On 09/17/2015 03:57 PM, Keith Packard wrote: > Aaron Plattner <[email protected]> writes: > >> The modesetting driver corrupts memory when used after a server regeneration >> because not enough memory is allocated for its pixmap privates. This happens >> because its call to dixRegisterScreenSpecificPrivateKey() does nothing >> because >> key->initialized is still TRUE from the first server generation. However, >> the >> key is not in the screen's linked list of screen-specific privates because >> that's freed and reallocated during the server generation loop in dix_main(). >> >> Fix this by clearing key->initialized after CloseScreen. Move the call to >> dixFreeScreenSpecificPrivates() after the call to CloseScreen, in case a >> driver's CloseScreen needs a screen private for something. > > Oh, if you're just going to reset the key->initialized value, you should > leave the call above CloseScreen. That's because the storage for the key > may well be allocated by the driver, and would be freed by CloseScreen.
Oh, duh, gotcha. Sorry for being dense. >> I was thinking about your suggestion of ignoring key->initialized backwards >> yesterday. I think that would work too, but I think this is clearer and more >> explicit. > > Cool, this does seem like the most conservative plan possible. Let's > just keep doing that before CloseScreen is called to avoid storing > through freed memory. Hopefully third time's the charm. -- Aaron _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
