Null pointer deref in FlushAllOutput with 1.19-rc1 ?
Olivier Fourdan
ofourdan at redhat.com
Thu Dec 8 07:52:37 UTC 2016
Hi Keith,
> Olivier Fourdan <ofourdan at redhat.com> writes:
>
> >> FlushAllOutput() in /usr/src/debug/xorg-server-20160929/os/io.c:612
> >> Dispatch() in /usr/src/debug/xorg-server-20160929/dix/dispatch.c:3491
> >> dix_main() in /usr/src/debug/xorg-server-20160929/dix/main.c:296
>
> I have a theory about how this is happening -- events may be delivered
> during client shutdown but after CloseDownClient removed the client from
> the output_pending queue. Moving this call until after clientGone is
> set, and then making output_pending_mark check that flag before queueing
> it will avoid that problem.
>
> A patch has been sent to the list, any idea how we can test this?
Unfortunately, I suspect the fix is not complete, as we still see similar bugs being reported against 1.19.0:
https://bugzilla.redhat.com/show_bug.cgi?id=1402515
https://bugzilla.redhat.com/show_bug.cgi?id=1402158
https://bugzilla.redhat.com/show_bug.cgi?id=1399773
I'm sorry to be the one bringing the bad news... Maybe it's a different issue but it looks quite similar, I reckon.
Cheers,
Olivier
More information about the xorg-devel
mailing list