xserver: Branch 'master'

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Tue Jun 15 10:10:50 UTC 2021 

 hw/xfree86/common/xf86Config.c |   10 ++++++----
 hw/xfree86/common/xf86Helper.c |   37 +++++++++++++++++++------------------
 hw/xfree86/common/xf86str.h    |    2 +-
 3 files changed, 26 insertions(+), 23 deletions(-)

New commits:
commit f8a6be04d0c7e6a99824ff888ad6c010960c5c21
Author: Łukasz Spintzyk <lukasz.spintzyk at synaptics.com>
Date:   Tue Jun 8 20:02:21 2021 +0200

    xfree86: Change displays array to pointers array to fix invalid pointer issues after table reallocation
    
    There are rare cases when xf86SetDepthBpp is resizing displays array in confScreen.
    As that array is shared between set of ScrnInfoRec's then realloc might invalidate chached DispPtr display values in
    otheres ScrnInfoRec objects.
    
    If we will change displays array as an array of pointers to DispRec then cached DispRec pointers in ScrnInfoRec
    won't be invalid after reallocation of displays array.
    
    Signed-off-by: Łukasz Spintzyk <lukasz.spintzyk at synaptics.com>

diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c
index 608f093bb..73ab88ba5 100644
--- a/hw/xfree86/common/xf86Config.c
+++ b/hw/xfree86/common/xf86Config.c
@@ -1794,7 +1794,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
         count++;
         dispptr = (XF86ConfDisplayPtr) dispptr->list.next;
     }
-    screenp->displays = xnfallocarray(count, sizeof(DispRec));
+    screenp->displays = xnfallocarray(count, sizeof(DispPtr));
     screenp->numdisplays = count;
 
     /* Fill in the default Virtual size, if any */
@@ -1802,8 +1802,9 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
         for (count = 0, dispptr = conf_screen->scrn_display_lst;
              dispptr;
              dispptr = (XF86ConfDisplayPtr) dispptr->list.next, count++) {
-            screenp->displays[count].virtualX = conf_screen->scrn_virtualX;
-            screenp->displays[count].virtualY = conf_screen->scrn_virtualY;
+            screenp->displays[count] = xnfcalloc(1, sizeof(DispRec));
+            screenp->displays[count]->virtualX = conf_screen->scrn_virtualX;
+            screenp->displays[count]->virtualY = conf_screen->scrn_virtualY;
         }
     }
 
@@ -1811,7 +1812,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
     count = 0;
     dispptr = conf_screen->scrn_display_lst;
     while (dispptr) {
-        configDisplay(&(screenp->displays[count]), dispptr);
+        configDisplay(screenp->displays[count], dispptr);
         count++;
         dispptr = (XF86ConfDisplayPtr) dispptr->list.next;
     }
@@ -1819,6 +1820,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
     /*
      * figure out how many videoadaptor references there are and fill them in
      */
+    count = 0;
     conf_adaptor = conf_screen->scrn_adaptor_lst;
     while (conf_adaptor) {
         count++;
diff --git a/hw/xfree86/common/xf86Helper.c b/hw/xfree86/common/xf86Helper.c
index 16ab309e2..0389945a7 100644
--- a/hw/xfree86/common/xf86Helper.c
+++ b/hw/xfree86/common/xf86Helper.c
@@ -526,8 +526,8 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
      * Find the Display subsection matching the depth/fbbpp and initialise
      * scrp->display with it.
      */
-    for (i = 0, disp = scrp->confScreen->displays;
-         i < scrp->confScreen->numdisplays; i++, disp++) {
+    for (i = 0; i < scrp->confScreen->numdisplays; i++) {
+        disp = scrp->confScreen->displays[i];
         if ((disp->depth == scrp->depth && disp->fbbpp == scrp->bitsPerPixel)
             || (disp->depth == scrp->depth && disp->fbbpp <= 0)
             || (disp->fbbpp == scrp->bitsPerPixel && disp->depth <= 0)) {
@@ -541,8 +541,8 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
      * depth or fbbpp specified.
      */
     if (i == scrp->confScreen->numdisplays) {
-        for (i = 0, disp = scrp->confScreen->displays;
-             i < scrp->confScreen->numdisplays; i++, disp++) {
+        for (i = 0; i < scrp->confScreen->numdisplays; i++) {
+            disp = scrp->confScreen->displays[i];
             if (disp->depth <= 0 && disp->fbbpp <= 0) {
                 scrp->display = disp;
                 break;
@@ -557,24 +557,25 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
         scrp->confScreen->numdisplays++;
         scrp->confScreen->displays =
             xnfreallocarray(scrp->confScreen->displays,
-                            scrp->confScreen->numdisplays, sizeof(DispRec));
+                            scrp->confScreen->numdisplays, sizeof(DispPtr));
         xf86DrvMsg(scrp->scrnIndex, X_INFO,
                    "Creating default Display subsection in Screen section\n"
                    "\t\"%s\" for depth/fbbpp %d/%d\n",
                    scrp->confScreen->id, scrp->depth, scrp->bitsPerPixel);
-        memset(&scrp->confScreen->displays[i], 0, sizeof(DispRec));
-        scrp->confScreen->displays[i].blackColour.red = -1;
-        scrp->confScreen->displays[i].blackColour.green = -1;
-        scrp->confScreen->displays[i].blackColour.blue = -1;
-        scrp->confScreen->displays[i].whiteColour.red = -1;
-        scrp->confScreen->displays[i].whiteColour.green = -1;
-        scrp->confScreen->displays[i].whiteColour.blue = -1;
-        scrp->confScreen->displays[i].defaultVisual = -1;
-        scrp->confScreen->displays[i].modes = xnfalloc(sizeof(char *));
-        scrp->confScreen->displays[i].modes[0] = NULL;
-        scrp->confScreen->displays[i].depth = depth;
-        scrp->confScreen->displays[i].fbbpp = fbbpp;
-        scrp->display = &scrp->confScreen->displays[i];
+        scrp->confScreen->displays[i] = xnfcalloc(1, sizeof(DispRec));
+        memset(scrp->confScreen->displays[i], 0, sizeof(DispRec));
+        scrp->confScreen->displays[i]->blackColour.red = -1;
+        scrp->confScreen->displays[i]->blackColour.green = -1;
+        scrp->confScreen->displays[i]->blackColour.blue = -1;
+        scrp->confScreen->displays[i]->whiteColour.red = -1;
+        scrp->confScreen->displays[i]->whiteColour.green = -1;
+        scrp->confScreen->displays[i]->whiteColour.blue = -1;
+        scrp->confScreen->displays[i]->defaultVisual = -1;
+        scrp->confScreen->displays[i]->modes = xnfalloc(sizeof(char *));
+        scrp->confScreen->displays[i]->modes[0] = NULL;
+        scrp->confScreen->displays[i]->depth = depth;
+        scrp->confScreen->displays[i]->fbbpp = fbbpp;
+        scrp->display = scrp->confScreen->displays[i];
     }
 
     /*
diff --git a/hw/xfree86/common/xf86str.h b/hw/xfree86/common/xf86str.h
index 8f8685ef2..9072932cb 100644
--- a/hw/xfree86/common/xf86str.h
+++ b/hw/xfree86/common/xf86str.h
@@ -351,7 +351,7 @@ typedef struct _confscreenrec {
     MonPtr monitor;
     GDevPtr device;
     int numdisplays;
-    DispPtr displays;
+    DispPtr *displays;
     int numxvadaptors;
     confXvAdaptorPtr xvadaptors;
     void *options;

More information about the xorg-commit mailing list