Bug 20260

Summary: some fault in xf86FBManagerLinear memory management
Product: xorg Reporter: Bo Du <bobdu>
Component: Server/DDX/XorgAssignee: Xorg Project Team <xorg-team>
Status: RESOLVED INVALID QA Contact: Xorg Project Team <xorg-team>
Severity: normal    
Priority: medium CC: bobdu
Version: 7.4 (2008.09)   
Hardware: x86 (IA32)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:

Description Bo Du 2009-02-22 18:55:02 UTC 
There is some fault in the memory management algorithm of xf86FBManagerLinear.
It perform combine backwards without checking pLinkPrev->free, it will cause video memory lost in some situation.

Line 1030 in xorg-server-1.5.2\hw\xfree86\common\xf86fbman.c
   static void localFreeOffscreenLinear(FBLinearPtr linear)

1020   pLink->free = 1;

1029   if(pLinkPrev) {
1030   	if (pLinkPrev->next && pLinkPrev->next->free && !pLinkPrev->area) {
1031      	    FBLinearLinkPtr p = pLinkPrev->next;
1032      	    pLinkPrev->linear.size += p->linear.size;
1033      	    pLinkPrev->next = p->next;
1034      	    free(p);
1035    	}
1036   } 


The fault:
missing check whether pLinkPrev->free ??? but check pLinkPrev->next->free wrongly ? In fact, no need to check pLinkPrev->next->free, because it is set as 1 already in Line 1020.
Comment 1 Adam Jackson 2018-06-12 18:43:19 UTC 
Mass closure: This bug has been untouched for more than six years, and is not obviously still valid. Please file a new report if you continue to experience issues with a current server.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.