Fix double free on fork after hsaKmtCloseKFD
Child process hsaKmtOpenKFD() call must re-initialize global variables copied from parent process. This includes close all file handles, free dynamically malloc buf. Double free issue is because destroy_device_ debugging_memory() free the memory in parent process hsaKmtCloseKFD() but don't reset it to null pointer. As a result, child process free it again. kfd_fd is closed in parent process but don't reset to 0, so child process close it again. Fix: reset kfd_fd to 0 after close, reset is_device_debugged pointer to 0 after free Change-Id: I421b3decbcaa4111298b8e599aa16940d851a58c Signed-off-by: Philip Yang <Philip.Yang@amd.com>
Этот коммит содержится в:
+3
-1
@@ -47,8 +47,10 @@ HSAKMT_STATUS init_device_debugging_memory(unsigned int NumNodes)
|
||||
|
||||
void destroy_device_debugging_memory(void)
|
||||
{
|
||||
if (is_device_debugged)
|
||||
if (is_device_debugged) {
|
||||
free(is_device_debugged);
|
||||
is_device_debugged = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
HSAKMT_STATUS HSAKMTAPI hsaKmtDbgRegister(HSAuint32 NodeId)
|
||||
|
||||
@@ -66,7 +66,10 @@ static void clear_after_fork(void)
|
||||
clear_events_page();
|
||||
fmm_clear_all_mem();
|
||||
destroy_device_debugging_memory();
|
||||
close(kfd_fd);
|
||||
if (kfd_fd) {
|
||||
close(kfd_fd);
|
||||
kfd_fd = 0;
|
||||
}
|
||||
kfd_open_count = 0;
|
||||
}
|
||||
|
||||
@@ -172,7 +175,10 @@ HSAKMT_STATUS HSAKMTAPI hsaKmtCloseKFD(void)
|
||||
destroy_device_debugging_memory();
|
||||
destroy_process_doorbells();
|
||||
fmm_destroy_process_apertures();
|
||||
close(kfd_fd);
|
||||
if (kfd_fd) {
|
||||
close(kfd_fd);
|
||||
kfd_fd = 0;
|
||||
}
|
||||
}
|
||||
|
||||
result = HSAKMT_STATUS_SUCCESS;
|
||||
|
||||
Ссылка в новой задаче
Block a user