st/mesa: add null pointer checking in query object functions

Don't pass null query object pointers into gallium functions.
This avoids segfaulting in the VMware driver (and others?) if the
pipe_context::create_query() call fails and returns NULL.

Cc: "10.0" "10.1" <mesa-stable@lists.freedesktop.org>
Reviewed-by: Roland Scheidegger <sroland@vmware.com>

diff --git a/src/mesa/state_tracker/st_cb_queryobj.c b/src/mesa/state_tracker/st_cb_queryobj.c
index 5186a5157fca49d7e05d34b594397bac73e21362..78a737094cd8d365d9ad797d8c9bee6e634fc280 100644 (file)
--- a/src/mesa/state_tracker/st_cb_queryobj.c
+++ b/src/mesa/state_tracker/st_cb_queryobj.c
@@ -141,7 +141,13 @@ st_BeginQuery(struct gl_context *ctx, struct gl_query_object *q)
          stq->pq = pipe->create_query(pipe, type);
          stq->type = type;
       }
-      pipe->begin_query(pipe, stq->pq);
+      if (stq->pq) {
+         pipe->begin_query(pipe, stq->pq);
+      }
+      else {
+         _mesa_error(ctx, GL_OUT_OF_MEMORY, "glBeginQuery");
+         return;
+      }
    }
    assert(stq->type == type);
 }
@@ -162,7 +168,8 @@ st_EndQuery(struct gl_context *ctx, struct gl_query_object *q)
       stq->type = PIPE_QUERY_TIMESTAMP;
    }
 
-   pipe->end_query(pipe, stq->pq);
+   if (stq->pq)
+      pipe->end_query(pipe, stq->pq);
 }
 
 
@@ -171,6 +178,13 @@ get_query_result(struct pipe_context *pipe,
                  struct st_query_object *stq,
                  boolean wait)
 {
+   if (!stq->pq) {
+      /* Only needed in case we failed to allocate the gallium query earlier.
+       * Return TRUE so we don't spin on this forever.
+       */
+      return TRUE;
+   }
+
    if (!pipe->get_query_result(pipe,
                                stq->pq,
                                wait,