[igt-dev] [PATCH i-g-t v2] lib/igt_kms: Fix memory corruption
Vignesh Raman
vignesh.raman at collabora.com
Mon Nov 6 02:40:13 UTC 2023
Hi Daniel,
On 27/10/23 22:07, Daniel Stone wrote:
> Hi Vignesh,
>
> On 27/10/2023 15:40, Vignesh Raman wrote:
>> In crosvm, the kernel reports 16 for count_crtcs, which exceeds
>> IGT_MAX_PIPES set to 8. The function igt_display_require allocates
>> memory for IGT_MAX_PIPES members of igt_pipe_t structures, but then
>> writes into it based on the count_crtcs reported by the kernel,
>> resulting in memory corruption.
>
> To make this robust against future changes (32 CRTCs seems totally
> fanciful, but so did 16 a while ago), this needs to also be robust
> against count_crtcs exceeding IGT_NUM_PIPES, along the lines of your
> previous change.
Yes, I agree to make the code robust against potential changes in the
future. We can set IGT_MAX_PIPES to 32. I will send an updated patch.
Thanks.
Regards,
Vignesh
More information about the igt-dev
mailing list