[Mesa-dev] [PATCH] svga: fix sid corruption in vmw_drm_surface_from_handle()
Sinclair Yeh
syeh at vmware.com
Tue Feb 17 18:12:09 PST 2015
On Tue, Feb 03, 2015 at 03:16:51PM +0000, danielx.j.van.der.wath at intel.com wrote:
> From: Daniel van der Wath <danielx.j.van.der.wath at intel.com>
>
> The value stored in "handle" is trashed before being copied into the
> surface's sid. Use the original value from "whandle->handle" instead.
> This fixes a bug with Weston running on VMWare, where SVGA3D_SetRenderTarget()
> would fail and prevent anything from being drawn on screen.
>
> Reviewed-by: Satyeshwar Singh <satyeshwar.singh at intel.com>
> ---
> src/gallium/winsys/svga/drm/vmw_screen_dri.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/gallium/winsys/svga/drm/vmw_screen_dri.c b/src/gallium/winsys/svga/drm/vmw_screen_dri.c
> index 79a1b3e..0f796c4 100644
> --- a/src/gallium/winsys/svga/drm/vmw_screen_dri.c
> +++ b/src/gallium/winsys/svga/drm/vmw_screen_dri.c
> @@ -319,7 +319,7 @@ vmw_drm_surface_from_handle(struct svga_winsys_screen *sws,
> pipe_reference_init(&vsrf->refcnt, 1);
> p_atomic_set(&vsrf->validated, 0);
> vsrf->screen = vws;
> - vsrf->sid = handle;
> + vsrf->sid = whandle->handle;
This doesn't look right because the patch will allow referencing
a surface that has been destroyed.
The problem is probably from an unnecessary call to
vmw_ioctl_surface_destroy() earlier in the function.
Instead of the current patch, can you try adding a check for
"if (vws->ioctl.have_drm_2_6)" at line 262 covering the entire
DRM_API_HANDLE_TYPE_FD case, and also at line 286 for the existing
IF condition?
If you like, you can take a look at commit 2f6fcd65 for ideas.
Please give it a try and let me know.
Thanks!
Sinclair
More information about the mesa-dev
mailing list