libweston: ensure backend is not loaded twice
Check and ensure that a compositor can only load one backend
successfully. If a backend fails to load, it is theoretically possible
to try another backend. Once loading succeeds, only destroying the
compositor would allow "unloading" a backend.
If backend init fail, ensure the backend pointer remains NULL to avoid
calling into a half-loaded backend on e.g. compositor destruction.
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Reviewed-by: Ian Ray <ian.ray@ge.com>
Acked-by Daniel Stone <daniels@collabora.com>
diff --git a/libweston/compositor.c b/libweston/compositor.c
index 53bbf55..71a9b38 100644
--- a/libweston/compositor.c
+++ b/libweston/compositor.c
@@ -5653,6 +5653,11 @@
int (*backend_init)(struct weston_compositor *c,
struct weston_backend_config *config_base);
+ if (compositor->backend) {
+ weston_log("Error: attempt to load a backend when one is already loaded\n");
+ return -1;
+ }
+
if (backend >= ARRAY_LENGTH(backend_map))
return -1;
@@ -5660,7 +5665,12 @@
if (!backend_init)
return -1;
- return backend_init(compositor, config_base);
+ if (backend_init(compositor, config_base) < 0) {
+ compositor->backend = NULL;
+ return -1;
+ }
+
+ return 0;
}
WL_EXPORT int