From: "Ville Syrjälä" <ville.syrjala@linux.intel.com>
To: Peter Wu <peter@lekensteyn.nl>
Cc: intel-gfx@lists.freedesktop.org
Subject: Re: [PATCH xf86-video-intel v2] SNA: fix PRIME output support since xserver 1.20
Date: Fri, 15 Nov 2019 18:00:36 +0200 [thread overview]
Message-ID: <20191115160036.GG1208@intel.com> (raw)
In-Reply-To: <20191115153247.372989-1-peter@lekensteyn.nl>
On Fri, Nov 15, 2019 at 04:32:47PM +0100, Peter Wu wrote:
> Since "Make PixmapDirtyUpdateRec::src a DrawablePtr" in xserver, the
> "src" pointer might point to the root window (created by the server)
> instead of a pixmap (as created by xf86-video-intel). Use
> get_drawable_pixmap to handle both cases.
>
> When built with -fsanitize=address, the following test on a hybrid
> graphics laptop will trigger a heap-buffer-overflow error due to
> to_sna_from_pixmap receiving a window instead of a pixmap:
>
> xrandr --setprovideroutputsource modesetting Intel
> xrandr --output DP-1-1 --mode 2560x1440 # should not crash
> glxgears # should display gears on both screens
>
> With nouveau instead of modesetting, it does not crash but the external
> monitor remains blank aside from a mouse cursor. This patch fixes both.
>
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=100086
> Signed-off-by: Peter Wu <peter@lekensteyn.nl>
> ---
> v1: https://lists.freedesktop.org/archives/intel-gfx/2018-August/173522.html
> v2: rebased on current master (2.99.917-893-gbff5eca4), reworded commit.
>
> This patch has been tested at https://bugs.archlinux.org/task/64238, I
> have additionally tested it with both modesetting and nouveau under
> ASAN, the modesetting ASAN trace for unpatched intel can be found at:
> https://bugs.freedesktop.org/show_bug.cgi?id=100086#c24
>
> commit 2.99.917-891-g581ddc5d ("sna: Fix compiler warnings due to
> DrawablePtr vs. PixmapPtr") incorporated all compiler warning fixes from
> v1 of this patch, but unfortunately lacks this crucial bugfix.
> ---
> src/sna/sna_accel.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/sna/sna_accel.c b/src/sna/sna_accel.c
> index fa386ff6..ee857a14 100644
> --- a/src/sna/sna_accel.c
> +++ b/src/sna/sna_accel.c
> @@ -17684,10 +17684,10 @@ static void sna_accel_post_damage(struct sna *sna)
> continue;
>
> #ifdef HAS_DIRTYTRACKING_DRAWABLE_SRC
> - assert(dirty->src->type == DRAWABLE_PIXMAP);
> + src = get_drawable_pixmap(dirty->src);
> +#else
> + src = dirty->src;
Looks sensible enough to me:
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
> #endif
> -
> - src = (PixmapPtr)dirty->src;
> dst = dirty->slave_dst->master_pixmap;
>
> region.extents.x1 = dirty->x;
> --
> 2.23.0
--
Ville Syrjälä
Intel
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
WARNING: multiple messages have this Message-ID (diff)
From: "Ville Syrjälä" <ville.syrjala@linux.intel.com>
To: Peter Wu <peter@lekensteyn.nl>
Cc: intel-gfx@lists.freedesktop.org
Subject: Re: [Intel-gfx] [PATCH xf86-video-intel v2] SNA: fix PRIME output support since xserver 1.20
Date: Fri, 15 Nov 2019 18:00:36 +0200 [thread overview]
Message-ID: <20191115160036.GG1208@intel.com> (raw)
Message-ID: <20191115160036.9_j-xDPTwcIXg9xPfXqL69EKfrqmZOJ1mGY5oQeZsDo@z> (raw)
In-Reply-To: <20191115153247.372989-1-peter@lekensteyn.nl>
On Fri, Nov 15, 2019 at 04:32:47PM +0100, Peter Wu wrote:
> Since "Make PixmapDirtyUpdateRec::src a DrawablePtr" in xserver, the
> "src" pointer might point to the root window (created by the server)
> instead of a pixmap (as created by xf86-video-intel). Use
> get_drawable_pixmap to handle both cases.
>
> When built with -fsanitize=address, the following test on a hybrid
> graphics laptop will trigger a heap-buffer-overflow error due to
> to_sna_from_pixmap receiving a window instead of a pixmap:
>
> xrandr --setprovideroutputsource modesetting Intel
> xrandr --output DP-1-1 --mode 2560x1440 # should not crash
> glxgears # should display gears on both screens
>
> With nouveau instead of modesetting, it does not crash but the external
> monitor remains blank aside from a mouse cursor. This patch fixes both.
>
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=100086
> Signed-off-by: Peter Wu <peter@lekensteyn.nl>
> ---
> v1: https://lists.freedesktop.org/archives/intel-gfx/2018-August/173522.html
> v2: rebased on current master (2.99.917-893-gbff5eca4), reworded commit.
>
> This patch has been tested at https://bugs.archlinux.org/task/64238, I
> have additionally tested it with both modesetting and nouveau under
> ASAN, the modesetting ASAN trace for unpatched intel can be found at:
> https://bugs.freedesktop.org/show_bug.cgi?id=100086#c24
>
> commit 2.99.917-891-g581ddc5d ("sna: Fix compiler warnings due to
> DrawablePtr vs. PixmapPtr") incorporated all compiler warning fixes from
> v1 of this patch, but unfortunately lacks this crucial bugfix.
> ---
> src/sna/sna_accel.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/sna/sna_accel.c b/src/sna/sna_accel.c
> index fa386ff6..ee857a14 100644
> --- a/src/sna/sna_accel.c
> +++ b/src/sna/sna_accel.c
> @@ -17684,10 +17684,10 @@ static void sna_accel_post_damage(struct sna *sna)
> continue;
>
> #ifdef HAS_DIRTYTRACKING_DRAWABLE_SRC
> - assert(dirty->src->type == DRAWABLE_PIXMAP);
> + src = get_drawable_pixmap(dirty->src);
> +#else
> + src = dirty->src;
Looks sensible enough to me:
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
> #endif
> -
> - src = (PixmapPtr)dirty->src;
> dst = dirty->slave_dst->master_pixmap;
>
> region.extents.x1 = dirty->x;
> --
> 2.23.0
--
Ville Syrjälä
Intel
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2019-11-15 16:00 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-15 15:32 [PATCH xf86-video-intel v2] SNA: fix PRIME output support since xserver 1.20 Peter Wu
2019-11-15 15:32 ` [Intel-gfx] " Peter Wu
2019-11-15 16:00 ` Ville Syrjälä [this message]
2019-11-15 16:00 ` Ville Syrjälä
2019-11-15 18:14 ` Ville Syrjälä
2019-11-15 18:14 ` [Intel-gfx] " Ville Syrjälä
2019-11-16 16:13 ` Peter Wu
2019-11-16 16:13 ` [Intel-gfx] " Peter Wu
2019-11-18 15:44 ` Ville Syrjälä
2019-11-18 15:44 ` [Intel-gfx] " Ville Syrjälä
2019-11-15 19:53 ` ✗ Fi.CI.BUILD: failure for SNA: fix PRIME output support since xserver 1.20 (rev2) Patchwork
2019-11-15 19:53 ` [Intel-gfx] " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191115160036.GG1208@intel.com \
--to=ville.syrjala@linux.intel.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=peter@lekensteyn.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.