[PATCH xserver] modesetting: Fix up some XXX from removing GLAMOR_HAS_DRM_*

Mario Kleiner mario.kleiner.de at gmail.com
Wed Mar 28 23:47:42 UTC 2018 

A new crasher, this time while trying to play with the non-desktop property.

On Thu, Mar 22, 2018 at 7:47 PM, Adam Jackson <ajax at redhat.com> wrote:
> Signed-off-by: Adam Jackson <ajax at redhat.com>
> ---
>  hw/xfree86/drivers/modesetting/drmmode_display.c | 75 +++++++++++++-----------
>  hw/xfree86/drivers/modesetting/present.c         |  1 -
>  2 files changed, 41 insertions(+), 35 deletions(-)
>
> diff --git a/hw/xfree86/drivers/modesetting/drmmode_display.c b/hw/xfree86/drivers/modesetting/drmmode_display.c
> index 6f636ba7bd..47c11adced 100644
> --- a/hw/xfree86/drivers/modesetting/drmmode_display.c
> +++ b/hw/xfree86/drivers/modesetting/drmmode_display.c

.... snip ...

> @@ -2244,18 +2247,19 @@ drmmode_output_dpms(xf86OutputPtr output, int mode)
>  {
>      drmmode_output_private_ptr drmmode_output = output->driver_private;
>      xf86CrtcPtr crtc = output->crtc;
> +    modesettingPtr ms = modesettingPTR(crtc->scrn);

--> This assignment above makes the X-Server crash, if output->crtc is
NULL, and therefore crtc->scrn is a NULL ptr deref.
output->crtc == NULL can happen from some call paths, e.g., whenever
xf86DisableUnusedFunctions() gets called and decides to dpms off an
output.

[ 12732.278] (EE) Backtrace:
[ 12732.278] (EE) 0: /usr/bin/X (OsSigHandler+0x29) [0x591c19]
[ 12732.279] (EE) 1: /lib/x86_64-linux-gnu/libpthread.so.0
(__restore_rt+0x0) [0x7f3ecf20d38f]
[ 12732.280] (EE) 2:
/usr/local/lib/xorg/modules/drivers/modesetting_drv.so
(drmmode_output_dpms+0x10) [0x7f3ecb2bcc60]
[ 12732.280] (EE) 3: /usr/bin/X (xf86DisableUnusedFunctions+0x13c) [0x4b10dc]
[ 12732.280] (EE) 4: /usr/bin/X (xf86RandR12CrtcSet+0x4ca) [0x4b941a]
[ 12732.281] (EE) 5: /usr/bin/X (RRCrtcSet+0x2ce) [0x4f2eee]
[ 12732.281] (EE) 6: /usr/bin/X (ProcRRSetCrtcConfig+0x420) [0x4f4740]
[ 12732.282] (EE) 7: /usr/bin/X (Dispatch+0x28b) [0x43e41b]
[ 12732.282] (EE) 8: /usr/bin/X (dix_main+0x398) [0x4424f8]
[ 12732.283] (EE) 9: /lib/x86_64-linux-gnu/libc.so.6
(__libc_start_main+0xf0) [0x7f3ecee52830]
[ 12732.283] (EE) 10: /usr/bin/X (_start+0x29) [0x42c4e9]
[ 12732.284] (EE) 11: ? (?+0x0) [0x0]
[ 12732.284] (EE)
[ 12732.284] (EE) Segmentation fault at address 0x8

How i triggered this in my case:

1. Have a VR HMD connected during server startup, which gets set to
"Output disconnected" due to having the new "non-desktop" property set
to true,
therefore the HMD on HDMI-3 stays dark.

2. xrandr --output HDMI-3 --set 'non-desktop' 0    because i want to
enable the HMD on my desktop to use it without a dedicated VR
compositor.
3. Boom!

thanks,
-mario

More information about the xorg-devel mailing list