From 86bd2196b4ccec50443e99e6c8bf1659e1df9f37 Mon Sep 17 00:00:00 2001 From: Daniel Manjarres Date: Fri, 20 Jun 2014 10:51:33 -0700 Subject: [PATCH] glx: Don't crash on swap event for a Window (non-GLXWindow) Prior to GLX 1.3 there was the glxMakeCurrent() function that took a single drawable handle. The Drawable could be either a bare XID for a Window or an XID for a glxpixmap. GLX 1.3 added glxMakeContextCurrent that takes 2 handles: one for reading, one for writing. Nowadays the old glxMakeCurrent call is implemented as a call to glxMakeContextCurrent with the single handle duplicated. Because of this it is allowed to use a plain-old Window ID as an argument to glxMakeContextCurrent, although nobody really documents this sort of thing. The manpage for the NEW call specifies the arguments as GLXPixmaps, but the actual code accepts Window XIDs too, and handles them correctly. Similarly, the glxSelectEvents function can also take a bare Window XID. The "piglit" tests all use GLXWindows and/or GLXPixmaps. You never tested swap events with a bare Window XID. That is what my app was doing. The swap_events code worked with Window XIDs in mesa 7.x.y. The new code added in versions 8, 9, and 10 assumes that all buffer swap events have a GLXPixmap associated with them. Because of the historical quirks above, this is not true. Swap events for bare Window XIDs do NOT have a glxpixmap resulting in a segfault. Any app that uses the old school glxMakeCurrent call with a Window XID while trying to use swap_events will crash when the libs try to lookup the nonexistent GLXPixmap associated with the incoming swap event. I believe that the people who wrote the spec overlooked this, because the "sbc" field comes from the OML_sync extension that is defined in terms of glxpixmaps only. v2 (idr): Formatting changes. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=54372 Reviewed-by: Ian Romanick Acked-by: Jesse Barnes Cc: "10.1 10.2" --- src/glx/dri2.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/glx/dri2.c b/src/glx/dri2.c index 7cb9d2dba9c..cc6c1641669 100644 --- a/src/glx/dri2.c +++ b/src/glx/dri2.c @@ -131,10 +131,14 @@ DRI2WireToEvent(Display *dpy, XEvent *event, xEvent *wire) aevent->msc = ((CARD64)awire->msc_hi << 32) | awire->msc_lo; glxDraw = GetGLXDrawable(dpy, pdraw->drawable); - if (awire->sbc < glxDraw->lastEventSbc) - glxDraw->eventSbcWrap += 0x100000000; - glxDraw->lastEventSbc = awire->sbc; - aevent->sbc = awire->sbc + glxDraw->eventSbcWrap; + if (glxDraw != NULL) { + if (awire->sbc < glxDraw->lastEventSbc) + glxDraw->eventSbcWrap += 0x100000000; + glxDraw->lastEventSbc = awire->sbc; + aevent->sbc = awire->sbc + glxDraw->eventSbcWrap; + } else { + aevent->sbc = awire->sbc; + } return True; } -- 2.30.2