| Summary: | Fix null pointer in FreeRec() | ||||||
|---|---|---|---|---|---|---|---|
| Product: | xorg | Reporter: | Thomas Meyer <thomas.mey> | ||||
| Component: | Driver/modesetting | Assignee: | Xorg Project Team <xorg-team> | ||||
| Status: | RESOLVED MOVED | QA Contact: | Xorg Project Team <xorg-team> | ||||
| Severity: | normal | ||||||
| Priority: | medium | Keywords: | patch | ||||
| Version: | git | ||||||
| Hardware: | Other | ||||||
| OS: | All | ||||||
| Whiteboard: | |||||||
| i915 platform: | i915 features: | ||||||
| Attachments: |
|
||||||
Created attachment 121144 [details] [review] Fix null pointer -- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/xorg/xserver/issues/23. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
There seem to be a bug in the modesetting driver: (gdb) p (modesettingPtr)((scrn)->driverPrivate) $6 = (struct _modesettingRec *) 0x0 driverPrivate is NULL. It is set to NULL in FreeRec function: 625│ return; 626│-> pScrn->driverPrivate = NULL; 627│ 628│ if (ms->fd > 0) { 629│ modesettingEntPtr ms_ent; 630│ int ret; 631│ 632├> ms_ent = ms_ent_priv(pScrn); 633│ ms_ent->fd_ref--; 634│ if (!ms_ent->fd_ref) { 635│ if (ms->pEnt->location.type == BUS_PCI) 636│ ret = drmClose(ms->fd); 637│ else 638│ #ifdef XF86_PDEV_SERVER_FD 639│ if (!(ms->pEnt->location.type == BUS_PLATFORM && /usr/src/debug/xorg-server-1.18.0/hw/xfree86/drivers/modesetting/driver.c line 626 clears the pointer and in line 632 it's used later on again by ms_ent_priv(). See also https://bugzilla.redhat.com/show_bug.cgi?id=1273183