From: Daniel Thompson <daniel.thompson@linaro.org>
To: Daniel Vetter <daniel@ffwll.ch>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>,
Intel Graphics Development <intel-gfx@lists.freedesktop.org>,
DRI Development <dri-devel@lists.freedesktop.org>
Subject: Re: [PATCH 15/17] drm/atomic-helpers: functions for state duplicate/destroy/reset
Date: Mon, 03 Nov 2014 15:06:07 +0000 [thread overview]
Message-ID: <545799DF.2090505@linaro.org> (raw)
In-Reply-To: <20141103145338.GO26941@phenom.ffwll.local>
On 03/11/14 14:53, Daniel Vetter wrote:
> On Mon, Nov 03, 2014 at 02:45:28PM +0000, Daniel Thompson wrote:
>>> index 70bd67cf86e3..bd38df3cbe55 100644
>>> --- a/drivers/gpu/drm/drm_atomic_helper.c
>>> +++ b/drivers/gpu/drm/drm_atomic_helper.c
>>> @@ -1429,7 +1429,7 @@ EXPORT_SYMBOL(drm_atomic_helper_set_config);
>>> /**
>>> * drm_atomic_helper_crtc_set_property - helper for crtc prorties
>>> * @crtc: DRM crtc
>>> - * @prorty: DRM property
>>> + * @property: DRM property
>>
>> This looks like a bad fixup (should be in patch 11).
>
> Indeed, will shuffle around.
>
>>> +void drm_atomic_helper_crtc_reset(struct drm_crtc *crtc)
>>> +{
>>> + kfree(crtc->state);
>>> + crtc->state = kzalloc(sizeof(*crtc->state), GFP_KERNEL);
>>
>> This code looks semantically equivalent to a memset() although it may
>> result in a change to the pointer value. Is this code trying to flush
>> out uses-after-free?
>>
>> I can't find this free/alloc pattern in delivered code anywhere else in
>> the drm code base. Should this need to be replaced with memset() before
>> merging (or at least commenting)?
>
> kfree is a nop when the argument is NULL, which is a crucial property of
> this - memset would oops on driver load.
Oops. Missed that (I think I misread who as assuming there was always
obj->state in the patch header).
Do you fancy making the comment "by freeing the state pointer and
allocating a new..." into "by freeing the state pointer (which may be
NULL) and allocating a new...".
If nothing else that means the documentation is richer than the code...
> Even neglecting this a memset imo doesn't blow up loudly enough if the
> driver subclasses the state structs (by adding more of it's driver private
> state at the end). Whereas underallocating tends to anger the slab
> poisoning code badly.
>
> Finally it's really not just a memset, but a free + realloc. See the plane
> state, which also needs to drop a potential fb reference. Imo the explicit
> kfree+realloc makes that more obvious.
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/dri-devel
next prev parent reply other threads:[~2014-11-03 15:06 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-02 13:19 [PATCH 00/17] atomic modeset core<->driver interfaces and helpers Daniel Vetter
2014-11-02 13:19 ` [PATCH 01/17] drm: Move drm_crtc_init from drm_crtc.h to drm_plane_helper.h Daniel Vetter
2014-11-04 20:31 ` Sean Paul
2014-11-02 13:19 ` [PATCH 02/17] drm: Pull drm_crtc.h into the kerneldoc template Daniel Vetter
2014-11-02 19:18 ` [PATCH] " Daniel Vetter
2014-11-03 3:04 ` Thierry Reding
2014-11-02 13:19 ` [PATCH 03/17] drm: fixup kerneldoc in drm_crtc.h Daniel Vetter
2014-11-02 19:19 ` Daniel Vetter
2014-11-02 13:19 ` [PATCH 04/17] drm/modeset_lock: document trylock_only in kerneldoc Daniel Vetter
2014-11-04 20:31 ` Sean Paul
2014-11-05 16:18 ` Thierry Reding
2014-11-02 13:19 ` [PATCH 05/17] drm: Add atomic driver interface definitions for objects Daniel Vetter
2014-11-04 20:31 ` Sean Paul
2014-11-05 16:26 ` Thierry Reding
2014-11-05 17:04 ` Daniel Vetter
2014-11-05 17:16 ` [Intel-gfx] " Damien Lespiau
2014-11-02 13:19 ` [PATCH 06/17] drm: Global atomic state handling Daniel Vetter
2014-11-03 23:41 ` Matt Roper
2014-11-04 8:40 ` Daniel Vetter
2014-11-04 20:31 ` Sean Paul
2014-11-04 21:30 ` Daniel Vetter
2014-11-04 21:41 ` Daniel Vetter
2014-11-04 21:37 ` [PATCH] " Daniel Vetter
2014-11-04 22:07 ` Daniel Vetter
2014-11-04 22:32 ` Sean Paul
2014-11-05 13:06 ` Ander Conselvan de Oliveira
2014-11-05 13:45 ` Daniel Vetter
2014-11-05 14:22 ` Daniel Vetter
2014-11-05 17:06 ` Daniel Vetter
2015-02-06 9:58 ` [Intel-gfx] " Jani Nikula
2015-02-06 21:14 ` Daniel Vetter
2014-11-02 13:19 ` [PATCH 07/17] drm: Add atomic/plane helpers Daniel Vetter
2014-11-04 22:30 ` Sean Paul
2014-11-04 23:16 ` Daniel Vetter
2014-11-02 13:19 ` [PATCH 08/17] drm/plane-helper: transitional atomic plane helpers Daniel Vetter
2014-11-05 16:45 ` Sean Paul
2014-11-05 16:51 ` Daniel Vetter
2014-11-05 16:59 ` [PATCH] " Daniel Vetter
2014-11-02 13:19 ` [PATCH 09/17] drm/crtc-helper: Transitional functions using " Daniel Vetter
2014-11-05 17:42 ` Sean Paul
2014-11-02 13:19 ` [PATCH 10/17] drm: Atomic crtc/connector updates using crtc/plane helper interfaces Daniel Vetter
2014-11-05 18:53 ` Sean Paul
2014-11-05 21:44 ` Daniel Vetter
2014-11-06 18:28 ` Sean Paul
2014-11-02 13:19 ` [PATCH 11/17] drm/atomic-helper: implementatations for legacy interfaces Daniel Vetter
2014-11-04 22:08 ` [PATCH] " Daniel Vetter
2014-11-05 13:46 ` Daniel Vetter
2014-11-05 19:48 ` Sean Paul
2014-11-05 22:01 ` Daniel Vetter
2014-11-06 18:31 ` Sean Paul
2014-11-02 13:19 ` [PATCH 12/17] drm/atomic: Integrate fence support Daniel Vetter
2014-11-06 17:43 ` [Intel-gfx] " Sean Paul
2014-11-02 13:19 ` [PATCH 13/17] drm/atomic-helpers: document how to implement async commit Daniel Vetter
2014-11-06 17:43 ` Sean Paul
2014-11-02 13:19 ` [PATCH 14/17] drm/atomic-helper: implement ->page_flip Daniel Vetter
2014-11-04 22:09 ` [PATCH] " Daniel Vetter
2014-11-05 11:35 ` Daniel Thompson
2014-11-05 13:46 ` Daniel Vetter
2014-11-06 17:43 ` [PATCH 14/17] " Sean Paul
2014-11-06 18:13 ` Daniel Vetter
2014-11-06 18:53 ` Sean Paul
2014-11-02 13:19 ` [PATCH 15/17] drm/atomic-helpers: functions for state duplicate/destroy/reset Daniel Vetter
2014-11-03 14:45 ` Daniel Thompson
2014-11-03 14:53 ` Daniel Vetter
2014-11-03 15:06 ` Daniel Thompson [this message]
2014-11-03 15:11 ` Daniel Vetter
2014-11-06 17:43 ` Sean Paul
2014-11-06 19:57 ` Daniel Vetter
2014-11-06 20:01 ` Sean Paul
2014-11-06 19:55 ` [PATCH] " Daniel Vetter
2014-11-02 13:19 ` [PATCH 16/17] drm: Docbook integration and over sections for all the new helpers Daniel Vetter
2014-11-06 17:43 ` Sean Paul
2014-11-06 20:00 ` [PATCH] " Daniel Vetter
2014-11-06 20:02 ` Sean Paul
2014-11-02 13:19 ` [PATCH 17/17] drm/atomic: Refcounting for plane_state->fb Daniel Vetter
2014-11-04 21:57 ` [PATCH] " Daniel Vetter
2014-11-06 17:44 ` [PATCH 17/17] " Sean Paul
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=545799DF.2090505@linaro.org \
--to=daniel.thompson@linaro.org \
--cc=daniel.vetter@ffwll.ch \
--cc=daniel@ffwll.ch \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox