[PATCH v2] privates: Clear screen-specific keys during CloseScreen
Keith Packard
keithp at keithp.com
Thu Sep 17 15:57:28 PDT 2015
Aaron Plattner <aplattner at nvidia.com> writes:
> The modesetting driver corrupts memory when used after a server regeneration
> because not enough memory is allocated for its pixmap privates. This happens
> because its call to dixRegisterScreenSpecificPrivateKey() does nothing because
> key->initialized is still TRUE from the first server generation. However, the
> key is not in the screen's linked list of screen-specific privates because
> that's freed and reallocated during the server generation loop in dix_main().
>
> Fix this by clearing key->initialized after CloseScreen. Move the call to
> dixFreeScreenSpecificPrivates() after the call to CloseScreen, in case a
> driver's CloseScreen needs a screen private for something.
Oh, if you're just going to reset the key->initialized value, you should
leave the call above CloseScreen. That's because the storage for the key
may well be allocated by the driver, and would be freed by CloseScreen.
> I was thinking about your suggestion of ignoring key->initialized backwards
> yesterday. I think that would work too, but I think this is clearer and more
> explicit.
Cool, this does seem like the most conservative plan possible. Let's
just keep doing that before CloseScreen is called to avoid storing
through freed memory.
--
-keith
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 810 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20150917/2ff6fd7d/attachment.sig>
More information about the xorg-devel
mailing list