projects / mesa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: ffd625d)
st/xorg: Work around cursor reference counting bugs in older X servers.
authorMichel Dänzer <daenzer@vmware.com>
Wed, 10 Mar 2010 17:26:25 +0000 (18:26 +0100)
committerMichel Dänzer <daenzer@vmware.com>
Wed, 10 Mar 2010 17:26:25 +0000 (18:26 +0100)
Could result in use of freed memory and consequently random crashes, e.g. on
screen resize.
(cherry picked from commit 21c91b410a2a2cbf8eb677e59e3322f86320f2b0)

Conflicts:

src/gallium/state_trackers/xorg/xorg_tracker.h

src/gallium/state_trackers/xorg/xorg_crtc.c patch | blob | history
src/gallium/state_trackers/xorg/xorg_driver.c patch | blob | history
src/gallium/state_trackers/xorg/xorg_tracker.h patch | blob | history

diff --git a/src/gallium/state_trackers/xorg/xorg_crtc.c b/src/gallium/state_trackers/xorg/xorg_crtc.c
index 000ec9048f59853faf63adf4e37d4b62616c03f1..53a3c5c2b7d6f53a63bb8f176130fbb2f8095ec7 100644 (file)
--- a/src/gallium/state_trackers/xorg/xorg_crtc.c
+++ b/src/gallium/state_trackers/xorg/xorg_crtc.c
@@ -275,7 +275,21 @@ err_bo_destroy:
 static void
 crtc_load_cursor_argb(xf86CrtcPtr crtc, CARD32 * image)
 {
+    xf86CrtcConfigPtr config = XF86_CRTC_CONFIG_PTR(crtc->scrn);
     modesettingPtr ms = modesettingPTR(crtc->scrn);
+
+    /* Older X servers have cursor reference counting bugs leading to use of
+     * freed memory and consequently random crashes. Should be fixed as of
+     * xserver 1.8, but this workaround shouldn't hurt anyway.
+     */
+    if (config->cursor)
+       config->cursor->refcnt++;
+
+    if (ms->cursor)
+       FreeCursor(ms->cursor, None);
+
+    ms->cursor = config->cursor;
+
     if (ms->screen)
        crtc_load_cursor_argb_ga3d(crtc, image);
 #ifdef HAVE_LIBKMS
diff --git a/src/gallium/state_trackers/xorg/xorg_driver.c b/src/gallium/state_trackers/xorg/xorg_driver.c
index 8fb6e5a96ddd174523259a26370d576a48579354..d7c67463d217e8d2a5c110c68795cdd42c869cea 100644 (file)
--- a/src/gallium/state_trackers/xorg/xorg_driver.c
+++ b/src/gallium/state_trackers/xorg/xorg_driver.c
@@ -922,6 +922,11 @@ drv_close_screen(int scrnIndex, ScreenPtr pScreen)
        drv_leave_vt(scrnIndex, 0);
     }
 
+    if (ms->cursor) {
+       FreeCursor(ms->cursor, None);
+       ms->cursor = NULL;
+    }
+
     if (cust && cust->winsys_screen_close)
        cust->winsys_screen_close(cust);
 
diff --git a/src/gallium/state_trackers/xorg/xorg_tracker.h b/src/gallium/state_trackers/xorg/xorg_tracker.h
index 2f5cc64d9c5f55679bb89e9d20c76e8194adc524..c1884ebd11526855d8259290f611cc02e9637be1 100644 (file)
--- a/src/gallium/state_trackers/xorg/xorg_tracker.h
+++ b/src/gallium/state_trackers/xorg/xorg_tracker.h
@@ -90,6 +90,7 @@ typedef struct _modesettingRec
 
     Bool noAccel;
     Bool SWCursor;
+    CursorPtr cursor;
     CloseScreenProcPtr CloseScreen;
 
     /* Broken-out options. */