[PATCH regression] os: call va_start() before va_copy()
Jeremy Huddleston
jeremyhu at apple.com
Mon Apr 9 22:38:13 PDT 2012
git fetch origin
git rebase origin/master
;)
http://cgit.freedesktop.org/xorg/xserver/commit/?id=eca58ee4db43d85e5940919be094c38ad166d5d0
On Apr 9, 2012, at 10:28 PM, Peter Hutterer <peter.hutterer at who-t.net> wrote:
> Otherwise we copy random stuff, which is less than ideal.
> Introduced in a818b305989bbcde4e585112a7ee70cbc0b14a92
>
> Test-case: start server as user other than root, segfault triggered when
> xf86OpenConsole's calls FatalError.
>
> Backtrace:
> 0: ./hw/xfree86/Xorg (xorg_backtrace+0x41) [0x47a9d9]
> 1: ./hw/xfree86/Xorg (0x400000+0x81cfc) [0x481cfc]
> 2: /lib64/libpthread.so.0 (0x3d1e200000+0xf500) [0x3d1e20f500]
> 3: /lib64/libc.so.6 (_IO_vfprintf+0x4758) [0x3d1de4bb98]
> 4: /lib64/libc.so.6 (vsnprintf+0xa2) [0x3d1de76b82]
> 5: ./hw/xfree86/Xorg (LogVWrite+0x10c) [0x4808d1]
> 6: ./hw/xfree86/Xorg (VErrorF+0x25) [0x4815f2]
> 7: ./hw/xfree86/Xorg (FatalError+0xc4) [0x48157b]
> 8: ./hw/xfree86/Xorg (LockServer+0x3f8) [0x482c25]
> 9: ./hw/xfree86/Xorg (OsInit+0x3f7) [0x4821a2]
> 10: ./hw/xfree86/Xorg (0x400000+0x8fbd5) [0x48fbd5]
> 11: /lib64/libc.so.6 (__libc_start_main+0xed) [0x3d1de2169d]
> 12: ./hw/xfree86/Xorg (0x400000+0x212f9) [0x4212f9]
>
> Segmentation fault at address (nil)
>
> Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
> ---
> os/log.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/os/log.c b/os/log.c
> index 9a71969..e554a8c 100644
> --- a/os/log.c
> +++ b/os/log.c
> @@ -601,6 +601,7 @@ FatalError(const char *f, ...)
> else
> ErrorF("\nFatal server error:\n");
>
> + va_start(args, f);
> /* Make a copy for OsVendorFatalError */
> va_copy(args2, args);
>
> --
> 1.7.7.6
>
More information about the xorg-devel
mailing list