On Mon, 3 Dec 2001, Jacques GANGLOFF wrote:
> Hi,
>
> I tracked down a server crash located in xf86fbman.c.
> The crash was in function AllocateArea.
>
> The problem is a broken link in the chained list of
> areas. The link breaks when no new item
> in the list is allocated which occurs in some rare cases
> (which I could reproduce).
I don't see how.
>
> Here is a fix :
>
> 1. Add a variable newlink=0
> 2. Insert after link = xalloc(sizeof(FBLink)); the line newlink=1;
That's redundant. You we have link != NULL to indicate
that the link exists.
> 3. Update the links only if a new item has been allocated :
>
> if(area) {
> area->pScreen = pScreen;
> area->granularity = granularity;
> area->box.x1 = x;
> area->box.x2 = x + w;
> area->box.y1 = boxp->y1;
> area->box.y2 = boxp->y1 + h;
> area->MoveAreaCallback = moveCB;
> area->RemoveAreaCallback = removeCB;
> area->devPrivate.ptr = privData;
>
> REGION_INIT(pScreen, &NewReg, &(area->box), 1);
> REGION_SUBTRACT(pScreen, offman->FreeBoxes, offman->FreeBoxes, &NewReg);
> REGION_UNINIT(pScreen, &NewReg);
> if ( newlink ) { <---------------------------------------- ADD THIS TEST
>********************
It will never even get here if link was NULL. For
proof, note that area is only ever initialized with
&(link->area). If link didn't exist, neither would area
and it would never be here. I don't think your analysis
of the problem you are having is correct.
> link->next = offman->UsedAreas;
> offman->UsedAreas = link;
> }
> offman->NumUsedAreas++;
> }
>
MArk.
_______________________________________________
Xpert mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/xpert
