amdgpf: BUG: NULL pointer dereference and memory leak
亿一
teroincn at gmail.com
Tue Jul 30 08:47:15 UTC 2019
Hi alll,
While analyzing the source code, I notice that function
amdgpu_cs_process_fence_dep() may exist NULL pointer dereference and
memory leak in the following code fragments:
fence = amdgpu_ctx_get_fence(ctx, entity,
deps[i].handle);
if (chunk->chunk_id == AMDGPU_CHUNK_ID_SCHEDULED_DEPENDENCIES) {
struct drm_sched_fence *s_fence = to_drm_sched_fence(fence);
struct dma_fence *old = fence;
fence = dma_fence_get(&s_fence->scheduled);
dma_fence_put(old);
}
if (IS_ERR(fence)) {
r = PTR_ERR(fence);
amdgpu_ctx_put(ctx);
return r;
} else if (fence) {
r = amdgpu_sync_fence(p->adev, &p->job->sync, fence,
true);
dma_fence_put(fence);
amdgpu_ctx_put(ctx);
if (r)
return r;
}
function amdgpu_ctx_get_fence may return NULL pointer, which will
cause NULL pointer dereference. What's more, IS_ERR() would not
return true when pointer is NULL, which will cause the ctx reference
leaked.
But I don't know how to fix it, so report it to you all.
Best Regards.
Lin Yi.
More information about the amd-gfx
mailing list