From dfd51be3ca2a244bbca27a95310b60e0c14940df Mon Sep 17 00:00:00 2001 From: Olivier Fourdan Date: Tue, 23 Jul 2019 11:01:47 +0200 Subject: [PATCH xserver 05/15] xwayland: Do not free a NULL GBM bo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Both `gbm_bo_create()` and `gbm_bo_create_with_modifiers()` can fail and return `NULL`. If that occurs, `xwl_glamor_gbm_create_pixmap()` will not create a pixmap for the (NULL) GBM bo, but would still try to free the bo which leads to a crash in mesa: [...] #7 #8 in gbm_bo_destroy (bo=0x0) at ../src/gbm/main/gbm.c:439 #9 in xwl_glamor_gbm_create_pixmap () at xwayland-glamor-gbm.c:245 #10 in ProcCreatePixmap () at dispatch.c:1440 #11 in Dispatch () at dispatch.c:478 #12 in dix_main () at main.c:276 To avoid the crash, only free the GBM bo if not `NULL`. Signed-off-by: Olivier Fourdan Reviewed-by: Michel Dänzer Bugzilla: https://bugzilla.redhat.com/1729925 (cherry picked from commit d9ec525059dbe96fc893c73c0362be2a6dd73e85) --- hw/xwayland/xwayland-glamor-gbm.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hw/xwayland/xwayland-glamor-gbm.c b/hw/xwayland/xwayland-glamor-gbm.c index 80146ab6e..291e060cf 100644 --- a/hw/xwayland/xwayland-glamor-gbm.c +++ b/hw/xwayland/xwayland-glamor-gbm.c @@ -238,11 +238,12 @@ xwl_glamor_gbm_create_pixmap(ScreenPtr screen, GBM_BO_USE_SCANOUT | GBM_BO_USE_RENDERING); } - if (bo) + if (bo) { pixmap = xwl_glamor_gbm_create_pixmap_for_bo(screen, bo, depth); - if (!pixmap) - gbm_bo_destroy(bo); + if (!pixmap) + gbm_bo_destroy(bo); + } } if (!pixmap) -- 2.21.0