qxl: Initialize prev field while dup surface list

Otherwise we will can hit a segfault qxl_surface_kill() │717 void │718 qxl_surface_kill (qxl_surface_t *surface) │719 { │720 struct evacuated_surface_t *ev = surface->evacuated; │721 │722 if (ev) │723 { │724 /* server side surface is already destroyed (via reset), don't │725 * resend a destroy. Just mark surface as not to be recreated */ │726 ev->pixmap = NULL;│ │727 if (ev->image)│ │728 pixman_image_unref (ev->image); │729 if (ev->next) │730 ev->next->prev = ev->prev; │731 if (ev->prev) >│732 ev->prev->next = ev->next; │733 free(ev); │734 surface->evacuated = NULL; │735 return; │736 } Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1641793 Signed-off-by: Victor Toso <victortoso@redhat.com>
author: Victor Toso <me@victortoso.com> 2018-10-23 13:48:58 +0200
committer: Christophe Fergeau <cfergeau@redhat.com> 2018-11-16 17:48:09 +0100
commit: cf2254c13497049a8dbc73a3b031f4cd43403ab1 (patch)
tree: 4e7cc9125c38c53d70cb2e0644c291452a0b43ee
parent: 64cb597c7f7fa1493aea95aa3656e2cae66728d2 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/qxl_surface_ums.c b/src/qxl_surface_ums.c
index 2c16ede..19cbd36 100644
--- a/src/qxl_surface_ums.c
+++ b/src/qxl_surface_ums.c
@@ -792,6 +792,7 @@ qxl_surface_cache_evacuate_all (surface_cache_t *cache)
 
 	unlink_surface (s);
 	
+	evacuated->prev = NULL;
 	evacuated->next = evacuated_surfaces;
         if (evacuated_surfaces)
             evacuated_surfaces->prev = evacuated;
author	Victor Toso <me@victortoso.com>	2018-10-23 13:48:58 +0200
committer	Christophe Fergeau <cfergeau@redhat.com>	2018-11-16 17:48:09 +0100
commit	cf2254c13497049a8dbc73a3b031f4cd43403ab1 (patch)
tree	4e7cc9125c38c53d70cb2e0644c291452a0b43ee
parent	64cb597c7f7fa1493aea95aa3656e2cae66728d2 (diff)