From mboxrd@z Thu Jan 1 00:00:00 1970 From: Claude Code Review Bot To: dri-devel-reviews@example.com Subject: Claude review: drm/panthor: Fix the "done_fence is initialized" detection logic Date: Tue, 10 Mar 2026 12:23:45 +1000 Message-ID: In-Reply-To: <20260309124318.222902-1-boris.brezillon@collabora.com> References: <20260309124318.222902-1-boris.brezillon@collabora.com> <20260309124318.222902-1-boris.brezillon@collabora.com> X-Mailer: Claude Code Patch Reviewer Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Patch Review **Correctness**: The fix is correct. The old code: ```c if (job->done_fence && job->done_fence->ops) ``` relied on `->ops` being non-NULL to distinguish an initialized (refcounted)= fence from a merely allocated (kzalloc'd) one. After the upstream dma-buf = change that clears `->ops` on signal, a signaled-but-initialized fence woul= d incorrectly fall through to `dma_fence_free()` instead of `dma_fence_put(= )`, potentially causing a use-after-free or double-free. The replacement: ```c if (dma_fence_was_initialized(job->done_fence)) ``` uses `dma_fence_was_initialized()` which checks `DMA_FENCE_FLAG_INITIALIZED= _BIT` in `fence->flags` =E2=80=94 a stable flag that survives signaling. It= also handles the `fence =3D=3D NULL` case internally (line 295 of `dma-fen= ce.h`: `return fence && test_bit(...)`), so the NULL check that was previou= sly part of the condition is preserved. **Commit message**: Clear and well-structured. The `Fixes:` tag, `Reported-= by:` tags, and v2 changelog are all present and correct. **No issues found.** This is a straightforward, correct bug fix. **Reviewed-by worthy**: Yes. The patch is minimal, well-targeted, and corre= ctly uses the API designed for exactly this purpose. --- Generated by Claude Code Patch Reviewer