xf86-video-intel: src/sna/kgem.c src/sna/sna_blt.c src/sna/sna_io.c
Chris Wilson
ickle at kemper.freedesktop.org
Wed Sep 25 05:55:51 PDT 2013
src/sna/kgem.c | 1 +
src/sna/sna_blt.c | 2 +-
src/sna/sna_io.c | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
New commits:
commit d7eb40efa79dd9ea720606b94a20179c7dd18e03
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date: Wed Sep 25 13:54:43 2013 +0100
sna: Check that the bo exists before attempting to undo it
Fixes a NULL dereference from sna_blt_composite().
Bugzilla: https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-intel/+bug/1228677
Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
diff --git a/src/sna/kgem.c b/src/sna/kgem.c
index 336bd7d..7811615 100644
--- a/src/sna/kgem.c
+++ b/src/sna/kgem.c
@@ -1932,6 +1932,7 @@ void kgem_bo_undo(struct kgem *kgem, struct kgem_bo *bo)
if (kgem->nexec != 1 || bo->exec == NULL)
return;
+ assert(bo);
DBG(("%s: only handle in batch, discarding last operations for handle=%d\n",
__FUNCTION__, bo->handle));
diff --git a/src/sna/sna_blt.c b/src/sna/sna_blt.c
index 1f173da..fdcc419 100644
--- a/src/sna/sna_blt.c
+++ b/src/sna/sna_blt.c
@@ -2250,7 +2250,7 @@ fill:
tmp->dst.bo = sna_drawable_use_bo(dst->pDrawable, hint,
&dst_box, &tmp->damage);
- if (hint & REPLACES)
+ if (tmp->dst.bo && hint & REPLACES)
kgem_bo_undo(&sna->kgem, tmp->dst.bo);
ret = false;
diff --git a/src/sna/sna_io.c b/src/sna/sna_io.c
index 2a31820..746b122 100644
--- a/src/sna/sna_io.c
+++ b/src/sna/sna_io.c
@@ -1438,6 +1438,7 @@ bool sna_replace(struct sna *sna,
struct kgem *kgem = &sna->kgem;
void *dst;
+ assert(bo);
DBG(("%s(handle=%d, %dx%d, bpp=%d, tiling=%d) busy?=%d\n",
__FUNCTION__, bo->handle,
pixmap->drawable.width,
More information about the xorg-commit
mailing list