| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
_cairo_malloc(0) always returns NULL, but has not been used
consistently. This patch replaces many calls to malloc() with
_cairo_malloc().
Fixes: fdo# 101547
CVE: CVE-2017-9814 Heap buffer overflow at cairo-truetype-subset.c:1299
Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
|
|
|
|
|
|
|
|
|
|
| |
Instead of asserting that the caller passed in a chunk-aligned base
pointer, just perform the fixup whilst initialising the mempool. This
means that the caller (xcb!) cannot assume that the mempool->base is
then the same base pointer as passed in and so needs to store it
separately for use in computing SHM offsets.
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
|
|
|
|
|
|
|
| |
Having extracted the code for use by the SHM allocator for xlib, remove
the now redundant copy from xcb.
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
|
|
|
|
|
| |
References: https://bugs.freedesktop.org/show_bug.cgi?id=48577
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
|
|
|
|
| |
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
| |
This reverts commit 3a94f4c7091ea6262007e7960e4cd915e17b33c0.
We need to fallback to pushing large images over the wire if we exhaust
the SHM space.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test failed with the following message:
cairo-surface.c:2265: _cairo_surface_create_in_error: Assertion `status <
CAIRO_STATUS_LAST_STATUS' failed.
_cairo_xcb_surface_create_shm_image() passed the error from
_cairo_xcb_connection_allocate_shm_info() to _create_in_error().
Fix this by never returning CAIRO_INT_STATUS_UNSUPPORTED from
_allocate_shm_info(). All other error cases in that function return
CAIRO_STATUS_NO_MEMORY, too.
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before using some piece of SHM again, we must be sure that the X11 server is no
longer working with it. For this, we send a GetInputFocus when we are done with
the SHM locally and will only use the memory again when the reply comes in.
However, if we are allocating the memory for SHM GetImage, then we can re-use
memory earlier, because the server processes requests in order. So it will only
start writing to the memory after it is done with earlier requests for this
memory. So instead of using GetInputFocus for synchronisation, the SHM GetImage
request will automatically do this for us.
Thanks to Chris Wilson for this idea.
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
| |
The "continue;" in the old code never worked, because it first checked the loop
condition. Since "FALSE" (hopefully) never evaluates to true, the loop was still
left.
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
| |
Clang static analysis triggers some reports in non-buggy code.
Silence them trying to follow better coding practices.
|
|
|
|
|
|
|
|
|
|
|
| |
make on win32 complains that:
make[1]: Entering directory `/home/ranma42/Code/fdo/cairo/src'
../src/Makefile.sources:220: *** missing separator. Stop.
Makefile.sources should not contain if's, which are aoutomake-only
conditionals. The correct way to conditionally include files is to
enable/disable them using C preprocessor macros.
|
|
|
|
|
|
|
|
| |
Without this, one could make cairo attach to lots of shared memory. I managed to
make cairo use 1.5 GiB of shared memory according to top. This was done by
disabling XRENDER and thus causing lots of fallbacks.
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit delays the return of a SHM area to the free pool. When
_cairo_xcb_shm_info_destroy is called, it now adds the cairo_xcb_shm_info_t to a
list of pending memory areas and sends a GetInputFocus request to the server.
This cairo_xcb_shm_info_t is only really freed when the GetInputFocus request
completes. To avoid unnecessarily waiting for the X server, we check via
xcb_poll_for_reply for the reply which returns immediately if the reply isn't
received yet.
This commits fixes a race where the shared memory area is reused before the X
server finished reading data from it. This does NOT fix races where cairo draws
something new to the same cairo_xcb_shm_info_t while the X server still reads
from it. However, there doesn't seem to exist any code currently where the shm
info isn't immediately destroyed after it was used.
This commit fixes the following tests for xcb-render-0.0 if SHM is enabled:
joins mask mask-transformed-image push-group push-group-color radial-gradient
radil-gradient-mask radial-gradient-mask-source radial-gradient-one-stop
radial-gradient-source smask smask-mask smask-paint
This also fixes mesh-pattern-transformed for all the xcb boilerplate "backends".
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
| |
The following commit adds a call to _cairo_xcb_shm_info_destroy to some function
in-between, but it also renames it and does some other changes to this. Thus,
move this function first to make the diff easier to read. :)
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the xcb backend use the auto-generated xcb API instead of
hand-writing each request. This should also improve parallelism with non-cairo
threads that use the same xcb connection.
Big thanks to Andrea Canciani for taking a look at this and finding lots of good
improvements (especially finding xcb_send_request was great).
cairo-perf-trace and cairo-perf-diff-files between master
(6732dbf2992891be4b1f08b14a5c449fd08b637c) and this change:
$ ./cairo-perf-diff-files ../master_perf ../xcb_no_socket_perf
old: master_perf
new: xcb_no_socket_perf
Speedups
========
xcb-rgba evolution-0 23558.86 (23558.86 0.00%) -> 19338.78 (19338.78 0.00%): 1.22x speedup
▎
xcb-rgba poppler-bug-12266-0 98.43 (98.43 0.00%) -> 82.36 (82.36 0.00%): 1.20x speedup
▎
xcb-rgba gnome-terminal-vim-0 5518.08 (5518.08 0.00%) -> 4905.92 (4905.92 0.00%): 1.12x speedup
▏
xcb-rgba gnome-terminal-20090601-0 45648.46 (45648.46 0.00%) -> 41231.25 (41231.25 0.00%): 1.11x speedup
▏
xcb-rgba evolution-20090607-0 71643.69 (71643.69 0.00%) -> 66314.95 (66314.95 0.00%): 1.08x speedup
▏
xcb-rgba poppler-0 3501.69 (3501.69 0.00%) -> 3322.26 (3322.26 0.00%): 1.05x speedup
Slowdowns
=========
xcb-rgba gnome-system-monitor-0 7500.01 (7500.01 0.00%) -> 7923.70 (7923.70 0.00%): 1.06x slowdown
xcb-rgba swfdec-youtube-full-0 26409.89 (26409.89 0.00%) -> 28430.76 (28430.76 0.00%): 1.08x slowdown
▏
xcb-rgba gnome-system-monitor-20090821-0 34801.61 (34801.61 0.00%) -> 37891.14 (37891.14 0.00%): 1.09x slowdown
Signed-off-by: Uli Schlachter <psychon@znc.in>
|
|
|
|
|
|
|
|
|
|
|
| |
I updated the Free Software Foundation address using the following script.
for i in $(git grep Temple | cut -d: -f1 )
do
sed -e 's/59 Temple Place[, -]* Suite 330, Boston, MA *02111-1307[, ]* USA/51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA/' -i "$i"
done
Fixes http://bugs.freedesktop.org/show_bug.cgi?id=21356
|
|
Still an experimental backend, it's now a little too late to stabilise
for 1.10, but this should represent a major step forward in its feature
set and an attempt to catch up with all the bug fixes that have been
performed on xlib. Notably not tested yet (and expected to be broken)
are mixed-endian connections and low bitdepth servers (the dithering
support has not been copied over for instance). However, it seems robust
enough for daily use...
Of particular note in this update is that the xcb surface is now capable
of subverting the xlib surface through the ./configure --enable-xlib-xcb
option. This replaces the xlib surface with a proxy that forwards all
operations to an equivalent xcb surface whilst preserving the cairo-xlib
API that is required for compatibility with the existing applications,
for instance GTK+ and Mozilla. Also you can experiment with enabling a
DRM bypass, though you need to be extremely foolhardy to do so.
|