[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <de0191f3-271b-4f0e-aa73-910543587c9d@collabora.com>
Date: Fri, 17 May 2024 12:35:05 +0200
From: AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>
To: Michael Walle <mwalle@...nel.org>, Chun-Kuang Hu
<chunkuang.hu@...nel.org>, Philipp Zabel <p.zabel@...gutronix.de>,
David Airlie <airlied@...il.com>, Daniel Vetter <daniel@...ll.ch>,
Matthias Brugger <matthias.bgg@...il.com>
Cc: Jani Nikula <jani.nikula@...el.com>, Chen-Yu Tsai <wenst@...omium.org>,
linux-mediatek@...ts.infradead.org, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] drm/mediatek/dp: fix spurious kfree()
Il 17/05/24 11:30, Michael Walle ha scritto:
> drm_edid_to_sad() might return an error or just zero. If that is the
> case, we must not free the SADs because there was no allocation in
> the first place.
>
> Fixes: dab12fa8d2bd ("drm/mediatek/dp: fix memory leak on ->get_edid callback audio detection")
> Signed-off-by: Michael Walle <mwalle@...nel.org>
> ---
> drivers/gpu/drm/mediatek/mtk_dp.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/gpu/drm/mediatek/mtk_dp.c b/drivers/gpu/drm/mediatek/mtk_dp.c
> index 536366956447..ada12927bbac 100644
> --- a/drivers/gpu/drm/mediatek/mtk_dp.c
> +++ b/drivers/gpu/drm/mediatek/mtk_dp.c
> @@ -2073,9 +2073,15 @@ static const struct drm_edid *mtk_dp_edid_read(struct drm_bridge *bridge,
> */
> const struct edid *edid = drm_edid_raw(drm_edid);
> struct cea_sad *sads;
> + int ret;
>
> - audio_caps->sad_count = drm_edid_to_sad(edid, &sads);
> - kfree(sads);
> + ret = drm_edid_to_sad(edid, &sads);
> + /* Ignore any errors */
> + if (ret < 0)
> + ret = 0;
> + if (ret)
Eh, this will never work, because you're clearing the error before checking
if there's any error here?!?! :-P
Anyway in reality, it returns -ENOMEM if the allocation was not successful...
in the event that any future update adds any other error we'd be back with the same
issue, but I'm not sure how much should we worry about that.
To be extremely safe, we could do...
if (ret != -ENOMEM)
kfree(sads)
audio_caps->sad_count = ret < 0 ? 0 : ret;
Cheers!
Angelo
> + kfree(sads);
> + audio_caps->sad_count = ret;
>
> /*
> * FIXME: This should use connector->display_info.has_audio from
Powered by blists - more mailing lists