From 37ccce5e390a9d757474920f488cafa1cf89854a Mon Sep 17 00:00:00 2001 From: Maarten Lankhorst Date: Thu, 24 Nov 2011 14:08:53 +0100 Subject: nouveau: Mark nouveau subchannel unbound nouveau_grobj_free Valgrind throws warns about a user-after-free if you try to bind a new subchannel after the old one in that slot was freed, so remove it from the channel list. Signed-off-by: Maarten Lankhorst --- nouveau/nouveau_grobj.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nouveau/nouveau_grobj.c b/nouveau/nouveau_grobj.c index c6b98f16..36344b99 100644 --- a/nouveau/nouveau_grobj.c +++ b/nouveau/nouveau_grobj.c @@ -100,12 +100,13 @@ nouveau_grobj_free(struct nouveau_grobj **grobj) struct drm_nouveau_gpuobj_free f; FIRE_RING(&chan->base); - f.channel = chan->drm.channel; f.handle = nvgrobj->base.handle; drmCommandWrite(nvdev->fd, DRM_NOUVEAU_GPUOBJ_FREE, &f, sizeof(f)); } + if (nvgrobj->base.bound != NOUVEAU_GROBJ_UNBOUND) + chan->base.subc[nvgrobj->base.subc].gr = NULL; free(nvgrobj); } -- cgit v1.2.3