Bug 16067

Summary:

[NULL dereference in VidModeGetCurrentModeline] 6.8.0 ati driver segfaults when using mplayer after a while

Product:

xorg

Reporter:

Thierry Vignaud <thierry.vignaud>

Component:

Server/General

Assignee:

xf86-video-ati maintainers <xorg-driver-ati>

Status:

RESOLVED FIXED

QA Contact:

Xorg Project Team <xorg-team>

Severity:

major

Priority:

medium

Version:

7.2 (2007.02)

Hardware:

Other

OS:

All

Whiteboard:

i915 platform:

i915 features:

Attachments:

Description	Flags
0528-Correct-a-NULL-pointer-deference.patch	none

Description Thierry Vignaud 2008-05-22 09:14:13 UTC

After a while, the xorg server segfaults when using mplayer.
It "gracefully" handles this error by killing the X client.

You can find stack traces of the segfault which happens in
VidModeGetCurrentModeline() at:
 https://qa.mandriva.com/show_bug.cgi?id=40959

Here's the GDB trace:
https://qa.mandriva.com/attachment.cgi?id=9985

Comment 1 Thierry Vignaud 2008-05-22 10:47:01 UTC

Further debugging showed that VidModeGetCurrentModeline() blindly dereferences pScrn->currentMode whithout checking if it's NULL

Comment 2 Alex Deucher 2008-05-22 10:51:27 UTC

looks like a server issue.

Comment 3 Paulo César Pereira de Andrade 2008-05-23 10:32:40 UTC

Created attachment 16708 [details] [review]
0528-Correct-a-NULL-pointer-deference.patch

  I will add this patch to Mandriva's X Server, but
maybe a similar patch could also be added to upstream
X Server, as it apparently fixes a crash that is caused
by hardware in the market, when running an application
that queries/uses XFree86-VidModeExtension.

  Note that the report about the X Server killing the
application and continuing running is a Mandriva only patch
http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/x11-server/current/SOURCES/0504-SAVE_CONTEXT-Mandriva-Custom-X-Server-patch.patch?revision=209187&view=markup

  Maybe a proper patch, not really to try to remediate
the problem of no edid information available, but for
consistency would be to ensure
hw/xfree86/modes/xf86Crtc.c:xf86SetScrnInfoModes()
is called at the proper place, and hopefully, this
way, both randr and the vidmode extension would work
together and not conflict.

Comment 4 Peter Hutterer 2008-05-26 23:56:14 UTC

(In reply to comment #3)
> Created an attachment (id=16708) [details]
> 0528-Correct-a-NULL-pointer-deference.patch
> 
>   I will add this patch to Mandriva's X Server, but
> maybe a similar patch could also be added to upstream
> X Server, as it apparently fixes a crash that is caused
> by hardware in the market, when running an application
> that queries/uses XFree86-VidModeExtension.


Pushed as c8af7ce35a900ac9b898f51c1b95dabad3ba1d76. Thanks.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.