drm/amdgpu: Fix extra call to amdgpu_ctx_put.

In amdgpu_cs_parser_init() in case of error handling
amdgpu_ctx_put() is called without setting p->ctx to NULL after that,
later amdgpu_cs_parser_fini() also calls amdgpu_ctx_put() again and
mess up the reference count.

Signed-off-by: Andrey Grodzovsky <Andrey.Grodzovsky@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>

diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
index 2ae5d523ca105f31176f322a2626533284fe0e9c..dfd37785563f28c30355746b374e392a703b38a4 100644 (file)
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
@@ -97,7 +97,7 @@ static int amdgpu_cs_parser_init(struct amdgpu_cs_parser *p, void *data)
        if (copy_from_user(chunk_array, chunk_array_user,
                           sizeof(uint64_t)*cs->in.num_chunks)) {
                ret = -EFAULT;
-               goto put_ctx;
+               goto free_chunk;
        }
 
        p->nchunks = cs->in.num_chunks;
@@ -105,7 +105,7 @@ static int amdgpu_cs_parser_init(struct amdgpu_cs_parser *p, void *data)
                            GFP_KERNEL);
        if (!p->chunks) {
                ret = -ENOMEM;
-               goto put_ctx;
+               goto free_chunk;
        }
 
        for (i = 0; i < p->nchunks; i++) {
@@ -191,8 +191,6 @@ static int amdgpu_cs_parser_init(struct amdgpu_cs_parser *p, void *data)
        kfree(p->chunks);
        p->chunks = NULL;
        p->nchunks = 0;
-put_ctx:
-       amdgpu_ctx_put(p->ctx);
 free_chunk:
        kfree(chunk_array);