mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-05-14 14:42:34 -04:00
a7e02f7796
When running xrandr to change resolution of DP, the kmemleak as below
can be observed:
unreferenced object 0xffff00080a351000 (size 256):
comm "Xorg", pid 248, jiffies 4294899614 (age 19.960s)
hex dump (first 32 bytes):
98 a0 bc 01 08 00 ff ff 01 00 00 00 00 00 00 00 ................
ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000e0bd0f69>] kmemleak_alloc+0x30/0x40
[<00000000cde2f318>] kmem_cache_alloc+0x3d4/0x588
[<0000000088ea9bd7>] drm_atomic_helper_setup_commit+0x84/0x5f8
[<000000002290a264>] drm_atomic_helper_commit+0x58/0x388
[<00000000f6ea78c3>] drm_atomic_commit+0x4c/0x60
[<00000000c8e0725e>] drm_atomic_connector_commit_dpms+0xe8/0x110
[<0000000020ade187>] drm_mode_obj_set_property_ioctl+0x1b0/0x450
[<00000000918206d6>] drm_connector_property_set_ioctl+0x3c/0x68
[<000000008d51e7a5>] drm_ioctl_kernel+0xc4/0x118
[<000000002a819b75>] drm_ioctl+0x214/0x448
[<000000008ca4e588>] __arm64_sys_ioctl+0xa8/0xf0
[<0000000034e15a35>] el0_svc_common.constprop.0+0x74/0x190
[<000000001b93d916>] do_el0_svc+0x24/0x90
[<00000000ce9230e0>] el0_svc+0x14/0x20
[<00000000e3607d82>] el0_sync_handler+0xb0/0xb8
[<000000003e79c15f>] el0_sync+0x174/0x180
This is because there is a scenario that a drm_crtc_commit commit is
allocated but not freed. The drm subsystem require/release references
to a CRTC commit by calling drm_crtc_commit_get/put, and when
drm_crtc_commit_put find that commit.ref.refcount is zero, it will
call __drm_crtc_commit_free to free this CRTC commit. Among these
drm_crtc_commit_get/put pairs, there is a drm_crtc_commit_get in
drm_atomic_helper_setup_commit as below:
...
new_crtc_state->event->base.completion = &commit->flip_done;
new_crtc_state->event->base.completion_release = release_crtc_commit;
drm_crtc_commit_get(commit);
...
This reference to the CRTC commit should be released at the function
release_crtc_commit by calling e->completion_release(e->completion) in
drm_send_event_locked. So we need to call drm_send_event_locked at
two places: handling vblank event in the irq handler and the crtc disable
helper. But in zynqmp_disp_crtc_atomic_disable, it only marks the flip
is done and not call drm_crtc_commit_put. This result that the refcount
of this commit is always non-zero and this commit will never be freed.
Since the function drm_crtc_send_vblank_event has operations both sending
a flip_done signal and releasing reference to the CRTC commit, let's use
it instead.
Signed-off-by: Quanyang Wang <quanyang.wang@windriver.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/20210202064121.173362-1-quanyang.wang@windriver.com
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.