blob: 9493ff6b5f956a2575e4b5e2e205b41b0bdc0035 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
From eae444eb1a85d2401501d29f9a6c654c046f806b Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu, 30 Aug 2012 06:38:38 +0000
Subject: Reset num_active_touches on DeviceOff (#52496)
When disabling the device, reset num_active_touches to zero. Otherwise,
num_active_touches stays at the value it was on DeviceOff(). Future touches
add to that value until the index may go past priv->open_slots[].
That causes spurious memory corruption on touch ends.
And as of 55fc42e7c9b4948cadd4f98ef7b6a3b12e268e3e we ignore pre-existing
touches anyway.
Test-case:
- place num_touches fingers on the touchpad
- xinput disable <device>
- lift fingers
- xinput enable <device>
- place finger on device, num_active_touches is now (num_touches + 1)
X.Org Bug 52496 <http://bugs.freedesktop.org/show_bug.cgi?id=52496>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
(cherry picked from commit a245d42f53096b1ae81e6702729f97ca508e5b5b)
Conflicts:
src/synaptics.c
---
diff --git a/src/synaptics.c b/src/synaptics.c
index cd9f936..a28e984 100644
--- a/src/synaptics.c
+++ b/src/synaptics.c
@@ -1154,6 +1154,7 @@ SynapticsReset(SynapticsPrivate * priv)
priv->prev_z = 0;
priv->prevFingers = 0;
#ifdef HAVE_MULTITOUCH
+ priv->num_active_touches = 0;
memset(priv->open_slots, 0, priv->num_slots * sizeof(int));
#endif
}
@@ -3118,6 +3119,7 @@ UpdateTouchState(InputInfoPtr pInfo, struct SynapticsHwState *hw)
if (hw->slot_state[i] == SLOTSTATE_OPEN) {
priv->open_slots[priv->num_active_touches] = i;
priv->num_active_touches++;
+ BUG_WARN(priv->num_active_touches > priv->num_slots);
}
else if (hw->slot_state[i] == SLOTSTATE_CLOSE) {
Bool found = FALSE;
--
cgit v0.9.0.2-2-gbebe
|
GitWeb
