Hi Daniel,
> +/*
> + * This just sets wc mode for shmem helpers. vgem doesn't have any begin/end cpu
> + * access ioctls, there must use coherent memory or dma-buf sharing just wont
> + * work.
> + */
> +static struct drm_gem_object *vgem_gem_create_object(struct drm_device *dev, size_t size)
> {
> - struct drm_vgem_gem_object *obj;
> - int npages;
> + struct drm_gem_shmem_object *obj;
>
> - obj = __vgem_gem_create(dev, attach->dmabuf->size);
> - if (IS_ERR(obj))
> - return ERR_CAST(obj);
> -
> - npages = PAGE_ALIGN(attach->dmabuf->size) / PAGE_SIZE;
> + obj = kzalloc(sizeof(*obj), GFP_KERNEL);
> + if (!obj)
> + return NULL;
>
> - obj->table = sg;
> - obj->pages = kvmalloc_array(npages, sizeof(struct page *), GFP_KERNEL);
> - if (!obj->pages) {
> - __vgem_gem_destroy(obj);
> - return ERR_PTR(-ENOMEM);
> - }
> + obj->base.funcs = &drm_gem_shmem_funcs;
> + obj->map_wc = true;
>
> - obj->pages_pin_count++; /* perma-pinned */
> - drm_prime_sg_to_page_array(obj->table, obj->pages, npages);
> return &obj->base;
here you are allocating a bigger object than what you are
returning, in size. How does it get freed?
Andi
