From c5695a405e95780c443ba8799ff1c086a5035ae3 Mon Sep 17 00:00:00 2001 From: "Ryan C. Gordon" Date: Sat, 19 Nov 2005 18:57:00 +0000 Subject: [PATCH] Date: Mon, 17 Oct 2005 20:09:03 -0400 From: Mark Schreiber To: ryan@clutteredmind.org Subject: [PATCH]SDL mprotect() crash fix (I'm going to throw this patch your way at the suggestion of #SDL -- for some reason, I had some difficulty sending it to the main list last time, and I go bonkers subscribing to send each email or patch...) Currently, when I run SDL applications as non-root using SDL_VIDEODRIVER=dga, the fbdev fallback mprotect()s read/write the proper size of mmapped /dev/fb0 (7.5MB), but on framebuffer release mprotect()s read-only the range by the entire size of my video memory (128MB), which causes a segfault: #0 0x002a9a27 in ?? () from /lib/libc.so.6 #1 0x04a63eb6 in SDL_XDGAUnmapFramebuffer (screen=3D0) at XF86DGA2.c:978 #2 0x04a63efc in SDL_XDGACloseFramebuffer (dpy=3D0x9d3f008, screen=3D0) at XF86DGA2.c:268 #3 0x04a68b57 in DGA_Available () at SDL_dgavideo.c:98 #4 0x04a53677 in SDL_VideoInit (driver_name=3D0xbfb0bfc7 "dga", flags=3D0) at SDL_video.c:180 #5 0x04a2613f in SDL_InitSubSystem (flags=3D32) at SDL.c:74 #6 0x04a2617c in SDL_Init (flags=3D32) at SDL.c:166 #7 0x08049722 in main (argc=3D1, argv=3D0x0) at testwin.c:32 This is SDL 1.2.8 on Fedora Core 4, radeon driver for a Radeon 9250, xorg-x11-6.8.2-37. I've attached a one-line patch against SDL CVS that updates the size of the framebuffer at framebuffer map time so that the mprotect() on unmap will be the same size. I'm not sure if this is the best approach (i.e. one might want to retain the original value), but it does make my SDL applications work without segfaulting. -- Best of luck, Mark Schreiber --- src/video/Xext/Xxf86dga/XF86DGA2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/video/Xext/Xxf86dga/XF86DGA2.c b/src/video/Xext/Xxf86dga/XF86DGA2.c index 91acf832e..ceae16446 100644 --- a/src/video/Xext/Xxf86dga/XF86DGA2.c +++ b/src/video/Xext/Xxf86dga/XF86DGA2.c @@ -957,7 +957,7 @@ DGAMapPhysical( (((long)finfo.smem_start)&~(PAGE_SIZE-1))) */ base = 0; - size = finfo.smem_len; + size = pMap->size = finfo.smem_len; } #else return False;