xf86-video-intel: src/sna/sna_threads.c

Sat Apr 19 10:47:13 PDT 2014

src/sna/sna_threads.c |    1 +
 1 file changed, 1 insertion(+)

New commits:
commit 08e71e1820d6fcb6829b4ebd360beadc1f250295
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date:   Sat Apr 19 16:27:49 2014 +0100

    sna: Initialise thread->arg
    
    If we launch less than the maximum number of threads, we may read the
    thread->arg value never having set it after a malloc.
    
    ==8207== Conditional jump or move depends on uninitialised value(s)
    ==8207==    at 0xA986B7F: sna_threads_wait (sna_threads.c:216)
    ==8207==    by 0xA986EFE: sna_image_composite (sna_threads.c:350)
    ==8207==    by 0xA93DD0D: sna_composite_fb (sna_composite.c:598)
    ==8207==    by 0xA93E66C: sna_composite (sna_composite.c:742)
    ==8207==    by 0x23A773: damageComposite (damage.c:503)
    ==8207==    by 0x2309A9: ProcRenderComposite (render.c:708)
    ==8207==    by 0x15D86D: Dispatch (dispatch.c:433)
    ==8207==    by 0x161689: dix_main (main.c:294)
    ==8207==    by 0x6FB1B44: (below main) (libc-start.c:287)
    
    Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>

diff --git a/src/sna/sna_threads.c b/src/sna/sna_threads.c
index c56f3bc..1310972 100644
--- a/src/sna/sna_threads.c
+++ b/src/sna/sna_threads.c
@@ -149,6 +149,7 @@ void sna_threads_init(void)
 		pthread_cond_init(&threads[n].cond, NULL);
 
 		threads[n].func = NULL;
+		threads[n].arg = NULL;
 		if (pthread_create(&threads[n].thread, NULL,
 				   __run__, &threads[n]))
 			goto bail;
