[bug report] drm/ttm: fix re-init of global structures
Dan Carpenter
dan.carpenter at oracle.com
Tue Feb 4 12:57:41 UTC 2020
Hello Christian König,
The patch bd4264112f93: "drm/ttm: fix re-init of global structures"
from Apr 16, 2019, leads to the following static checker warning:
drivers/gpu/drm/ttm/ttm_bo.c:1610 ttm_bo_global_release()
warn: passing freed memory 'glob'
drivers/gpu/drm/ttm/ttm_bo.c
1591 static void ttm_bo_global_kobj_release(struct kobject *kobj)
1592 {
1593 struct ttm_bo_global *glob =
1594 container_of(kobj, struct ttm_bo_global, kobj);
1595
1596 __free_page(glob->dummy_read_page);
1597 }
1598
1599 static void ttm_bo_global_release(void)
1600 {
1601 struct ttm_bo_global *glob = &ttm_bo_glob;
1602
1603 mutex_lock(&ttm_global_mutex);
1604 if (--ttm_bo_glob_use_count > 0)
1605 goto out;
1606
1607 kobject_del(&glob->kobj);
1608 kobject_put(&glob->kobj);
1609 ttm_mem_global_release(&ttm_mem_glob);
1610 memset(glob, 0, sizeof(*glob));
^^^^^^^^^^^^^^^^^^^^^^
Depending on the config kobject_release() might call ttm_bo_global_kobj_release()
a few seconds after this memset. Maybe put the memset into
ttm_bo_global_kobj_release()?
1611 out:
1612 mutex_unlock(&ttm_global_mutex);
1613 }
regards,
dan carpenter
More information about the dri-devel
mailing list