* [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c
@ 2023-07-11 9:20 Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
` (2 more replies)
0 siblings, 3 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-11 9:20 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: Jocelyn Falempe, dri-devel
Jocelyn Falempe (2):
drm/client: Fix memory leak in drm_client_target_cloned
drm/client: Fix memory leak in drm_client_modeset_probe
drivers/gpu/drm/drm_client_modeset.c | 8 ++++++++
1 file changed, 8 insertions(+)
base-commit: 2f98e686ef59b5d19af5847d755798e2031bee3a
--
2.41.0
^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
2023-07-11 9:20 [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
@ 2023-07-11 9:20 ` Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
2023-07-13 14:01 ` [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
2 siblings, 0 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-11 9:20 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: Jocelyn Falempe, stable, dri-devel
dmt_mode is allocated and never freed in this function.
It was found with the ast driver, but most drivers using generic fbdev
setup are probably affected.
This fixes the following kmemleak report:
backtrace:
[<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
[<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
[<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
[<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
[<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
[<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
[<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
[<00000000987f19bb>] local_pci_probe+0xdc/0x180
[<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
[<0000000000b85301>] process_one_work+0x8b7/0x1540
[<000000003375b17c>] worker_thread+0x70a/0xed0
[<00000000b0d43cd9>] kthread+0x29f/0x340
[<000000008d770833>] ret_from_fork+0x1f/0x30
unreferenced object 0xff11000333089a00 (size 128):
cc: <stable@vger.kernel.org>
Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
Reported-by: Zhang Yi <yizhan@redhat.com>
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
---
drivers/gpu/drm/drm_client_modeset.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
index 1b12a3c201a3..a4a62aa99984 100644
--- a/drivers/gpu/drm/drm_client_modeset.c
+++ b/drivers/gpu/drm/drm_client_modeset.c
@@ -311,6 +311,9 @@ static bool drm_client_target_cloned(struct drm_device *dev,
can_clone = true;
dmt_mode = drm_mode_find_dmt(dev, 1024, 768, 60, false);
+ if (!dmt_mode)
+ goto fail;
+
for (i = 0; i < connector_count; i++) {
if (!enabled[i])
continue;
@@ -326,11 +329,13 @@ static bool drm_client_target_cloned(struct drm_device *dev,
if (!modes[i])
can_clone = false;
}
+ kfree(dmt_mode);
if (can_clone) {
DRM_DEBUG_KMS("can clone using 1024x768\n");
return true;
}
+fail:
DRM_INFO("kms: can't enable cloning when we probably wanted to.\n");
return false;
}
--
2.41.0
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
@ 2023-07-11 9:20 ` Jocelyn Falempe
0 siblings, 0 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-11 9:20 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: dri-devel, Jocelyn Falempe, stable
dmt_mode is allocated and never freed in this function.
It was found with the ast driver, but most drivers using generic fbdev
setup are probably affected.
This fixes the following kmemleak report:
backtrace:
[<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
[<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
[<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
[<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
[<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
[<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
[<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
[<00000000987f19bb>] local_pci_probe+0xdc/0x180
[<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
[<0000000000b85301>] process_one_work+0x8b7/0x1540
[<000000003375b17c>] worker_thread+0x70a/0xed0
[<00000000b0d43cd9>] kthread+0x29f/0x340
[<000000008d770833>] ret_from_fork+0x1f/0x30
unreferenced object 0xff11000333089a00 (size 128):
cc: <stable@vger.kernel.org>
Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
Reported-by: Zhang Yi <yizhan@redhat.com>
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
---
drivers/gpu/drm/drm_client_modeset.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
index 1b12a3c201a3..a4a62aa99984 100644
--- a/drivers/gpu/drm/drm_client_modeset.c
+++ b/drivers/gpu/drm/drm_client_modeset.c
@@ -311,6 +311,9 @@ static bool drm_client_target_cloned(struct drm_device *dev,
can_clone = true;
dmt_mode = drm_mode_find_dmt(dev, 1024, 768, 60, false);
+ if (!dmt_mode)
+ goto fail;
+
for (i = 0; i < connector_count; i++) {
if (!enabled[i])
continue;
@@ -326,11 +329,13 @@ static bool drm_client_target_cloned(struct drm_device *dev,
if (!modes[i])
can_clone = false;
}
+ kfree(dmt_mode);
if (can_clone) {
DRM_DEBUG_KMS("can clone using 1024x768\n");
return true;
}
+fail:
DRM_INFO("kms: can't enable cloning when we probably wanted to.\n");
return false;
}
--
2.41.0
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
2023-07-11 9:20 [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
@ 2023-07-11 9:20 ` Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
2023-07-13 14:01 ` [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
2 siblings, 0 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-11 9:20 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: Jocelyn Falempe, stable, dri-devel
When a new mode is set to modeset->mode, the previous mode should be freed.
This fixes the following kmemleak report:
drm_mode_duplicate+0x45/0x220 [drm]
drm_client_modeset_probe+0x944/0xf50 [drm]
__drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
drm_client_register+0x169/0x240 [drm]
ast_pci_probe+0x142/0x190 [ast]
local_pci_probe+0xdc/0x180
work_for_cpu_fn+0x4e/0xa0
process_one_work+0x8b7/0x1540
worker_thread+0x70a/0xed0
kthread+0x29f/0x340
ret_from_fork+0x1f/0x30
cc: <stable@vger.kernel.org>
Reported-by: Zhang Yi <yizhan@redhat.com>
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
---
drivers/gpu/drm/drm_client_modeset.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
index a4a62aa99984..5d4703b4648a 100644
--- a/drivers/gpu/drm/drm_client_modeset.c
+++ b/drivers/gpu/drm/drm_client_modeset.c
@@ -867,6 +867,9 @@ int drm_client_modeset_probe(struct drm_client_dev *client, unsigned int width,
break;
}
+ if (modeset->mode)
+ kfree(modeset->mode);
+
modeset->mode = drm_mode_duplicate(dev, mode);
drm_connector_get(connector);
modeset->connectors[modeset->num_connectors++] = connector;
--
2.41.0
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
@ 2023-07-11 9:20 ` Jocelyn Falempe
0 siblings, 0 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-11 9:20 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: dri-devel, Jocelyn Falempe, stable
When a new mode is set to modeset->mode, the previous mode should be freed.
This fixes the following kmemleak report:
drm_mode_duplicate+0x45/0x220 [drm]
drm_client_modeset_probe+0x944/0xf50 [drm]
__drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
drm_client_register+0x169/0x240 [drm]
ast_pci_probe+0x142/0x190 [ast]
local_pci_probe+0xdc/0x180
work_for_cpu_fn+0x4e/0xa0
process_one_work+0x8b7/0x1540
worker_thread+0x70a/0xed0
kthread+0x29f/0x340
ret_from_fork+0x1f/0x30
cc: <stable@vger.kernel.org>
Reported-by: Zhang Yi <yizhan@redhat.com>
Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
---
drivers/gpu/drm/drm_client_modeset.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
index a4a62aa99984..5d4703b4648a 100644
--- a/drivers/gpu/drm/drm_client_modeset.c
+++ b/drivers/gpu/drm/drm_client_modeset.c
@@ -867,6 +867,9 @@ int drm_client_modeset_probe(struct drm_client_dev *client, unsigned int width,
break;
}
+ if (modeset->mode)
+ kfree(modeset->mode);
+
modeset->mode = drm_mode_duplicate(dev, mode);
drm_connector_get(connector);
modeset->connectors[modeset->num_connectors++] = connector;
--
2.41.0
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
2023-07-11 9:20 ` Jocelyn Falempe
@ 2023-07-11 9:28 ` Javier Martinez Canillas
-1 siblings, 0 replies; 14+ messages in thread
From: Javier Martinez Canillas @ 2023-07-11 9:28 UTC (permalink / raw)
To: Jocelyn Falempe, tzimmermann, airlied, yizhan
Cc: Jocelyn Falempe, stable, dri-devel
Jocelyn Falempe <jfalempe@redhat.com> writes:
Hello Jocelyn,
> dmt_mode is allocated and never freed in this function.
> It was found with the ast driver, but most drivers using generic fbdev
> setup are probably affected.
>
> This fixes the following kmemleak report:
> backtrace:
> [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
> [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
> [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
> [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
> [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
> [<00000000987f19bb>] local_pci_probe+0xdc/0x180
> [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
> [<0000000000b85301>] process_one_work+0x8b7/0x1540
> [<000000003375b17c>] worker_thread+0x70a/0xed0
> [<00000000b0d43cd9>] kthread+0x29f/0x340
> [<000000008d770833>] ret_from_fork+0x1f/0x30
> unreferenced object 0xff11000333089a00 (size 128):
>
> cc: <stable@vger.kernel.org>
> Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
The patch looks good to me.
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
--
Best regards,
Javier Martinez Canillas
Core Platforms
Red Hat
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
@ 2023-07-11 9:28 ` Javier Martinez Canillas
0 siblings, 0 replies; 14+ messages in thread
From: Javier Martinez Canillas @ 2023-07-11 9:28 UTC (permalink / raw)
To: Jocelyn Falempe, tzimmermann, airlied, yizhan
Cc: dri-devel, Jocelyn Falempe, stable
Jocelyn Falempe <jfalempe@redhat.com> writes:
Hello Jocelyn,
> dmt_mode is allocated and never freed in this function.
> It was found with the ast driver, but most drivers using generic fbdev
> setup are probably affected.
>
> This fixes the following kmemleak report:
> backtrace:
> [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
> [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
> [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
> [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
> [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
> [<00000000987f19bb>] local_pci_probe+0xdc/0x180
> [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
> [<0000000000b85301>] process_one_work+0x8b7/0x1540
> [<000000003375b17c>] worker_thread+0x70a/0xed0
> [<00000000b0d43cd9>] kthread+0x29f/0x340
> [<000000008d770833>] ret_from_fork+0x1f/0x30
> unreferenced object 0xff11000333089a00 (size 128):
>
> cc: <stable@vger.kernel.org>
> Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
The patch looks good to me.
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
--
Best regards,
Javier Martinez Canillas
Core Platforms
Red Hat
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
2023-07-11 9:20 ` Jocelyn Falempe
@ 2023-07-11 9:29 ` Javier Martinez Canillas
-1 siblings, 0 replies; 14+ messages in thread
From: Javier Martinez Canillas @ 2023-07-11 9:29 UTC (permalink / raw)
To: Jocelyn Falempe, tzimmermann, airlied, yizhan
Cc: Jocelyn Falempe, stable, dri-devel
Jocelyn Falempe <jfalempe@redhat.com> writes:
> When a new mode is set to modeset->mode, the previous mode should be freed.
> This fixes the following kmemleak report:
>
> drm_mode_duplicate+0x45/0x220 [drm]
> drm_client_modeset_probe+0x944/0xf50 [drm]
> __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> drm_client_register+0x169/0x240 [drm]
> ast_pci_probe+0x142/0x190 [ast]
> local_pci_probe+0xdc/0x180
> work_for_cpu_fn+0x4e/0xa0
> process_one_work+0x8b7/0x1540
> worker_thread+0x70a/0xed0
> kthread+0x29f/0x340
> ret_from_fork+0x1f/0x30
>
> cc: <stable@vger.kernel.org>
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
--
Best regards,
Javier Martinez Canillas
Core Platforms
Red Hat
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
@ 2023-07-11 9:29 ` Javier Martinez Canillas
0 siblings, 0 replies; 14+ messages in thread
From: Javier Martinez Canillas @ 2023-07-11 9:29 UTC (permalink / raw)
To: Jocelyn Falempe, tzimmermann, airlied, yizhan
Cc: dri-devel, Jocelyn Falempe, stable
Jocelyn Falempe <jfalempe@redhat.com> writes:
> When a new mode is set to modeset->mode, the previous mode should be freed.
> This fixes the following kmemleak report:
>
> drm_mode_duplicate+0x45/0x220 [drm]
> drm_client_modeset_probe+0x944/0xf50 [drm]
> __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> drm_client_register+0x169/0x240 [drm]
> ast_pci_probe+0x142/0x190 [ast]
> local_pci_probe+0xdc/0x180
> work_for_cpu_fn+0x4e/0xa0
> process_one_work+0x8b7/0x1540
> worker_thread+0x70a/0xed0
> kthread+0x29f/0x340
> ret_from_fork+0x1f/0x30
>
> cc: <stable@vger.kernel.org>
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
--
Best regards,
Javier Martinez Canillas
Core Platforms
Red Hat
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
2023-07-11 9:20 ` Jocelyn Falempe
@ 2023-07-11 9:43 ` Thomas Zimmermann
-1 siblings, 0 replies; 14+ messages in thread
From: Thomas Zimmermann @ 2023-07-11 9:43 UTC (permalink / raw)
To: Jocelyn Falempe, airlied, javierm, yizhan; +Cc: dri-devel, stable
[-- Attachment #1.1: Type: text/plain, Size: 1833 bytes --]
Am 11.07.23 um 11:20 schrieb Jocelyn Falempe:
> When a new mode is set to modeset->mode, the previous mode should be freed.
> This fixes the following kmemleak report:
>
> drm_mode_duplicate+0x45/0x220 [drm]
> drm_client_modeset_probe+0x944/0xf50 [drm]
> __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> drm_client_register+0x169/0x240 [drm]
> ast_pci_probe+0x142/0x190 [ast]
> local_pci_probe+0xdc/0x180
> work_for_cpu_fn+0x4e/0xa0
> process_one_work+0x8b7/0x1540
> worker_thread+0x70a/0xed0
> kthread+0x29f/0x340
> ret_from_fork+0x1f/0x30
>
> cc: <stable@vger.kernel.org>
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
> drivers/gpu/drm/drm_client_modeset.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
> index a4a62aa99984..5d4703b4648a 100644
> --- a/drivers/gpu/drm/drm_client_modeset.c
> +++ b/drivers/gpu/drm/drm_client_modeset.c
> @@ -867,6 +867,9 @@ int drm_client_modeset_probe(struct drm_client_dev *client, unsigned int width,
> break;
> }
>
> + if (modeset->mode)
> + kfree(modeset->mode);
kfree() does a NULL-pointer test. So it can be removed here. With that
changed:
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
> +
> modeset->mode = drm_mode_duplicate(dev, mode);
> drm_connector_get(connector);
> modeset->connectors[modeset->num_connectors++] = connector;
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe
@ 2023-07-11 9:43 ` Thomas Zimmermann
0 siblings, 0 replies; 14+ messages in thread
From: Thomas Zimmermann @ 2023-07-11 9:43 UTC (permalink / raw)
To: Jocelyn Falempe, airlied, javierm, yizhan; +Cc: stable, dri-devel
[-- Attachment #1.1: Type: text/plain, Size: 1833 bytes --]
Am 11.07.23 um 11:20 schrieb Jocelyn Falempe:
> When a new mode is set to modeset->mode, the previous mode should be freed.
> This fixes the following kmemleak report:
>
> drm_mode_duplicate+0x45/0x220 [drm]
> drm_client_modeset_probe+0x944/0xf50 [drm]
> __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> drm_client_register+0x169/0x240 [drm]
> ast_pci_probe+0x142/0x190 [ast]
> local_pci_probe+0xdc/0x180
> work_for_cpu_fn+0x4e/0xa0
> process_one_work+0x8b7/0x1540
> worker_thread+0x70a/0xed0
> kthread+0x29f/0x340
> ret_from_fork+0x1f/0x30
>
> cc: <stable@vger.kernel.org>
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
> ---
> drivers/gpu/drm/drm_client_modeset.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
> index a4a62aa99984..5d4703b4648a 100644
> --- a/drivers/gpu/drm/drm_client_modeset.c
> +++ b/drivers/gpu/drm/drm_client_modeset.c
> @@ -867,6 +867,9 @@ int drm_client_modeset_probe(struct drm_client_dev *client, unsigned int width,
> break;
> }
>
> + if (modeset->mode)
> + kfree(modeset->mode);
kfree() does a NULL-pointer test. So it can be removed here. With that
changed:
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
> +
> modeset->mode = drm_mode_duplicate(dev, mode);
> drm_connector_get(connector);
> modeset->connectors[modeset->num_connectors++] = connector;
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
2023-07-11 9:20 ` Jocelyn Falempe
@ 2023-07-11 9:44 ` Thomas Zimmermann
-1 siblings, 0 replies; 14+ messages in thread
From: Thomas Zimmermann @ 2023-07-11 9:44 UTC (permalink / raw)
To: Jocelyn Falempe, airlied, javierm, yizhan; +Cc: dri-devel, stable
[-- Attachment #1.1: Type: text/plain, Size: 2694 bytes --]
Am 11.07.23 um 11:20 schrieb Jocelyn Falempe:
> dmt_mode is allocated and never freed in this function.
> It was found with the ast driver, but most drivers using generic fbdev
> setup are probably affected.
>
> This fixes the following kmemleak report:
> backtrace:
> [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
> [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
> [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
> [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
> [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
> [<00000000987f19bb>] local_pci_probe+0xdc/0x180
> [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
> [<0000000000b85301>] process_one_work+0x8b7/0x1540
> [<000000003375b17c>] worker_thread+0x70a/0xed0
> [<00000000b0d43cd9>] kthread+0x29f/0x340
> [<000000008d770833>] ret_from_fork+0x1f/0x30
> unreferenced object 0xff11000333089a00 (size 128):
>
> cc: <stable@vger.kernel.org>
> Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
> ---
> drivers/gpu/drm/drm_client_modeset.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
> index 1b12a3c201a3..a4a62aa99984 100644
> --- a/drivers/gpu/drm/drm_client_modeset.c
> +++ b/drivers/gpu/drm/drm_client_modeset.c
> @@ -311,6 +311,9 @@ static bool drm_client_target_cloned(struct drm_device *dev,
> can_clone = true;
> dmt_mode = drm_mode_find_dmt(dev, 1024, 768, 60, false);
>
> + if (!dmt_mode)
> + goto fail;
> +
> for (i = 0; i < connector_count; i++) {
> if (!enabled[i])
> continue;
> @@ -326,11 +329,13 @@ static bool drm_client_target_cloned(struct drm_device *dev,
> if (!modes[i])
> can_clone = false;
> }
> + kfree(dmt_mode);
>
> if (can_clone) {
> DRM_DEBUG_KMS("can clone using 1024x768\n");
> return true;
> }
> +fail:
> DRM_INFO("kms: can't enable cloning when we probably wanted to.\n");
> return false;
> }
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned
@ 2023-07-11 9:44 ` Thomas Zimmermann
0 siblings, 0 replies; 14+ messages in thread
From: Thomas Zimmermann @ 2023-07-11 9:44 UTC (permalink / raw)
To: Jocelyn Falempe, airlied, javierm, yizhan; +Cc: stable, dri-devel
[-- Attachment #1.1: Type: text/plain, Size: 2694 bytes --]
Am 11.07.23 um 11:20 schrieb Jocelyn Falempe:
> dmt_mode is allocated and never freed in this function.
> It was found with the ast driver, but most drivers using generic fbdev
> setup are probably affected.
>
> This fixes the following kmemleak report:
> backtrace:
> [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
> [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
> [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
> [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
> [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
> [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
> [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
> [<00000000987f19bb>] local_pci_probe+0xdc/0x180
> [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
> [<0000000000b85301>] process_one_work+0x8b7/0x1540
> [<000000003375b17c>] worker_thread+0x70a/0xed0
> [<00000000b0d43cd9>] kthread+0x29f/0x340
> [<000000008d770833>] ret_from_fork+0x1f/0x30
> unreferenced object 0xff11000333089a00 (size 128):
>
> cc: <stable@vger.kernel.org>
> Fixes: 1d42bbc8f7f9 ("drm/fbdev: fix cloning on fbcon")
> Reported-by: Zhang Yi <yizhan@redhat.com>
> Signed-off-by: Jocelyn Falempe <jfalempe@redhat.com>
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
> ---
> drivers/gpu/drm/drm_client_modeset.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/gpu/drm/drm_client_modeset.c b/drivers/gpu/drm/drm_client_modeset.c
> index 1b12a3c201a3..a4a62aa99984 100644
> --- a/drivers/gpu/drm/drm_client_modeset.c
> +++ b/drivers/gpu/drm/drm_client_modeset.c
> @@ -311,6 +311,9 @@ static bool drm_client_target_cloned(struct drm_device *dev,
> can_clone = true;
> dmt_mode = drm_mode_find_dmt(dev, 1024, 768, 60, false);
>
> + if (!dmt_mode)
> + goto fail;
> +
> for (i = 0; i < connector_count; i++) {
> if (!enabled[i])
> continue;
> @@ -326,11 +329,13 @@ static bool drm_client_target_cloned(struct drm_device *dev,
> if (!modes[i])
> can_clone = false;
> }
> + kfree(dmt_mode);
>
> if (can_clone) {
> DRM_DEBUG_KMS("can clone using 1024x768\n");
> return true;
> }
> +fail:
> DRM_INFO("kms: can't enable cloning when we probably wanted to.\n");
> return false;
> }
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 840 bytes --]
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c
2023-07-11 9:20 [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
@ 2023-07-13 14:01 ` Jocelyn Falempe
2 siblings, 0 replies; 14+ messages in thread
From: Jocelyn Falempe @ 2023-07-13 14:01 UTC (permalink / raw)
To: tzimmermann, airlied, javierm, yizhan; +Cc: dri-devel
On 11/07/2023 11:20, Jocelyn Falempe wrote:
> Jocelyn Falempe (2):
> drm/client: Fix memory leak in drm_client_target_cloned
> drm/client: Fix memory leak in drm_client_modeset_probe
>
I just pushed the two patches to drm-misc-fixes, after removing the
useless NULL check of the second patch.
Thank for your quick reviews.
Best regards,
--
Jocelyn
> drivers/gpu/drm/drm_client_modeset.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
>
> base-commit: 2f98e686ef59b5d19af5847d755798e2031bee3a
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2023-07-13 14:02 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-11 9:20 [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
2023-07-11 9:20 ` [PATCH 1/2] drm/client: Fix memory leak in drm_client_target_cloned Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
2023-07-11 9:28 ` Javier Martinez Canillas
2023-07-11 9:28 ` Javier Martinez Canillas
2023-07-11 9:44 ` Thomas Zimmermann
2023-07-11 9:44 ` Thomas Zimmermann
2023-07-11 9:20 ` [PATCH 2/2] drm/client: Fix memory leak in drm_client_modeset_probe Jocelyn Falempe
2023-07-11 9:20 ` Jocelyn Falempe
2023-07-11 9:29 ` Javier Martinez Canillas
2023-07-11 9:29 ` Javier Martinez Canillas
2023-07-11 9:43 ` Thomas Zimmermann
2023-07-11 9:43 ` Thomas Zimmermann
2023-07-13 14:01 ` [PATCH 0/2] Two memory leak fixes in drm_client_modeset.c Jocelyn Falempe
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.