Bug#413640: xserver-xorg-video-v4l: xserver crashes when v4l module is loaded
tags 413640 +upstream
thank you
Frédéric Giquel wrote:
> I've found the reason of the crash. It's not related to nv or nvidia
> driver but the AMD64 architecture.
>
> The explanation :
> - line 648 of v4l.c : ioctl(V4L_FD,VIDIOCGFREQ,value);
> - line 612 of v4l.c : we know that value is INT32 *
> - in videodev.h of kernel headers (from debian package
> linux-kernel-headers 2.6.18-7) :
> #define VIDIOCGFREQ _IOR('v',14, unsigned long)
>
> With 32 bits architecture, long is 32 bits and there's no problem.
> With 64 bits architecture like AMD64, long is 64 bits and ioctl try to
> write to the double-word *value and an unauthorized double-word near
> *value. So xorg crashes.
>
> To temporally fix the bug, I replace the line 648 of v4l.c with the next
> 3 lines :
> unsigned long freq;
> ioctl(V4L_FD,VIDIOCGFREQ,&freq);
> *value = (INT32) freq;
>
> There is no crash anymore with xvinfo. We lose some information (64 bits
> -> 32 bits) but it seems unimportant (the frequency value is between 0
> and 16000 according to line 190 of v4l.c).
> Perhaps, a best solution can be found...
>
> Fred
>
> PS : we certainly have the same problem with VIDIOCSFREQ to set the
> frequency (line 597 of v4l.c) but I didn't try anything.
>
Thanks a lot for this investigation. Would you mind reporting the
problem and fix upstream at https://bugs.freedesktop.org/index.cgi ?
Brice
Reply to: