On Fri, Jun 14, 2013 at 04:23:22PM +0200, Daniel Vetter wrote:
On Thu, Jun 13, 2013 at 3:03 PM, Russell King - ARM Linux linux@arm.linux.org.uk wrote:
There's a bigger issue here - if it's possible for drm_crtc_helper_set_config() to be called with set->fb set but set->mode NULL, then we overwrite set->fb to NULL. Again, that results in a lost reference.
For the time being, I'm using this patch, which solves my dropped refcount problem, and marks the other possible dropped reference. Either that check needs to be removed or it needs to properly drop the refcount on the fb before 'losing' the reference to it.
Scrap my other mail, I see now where the leaking happens. One of them is interface abuse which is now fixed (and i915 has a bunch of BUG_ONs to enforce them). The other one is indeed a real case that eluded me when I've done the refcountification for drm_framebuffers. I'll hack up some patches, since this seems to be a good excuse to port some of the i915 modeset improvements back to the crtc helpers.
If you're happy with the patch I supplied, that's probably the minimal fix which should go to stable kernels (I'm using 3.9 here) - this also counts as a "user visible bug". It's something I've tripped over which causes exhausts memory and can prevent the X server from starting up.
If you want me to package the patch up with a commit message and sign-off...