projects / platform / upstream / xorg-server.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2925db6) | patch
fixup picture in SetWindowPixmap
authorMaarten Lankhorst <maarten.lankhorst@canonical.com>
Wed, 6 Nov 2013 09:25:27 +0000 (10:25 +0100)
committerEric Anholt <eric@anholt.net>
Wed, 18 Dec 2013 19:23:54 +0000 (11:23 -0800)
commit842cd7eb4353492bc9c29439f975c3bd33445cbd
tree52d94e0acaffeb3c61773e54d2b34933454cde4atree | snapshot
parent2925db6616944c8d1e911caee0637a00e5586576commit | diff
fixup picture in SetWindowPixmap

When creating a window with recordmydesktop running, the following may happen:

create picture 0x1cd457e0, with drawable 0x1327d1f0
(SetWindowPixmap is called)
destroy picture 0x1cd457e0, with drawable 0x1cd65820

Obtaining format for pixmap 0x1327d1f0 and picture 0x1cd457e0
==7989== Invalid read of size 4
==7989==    at 0x8CAA0CA: glamor_get_tex_format_type_from_pixmap (glamor_utils.h:1252)
==7989==    by 0x8CAD1B7: glamor_download_sub_pixmap_to_cpu (glamor_pixmap.c:1074)
==7989==    by 0x8CA8BB7: _glamor_get_image (glamor_getimage.c:66)
==7989==    by 0x8CA8D2F: glamor_get_image (glamor_getimage.c:92)
==7989==    by 0x29AEF2: miSpriteGetImage (misprite.c:413)
==7989==    by 0x1E7674: compGetImage (compinit.c:148)
==7989==    by 0x1F5E5B: ProcShmGetImage (shm.c:684)
==7989==    by 0x1F686F: ProcShmDispatch (shm.c:1121)
==7989==    by 0x15D00D: Dispatch (dispatch.c:432)
==7989==    by 0x14C569: main (main.c:298)
==7989==  Address 0x1cd457f0 is 16 bytes inside a block of size 120 free'd
==7989==    at 0x4C2B60C: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7989==    by 0x228897: FreePicture (picture.c:1477)
==7989==    by 0x228B23: PictureDestroyWindow (picture.c:73)
==7989==    by 0x234C19: damageDestroyWindow (damage.c:1646)
==7989==    by 0x1E92C0: compDestroyWindow (compwindow.c:590)
==7989==    by 0x20FF85: DbeDestroyWindow (dbe.c:1389)
==7989==    by 0x185D46: FreeWindowResources (window.c:907)
==7989==    by 0x1889A7: DeleteWindow (window.c:975)
==7989==    by 0x17EBF1: doFreeResource (resource.c:873)
==7989==    by 0x17FC1B: FreeClientResources (resource.c:1139)
==7989==    by 0x15C4DE: CloseDownClient (dispatch.c:3402)
==7989==    by 0x2AB843: CheckConnections (connection.c:1008)
==7989==
(II) fail to get matched format for dfdfdfdf

The fix is to update the picture pointer when the window pixmap is changed,
so it moves the picture around with the window rather than the pixmap.

This makes FreePicture work correctly.

Signed-off-by: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=71088
Reviewed-by: Zhigang Gong <zhigang.gong@linux.intel.com>
glamor/glamor.c diff | blob | history
glamor/glamor_compositerects.c diff | blob | history
glamor/glamor_priv.h diff | blob | history
glamor/glamor_window.c diff | blob | history
Domain: Graphics System / X Window System;