[Mesa-dev] [PATCH] util/ralloc: set prev-pointers correctly in ralloc_adopt
Nicolai Hähnle
nhaehnle at gmail.com
Mon Sep 4 12:06:30 UTC 2017
From: Nicolai Hähnle <nicolai.haehnle at amd.com>
Found by inspection.
I'm not aware of any actual failures caused by this, but a precise
sequence of ralloc_adopt and ralloc_free should be able to cause
problems.
---
src/util/ralloc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/util/ralloc.c b/src/util/ralloc.c
index bf46439df4e..50e629fe450 100644
--- a/src/util/ralloc.c
+++ b/src/util/ralloc.c
@@ -304,24 +304,26 @@ ralloc_adopt(const void *new_ctx, void *old_ctx)
new_info = get_header(new_ctx);
/* If there are no children, bail. */
if (unlikely(old_info->child == NULL))
return;
/* Set all the children's parent to new_ctx; get a pointer to the last child. */
for (child = old_info->child; child->next != NULL; child = child->next) {
child->parent = new_info;
}
+ child->parent = new_info;
/* Connect the two lists together; parent them to new_ctx; make old_ctx empty. */
child->next = new_info->child;
- child->parent = new_info;
+ if (new_info->child)
+ new_info->child->prev = child;
new_info->child = old_info->child;
old_info->child = NULL;
}
void *
ralloc_parent(const void *ptr)
{
ralloc_header *info;
if (unlikely(ptr == NULL))
--
2.11.0
More information about the mesa-dev
mailing list