desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #135003
[Bug 1221616] Re: xmir_resize() releases a pixmap it does not own, leading to freed memory reads
I think this must be for old XMir, closing.
** Changed in: xorg-server (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg-server in Ubuntu.
https://bugs.launchpad.net/bugs/1221616
Title:
xmir_resize() releases a pixmap it does not own, leading to freed
memory reads
Status in xorg-server package in Ubuntu:
Invalid
Bug description:
==32480== Invalid read of size 4
==32480== at 0xA22E394: sna_dri_create_buffer (sna_dri.c:252)
==32480== by 0x27BF7A: allocate_or_reuse_buffer.isra.6 (dri2.c:448)
==32480== by 0x27CCE6: do_get_buffers (dri2.c:573)
==32480== by 0x27D11F: DRI2GetBuffersWithFormat (dri2.c:690)
==32480== by 0x27EAFF: ProcDRI2Dispatch (dri2ext.c:306)
==32480== by 0x15CFCD: Dispatch (dispatch.c:432)
==32480== by 0x14C529: main (main.c:298)
==32480== Address 0xb98d18c is 12 bytes inside a block of size 120 free'd
==32480== at 0x4C2B60C: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==32480== by 0xA19FC6D: sna_destroy_pixmap.part.69 (sna_accel.c:1393)
==32480== by 0xA19FCBE: sna_destroy_pixmap (sna_accel.c:1347)
==32480== by 0x234DC0: damageDestroyPixmap (damage.c:1559)
==32480== by 0x1F7B68: XvDestroyPixmap (xvmain.c:372)
==32480== by 0x1F66BE: ShmDestroyPixmap (shm.c:273)
==32480== by 0x86987D5: xmir_resize (xmir-output.c:453)
==32480== by 0x1DA7D6: xf86RandR12ScreenSetSize (xf86RandR12.c:699)
==32480== by 0x22231A: ProcRRSetScreenSize (rrscreen.c:286)
==32480== by 0x15CFCD: Dispatch (dispatch.c:432)
==32480== by 0x14C529: main (main.c:298)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1221616/+subscriptions
