[Mesa-dev] [PATCH] st/mesa: add null pointer checking in query object functions

Brian Paul brianp at vmware.com
Mon Mar 24 16:30:17 PDT 2014


Don't pass null query object pointers into gallium functions.
This avoids segfaulting in the VMware driver (and others?) if the
pipe_context::create_query() call fails and returns NULL.

Cc: "10.0" "10.1" <mesa-stable at lists.freedesktop.org>
---
 src/mesa/state_tracker/st_cb_queryobj.c |   18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/mesa/state_tracker/st_cb_queryobj.c b/src/mesa/state_tracker/st_cb_queryobj.c
index 5186a51..78a7370 100644
--- a/src/mesa/state_tracker/st_cb_queryobj.c
+++ b/src/mesa/state_tracker/st_cb_queryobj.c
@@ -141,7 +141,13 @@ st_BeginQuery(struct gl_context *ctx, struct gl_query_object *q)
          stq->pq = pipe->create_query(pipe, type);
          stq->type = type;
       }
-      pipe->begin_query(pipe, stq->pq);
+      if (stq->pq) {
+         pipe->begin_query(pipe, stq->pq);
+      }
+      else {
+         _mesa_error(ctx, GL_OUT_OF_MEMORY, "glBeginQuery");
+         return;
+      }
    }
    assert(stq->type == type);
 }
@@ -162,7 +168,8 @@ st_EndQuery(struct gl_context *ctx, struct gl_query_object *q)
       stq->type = PIPE_QUERY_TIMESTAMP;
    }
 
-   pipe->end_query(pipe, stq->pq);
+   if (stq->pq)
+      pipe->end_query(pipe, stq->pq);
 }
 
 
@@ -171,6 +178,13 @@ get_query_result(struct pipe_context *pipe,
                  struct st_query_object *stq,
                  boolean wait)
 {
+   if (!stq->pq) {
+      /* Only needed in case we failed to allocate the gallium query earlier.
+       * Return TRUE so we don't spin on this forever.
+       */
+      return TRUE;
+   }
+
    if (!pipe->get_query_result(pipe,
                                stq->pq,
                                wait,
-- 
1.7.10.4



More information about the mesa-dev mailing list