From: Daniel Vetter Date: Thu, 30 Mar 2017 13:32:53 +0000 (+0200) Subject: drm: Clear e after kfree in drm_mode_page_flip_ioctl X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=031e5896dfdc24839d60f168f6e8560e294674d3;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git drm: Clear e after kfree in drm_mode_page_flip_ioctl With the explicit retry loop static analyzers get confused by the control flow and believe that e could be accessed after kfree. That's not possible, but it's non-obvious, so let's clear it to NULL. We already cleared e = NULL at the top of the function, so this is all in line. Cc: Julia Lawall Reported-by: Julia Lawall Fixes: 29dc0d1de182 ("drm: Roll out acquire context for the page_flip ioctl") Cc: Harry Wentland Cc: Daniel Vetter Cc: Jani Nikula Cc: Sean Paul Reviewed-by: Harry Wentland Signed-off-by: Daniel Vetter Link: http://patchwork.freedesktop.org/patch/msgid/20170330133253.29500-1-daniel.vetter@ffwll.ch --- diff --git a/drivers/gpu/drm/drm_plane.c b/drivers/gpu/drm/drm_plane.c index ec3e2e757800..5eca3184a747 100644 --- a/drivers/gpu/drm/drm_plane.c +++ b/drivers/gpu/drm/drm_plane.c @@ -923,6 +923,7 @@ retry: ret = drm_event_reserve_init(dev, file_priv, &e->base, &e->event.base); if (ret) { kfree(e); + e = NULL; goto out; } }