroyed client-side
Fixes #3296 (closed)
The tablet part of the issue appears to be fixed for me: As described in the issue, I can reliably reproduce the crash without the patch, but didn't manage to do so with the fix.
The touch part of the patch is incomplete: It currently only ignores events in touch_handle_down(), but I'm quite certain that subsequent
touch_handle_up,
touch_handle_motion and
touch_handle_cancel
will still crash.
In the tablet case, there was an obvious way to check whether the surface is destroyed and we are ignoring all further events for it. Namely, by checking whether tool->current_tablet == NULL: This is reset to NULL after each proximity out event, and set to the respective tablet on the proximity in event. I couldn't find a similar indicator in the touch code. Maybe someone more familiar with the code can come up with an idea? Updated the MR with a version that might also fix the touch case. I don't have a touch device to test this, though.
The same issue existed some time ago for pointers and keyboards:
https://bugzilla.gnome.org/show_bug.cgi?id=693338
which was fixed in bfd7137f, 3625f178 and a8fc099a
This MR is relative to 3.24.23, a slight change is required for master.