Created attachment 122571 [details]
Patch for problem.
Noticed while looking at a crash the following code pattern:
dri2_dpy = calloc(1, sizeof *dri2_dpy);
disp->DriverData = (void *) dri2_dpy;
if error goto cleanup
The problem being that on failure disp->DriverData is left pointing to
memory which has already been freed. Granted no one should be accessing
it after a failure, however if someone does then random things may occur.
The attached patch sets disp->DriverData to NULL on failure so that more
predictable behavior occurs if someone does happen to accesses it.
Please submit patches directly (preferably using git send-email, but definitely generated by git format-patch) to the firstname.lastname@example.org list for review.