[Mesa-dev] [Bug 42651] New: NULL function pointer called in driCreateNewScreen with KMS disabled

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Sun Nov 6 20:43:48 PST 2011 

https://bugs.freedesktop.org/show_bug.cgi?id=42651

             Bug #: 42651
           Summary: NULL function pointer called in driCreateNewScreen
                    with KMS disabled
    Classification: Unclassified
           Product: Mesa
           Version: 7.9
          Platform: x86 (IA32)
        OS/Version: Linux (All)
            Status: NEW
          Severity: normal
          Priority: medium
         Component: Other
        AssignedTo: mesa-dev at lists.freedesktop.org
        ReportedBy: marcusedennis at gmail.com


Created attachment 53226
  --> https://bugs.freedesktop.org/attachment.cgi?id=53226
Xorg log

Component: Drivers/DRI/common

DESCRIPTION
-----------
When performing screen initialization while KMS is not available,
driCreateNewScreen is called while driDriverAPI.InitScreen == 0. The function
pointer is called without being checked for NULL value, causing a segmentation
violation. Further, the error is partially masked as the log reporting of the
error appears to generate another segmentation fault while attempting to
perform the backtrace.

HW Configuration
----------------
Dell Inspiron E1505, Core Duo processor (T2400 @ 1.83GHz)
ATI Mobility Radeon X1400 (RV515)

SW Configuration
----------------
Xorg 7.6 (configured by way of current svn BLFS book)
Xserver 1.9.3
Mesa 7.9
Linux 3.0.7

Steps to Reproduce
------------------
1. Build Xorg/XCB/Mesa consistent with build instructions at
http://www.linuxfromscratch.org/blfs/view/svn/
2. Build radeon kernel driver w/ KMS disabled by default, or boot with
radeon.modeset=0
3. Generate new X config (X -configure)
4. Start X server with new config (X -retro -config /root/xorg.conf.new)

Expected Results
----------------
X server should either initialize the display by a means that correctly handles
the lack of KMS, or it should refuse to start with an error indicating that
needed functionality is not present. At a minimum, the NULL function pointer
should be detected and an appropriate error should issue without a segfault.

Actual Results
--------------
X server crashes with a log message indicating the following:
Segmentation fault at address (nil)

Attempting to run with gdb produces the following backtrace:
#0  0x00000000 in ?? ()
#1  0xb4ccc896 in driCreateNewScreen (scrn=0, ddx_version=0xbfd422e4, 
    dri_version=0xbfd422f0, drm_version=0xbfd422fc, frame_buffer=0xbfd422c8, 
    pSAREA=0xb72ce000, fd=16, extensions=0xb746eaa4, driver_modes=0xbfd4232c, 
    loaderPrivate=0x92eb530) at ../common/dri_util.c:831
#2  0xb744672c in __glXDRIscreenProbe (pScreen=0x92a2ea0) at glxdri.c:1128
#3  0xb743d6c2 in GlxExtensionInit () at glxext.c:377
#4  0x080d5ff5 in InitExtensions (argc=4, argv=0xbfd424b4)
    at ../../../mi/miinitext.c:541
#5  0x0806dd02 in main (argc=4, argv=0xbfd424b4, envp=0xbfd424c8) at main.c:213

The segfault occurs upon executing the instruction:
*driver_modes = driDriverAPI.InitScreen(psp);

Attempting to print driDriverAPI before the offending call reveals that
InitScreen == 0.

Additional Notes
----------------
dri2CreateNewScreen contains a NULL check on InitScreen2, but
driCreateNewScreen lacks a comparable check on InitScreen.

Issue does not occur in the presence of KMS.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the mesa-dev mailing list