[PATCH 3.7-rc8] ttm: Fix possible _manager memory allocation oops

[Dave Airlie]

On Fri, Dec 7, 2012 at 9:05 AM, Tim Gardner <tim.gardner at canonical.com> wrote:
> On 12/06/2012 03:46 PM, Dave Airlie wrote:
>
>>>
>>>          ttm_page_pool_init_locked(&_manager->wc_pool, GFP_HIGHUSER,
>>> "wc");
>>>
>>> @@ -817,6 +821,7 @@ int ttm_page_alloc_init(struct ttm_mem_global *glob,
>>> unsigned max_pages)
>>>                                     &glob->kobj, "pool");
>>>          if (unlikely(ret != 0)) {
>>>                  kobject_put(&_manager->kobj);
>>> +               kfree(_manager);
>>>                  _manager = NULL;
>>
>>
>> I don;t think this is, since the kobject_put shuold free it.
>>
>
> kobject_put only frees memory referenced by kobj, but not the memory pointed
> at by _manager.
>

The memory pointed at by _manager is the memory freed by the kobj if I
read the code correctly.

Dave.