fix possible bad kref_put in amdgpu_uvd_ring_end_use
Christian König
deathsimple at vodafone.de
Tue Aug 16 08:02:14 UTC 2016
NAK, we already merged a patch to avoid the fence_put() in general when
the ring test fails.
Regards,
Christian.
Am 16.08.2016 um 08:33 schrieb Matthew Macy:
> Clang identified this when I was merging up 4.8-rc1/rc2. I usually just disable warnings as they pop up as I treat the drivers as vendor code and FreeBSD's default clang settings are a bit on the anal side. However, this appears to be a legitimate bug. I pointed the problem out on #dri-devel and was asked to send a patch here.
>
> I haven't submitted patches before, but this is a trivial fix so bear with me.
>
> From 89ea7621c52ff9d3b6e48fa315609a042f2f5e0d Mon Sep 17 00:00:00 2001
> From: Matt Macy <mmacy at nextbsd.org>
> Date: Mon, 15 Aug 2016 23:22:49 -0700
> Subject: [PATCH] drm/amdgpu: fix possible kref_put on random stack value
>
> If amdgpu_uvd_get_create_msg fails fence_put(fence) will be called with
> fence uninitialized - possibly leading to kref_put being called on whatever
> value happens to be on the stack. Initializing fence to NULL precludes this.
>
> Signed-off-by: Matt Macy mmacy at nextbsd.org
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c
> index b11f4e8..59931d4 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c
> @@ -1161,7 +1161,7 @@ void amdgpu_uvd_ring_end_use(struct amdgpu_ring *ring)
> */
> int amdgpu_uvd_ring_test_ib(struct amdgpu_ring *ring, long timeout)
> {
> - struct fence *fence;
> + struct fence *fence = NULL;
> long r;
>
> r = amdgpu_uvd_get_create_msg(ring, 1, NULL);
More information about the amd-gfx
mailing list