On Thu, Jan 26, 2017 at 02:46:20PM +, Chris Wilson wrote:
> On Thu, Jan 26, 2017 at 05:32:11PM +0300, Andrey Ryabinin wrote:
> > page_flip_completed() dereferences 'work' variable after executing
> > queue_work(). This is not safe as the 'work' item might be already freed
> > by queued work:
>
On Thu, Jan 26, 2017 at 02:46:20PM +, Chris Wilson wrote:
> On Thu, Jan 26, 2017 at 05:32:11PM +0300, Andrey Ryabinin wrote:
> > page_flip_completed() dereferences 'work' variable after executing
> > queue_work(). This is not safe as the 'work' item might be already freed
> > by queued work:
>
On Thu, Jan 26, 2017 at 05:32:11PM +0300, Andrey Ryabinin wrote:
> page_flip_completed() dereferences 'work' variable after executing
> queue_work(). This is not safe as the 'work' item might be already freed
> by queued work:
>
> BUG: KASAN: use-after-free in page_flip_completed+0x3ff/0x490
On Thu, Jan 26, 2017 at 05:32:11PM +0300, Andrey Ryabinin wrote:
> page_flip_completed() dereferences 'work' variable after executing
> queue_work(). This is not safe as the 'work' item might be already freed
> by queued work:
>
> BUG: KASAN: use-after-free in page_flip_completed+0x3ff/0x490
page_flip_completed() dereferences 'work' variable after executing
queue_work(). This is not safe as the 'work' item might be already freed
by queued work:
BUG: KASAN: use-after-free in page_flip_completed+0x3ff/0x490 at addr
8803dc010f90
Call Trace:
page_flip_completed() dereferences 'work' variable after executing
queue_work(). This is not safe as the 'work' item might be already freed
by queued work:
BUG: KASAN: use-after-free in page_flip_completed+0x3ff/0x490 at addr
8803dc010f90
Call Trace:
6 matches
Mail list logo
