Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp3578922pxb; Mon, 24 Jan 2022 12:41:17 -0800 (PST) X-Google-Smtp-Source: ABdhPJxCkafuM00+NUy9QcvdfvUbEp7h77x8/s3nI/fL5x2J3nn1B8fT5QRnnsjBJ9v0cK2502kr X-Received: by 2002:a17:902:e550:b0:14b:6dc8:b2f4 with SMTP id n16-20020a170902e55000b0014b6dc8b2f4mr1333250plf.56.1643056877017; Mon, 24 Jan 2022 12:41:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643056877; cv=none; d=google.com; s=arc-20160816; b=B/berxezdxT53BsO0ayQ6PUO3LvUa5b3H3FCI2NVzIxz2CFM/UeGWAz0KnaDFa1EqR FNwD833hzWhqVlz1rkC3WVvk1Z9bSvBTrLHluDrBIKU1AgRwAOoxV2xVg6P4YP2ELIJf VW3rvRn3kWEZmgVrLY7QiNFhdiZYeW+VCbwgikPc50nX9ihih6W1sQ0pFVDgpcJ9W+9k 9EePxzbyjyd+siA0taiAb/eEiApLJR5UgU7+dWU4rumzkGvNNXhUjXna+E+vKk7vS2Na 4N0rh87ZvWTXRINDqVUH5Nr4a+o6pIgg8sE+5nWIZl3bBlNRYYOiCnFp4bGszndKT7OR EbPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=Y8UlOKPL4x0I+w9FvmczKZQzjM11WitOpHu1NnDd7hI=; b=Qwg8DC9T00oWR9xZBVgC5IUQleTuNDVOQPR3be45/QoWSnFws8Ya4tHPHSGrzASESH oX8SRd44AWej4QALEDoHZQqjjbmDRUFAIgxxAkwm4hrk3BcAQ+y6vni2j/I1UDWqtnPU WnWwAZ3z4Gs+lhtjsrSPaFm2RPoO35o3YFC0pYr70rgOEjVyd2hi/OBmFS9rPU6SJBO6 BNl9ukGdVRcj1FbLnzQBA5TNjYGvU+7YSZs8kKAsxV9NSvIIG3uG6KjTtAsNKE8JkmhJ RO2kEBAehxJyCVEeSWnjy4ONTG1O1hfnKuN37BdNyal+OLxWcmXeQDlcmTPHaRYmHu9f zu4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="EIvsCF/s"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e12si15389686pgg.778.2022.01.24.12.41.01; Mon, 24 Jan 2022 12:41:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="EIvsCF/s"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1358612AbiAXTzb (ORCPT + 99 others); Mon, 24 Jan 2022 14:55:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1349080AbiAXTlA (ORCPT ); Mon, 24 Jan 2022 14:41:00 -0500 Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5763AC07A96D for ; Mon, 24 Jan 2022 11:20:09 -0800 (PST) Received: by mail-oi1-x229.google.com with SMTP id y23so8784971oia.13 for ; Mon, 24 Jan 2022 11:20:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Y8UlOKPL4x0I+w9FvmczKZQzjM11WitOpHu1NnDd7hI=; b=EIvsCF/shkSJKYfdjXZKNXCsVd70UCSlAARnO6sDbsxiWBHwhD/82BOJnQrXDl9IOz PFcMdh5ibyXsaAQcTPODkOpuxlRpW6Ykx3+iaL0mfu3o/5TQuzEDx8ce/CsAPrzpsBH0 Aq1xw2ZjdD9sgudMll8flbupKTmKPw8pARBNeIt/gt3ZmOXc0U4ez/5KDdbtmSmdJ/cY A7Z4/te+96euwxEnd8/NJBr/0001w5zlvvzIJi/j/otI7/zc1nWeoYlU4o4Pp+0rrOEb sMg62TePWcfT120HGmcpZPJ+W8BC4DVZ60OxaL1hE3s2BVUOxqLUUgtgRqjyoHlrl8LB UFGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Y8UlOKPL4x0I+w9FvmczKZQzjM11WitOpHu1NnDd7hI=; b=VFGyM+gedOMfU45UPgkWdCuK45LG3TLpJeTFyrMiCEl0dUKG7SucsG6dVuJ21vshMJ Y6eseNs/fyZ9wD57AtUGaDDXbgEj5z8yESQY1J/J5tN6SSxLLCQT6ETLfiV+OqTADgts X42O+rUQfeeSFzFnhde/CSH6yJ/vQV/5NdzMBfpZdb7xhSPoQZ4KzK1PxvHcOZP132Nv Vk0UCjH7kUa5vFdGtqt4QQYmrN1OqbpkwoWW8HBROfEOxr4vBxRlLvP1NWOb27N8wkul uCg1EBJnS5qqYdefY4rfS9S2jDPvyaxTy8uyTLTgbX0BTgIxBbTq1xmYvu+fYAftfhjn mH1Q== X-Gm-Message-State: AOAM533yM20s9Dae1HfIIvOSANHRF/SODuVsp5UgaW/9wAUoWuo/E09O 7D6jXnm+f0djFCJXET3US+gh2c9+h5yL6/LpKDuWzGQc X-Received: by 2002:a05:6808:300b:: with SMTP id ay11mr2766540oib.120.1643052008712; Mon, 24 Jan 2022 11:20:08 -0800 (PST) MIME-Version: 1.0 References: <20220124165552.56106-1-zhou1615@umn.edu> In-Reply-To: <20220124165552.56106-1-zhou1615@umn.edu> From: Alex Deucher Date: Mon, 24 Jan 2022 14:19:57 -0500 Message-ID: Subject: Re: [PATCH] drm/amd/display/dc/calcs/dce_calcs: Fix a memleak in calculate_bandwidth() To: Zhou Qingyang Cc: Leo Li , Kangjie Lu , "Pan, Xinhui" , Rodrigo Siqueira , LKML , amd-gfx list , David Airlie , Maling list - DRI developers , Alex Deucher , Lee Jones , =?UTF-8?Q?Christian_K=C3=B6nig?= Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Applied. Thanks! Alex On Mon, Jan 24, 2022 at 12:05 PM Zhou Qingyang wrote: > > In calculate_bandwidth(), the tag free_sclk and free_yclk are reversed, > which could lead to a memory leak of yclk. > > Fix this bug by changing the location of free_sclk and free_yclk. > > This bug was found by a static analyzer. > > Builds with 'make allyesconfig' show no new warnings, > and our static analyzer no longer warns about this code. > > Fixes: 2be8989d0fc2 ("drm/amd/display/dc/calcs/dce_calcs: Move some large variables from the stack to the heap") > Signed-off-by: Zhou Qingyang > --- > The analysis employs differential checking to identify inconsistent > security operations (e.g., checks or kfrees) between two code paths > and confirms that the inconsistent operations are not recovered in the > current function or the callers, so they constitute bugs. > > Note that, as a bug found by static analysis, it can be a false > positive or hard to trigger. Multiple researchers have cross-reviewed > the bug. > > drivers/gpu/drm/amd/display/dc/calcs/dce_calcs.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/gpu/drm/amd/display/dc/calcs/dce_calcs.c b/drivers/gpu/drm/amd/display/dc/calcs/dce_calcs.c > index ff5bb152ef49..e6ef36de0825 100644 > --- a/drivers/gpu/drm/amd/display/dc/calcs/dce_calcs.c > +++ b/drivers/gpu/drm/amd/display/dc/calcs/dce_calcs.c > @@ -2033,10 +2033,10 @@ static void calculate_bandwidth( > kfree(surface_type); > free_tiling_mode: > kfree(tiling_mode); > -free_yclk: > - kfree(yclk); > free_sclk: > kfree(sclk); > +free_yclk: > + kfree(yclk); > } > > /******************************************************************************* > -- > 2.25.1 >