fdo-mirrors/mesa
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/mesa/mesa.git synced 2025-12-23 15:30:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

util/slab: do not dereference NULL-pointer

Browse source 
This used to not be a problem, because these mutexes were the first
members of this array, meaning that we ended up trying to lock/unlock
NULL mutexes. But this isn't guaranteed to be allowed, so we were
relying on luck here.

Recently, this changed. We introduced asserts for NULL-pointers, and
changed the behavior in a way that leads to crashes in release-builds.
This means we can't rely on luck any longer.

Fixes: e317103753 ("c11/threads: Remove Win32 null checks")
Closes: https://gitlab.freedesktop.org/mesa/mesa/-/issues/3903
Reviewed-by: Eric Anholt <eric@anholt.net>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/7853>
This commit is contained in:
Erik Faye-Lund 2020-12-01 10:59:48 +01:00 committed by Marge Bot
parent 4c180c262b
commit 0471f83b07
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/util/slab.c
View file

@ -257,7 +257,8 @@ void slab_free(struct slab_child_pool *pool, void *ptr)
}
/* The slow case: migration or an orphaned page. */
mtx_lock(&pool->parent->mutex);
if (pool->parent)
mtx_lock(&pool->parent->mutex);
/* Note: we _must_ re-read elt->owner here because the owning child pool
* may have been destroyed by another thread in the meantime.
@ -268,9 +269,11 @@ void slab_free(struct slab_child_pool *pool, void *ptr)
struct slab_child_pool *owner = (struct slab_child_pool *)owner_int;
elt->next = owner->migrated;
owner->migrated = elt;
mtx_unlock(&pool->parent->mutex);
if (pool->parent)
mtx_unlock(&pool->parent->mutex);
} else {
mtx_unlock(&pool->parent->mutex);
if (pool->parent)
mtx_unlock(&pool->parent->mutex);
slab_free_orphaned(elt);
}