As kzalloc may fail and return NULL pointer,
it should be better to check cstate
in order to avoid the NULL pointer dereference
in __drm_atomic_helper_crtc_reset.
Fixes: 1cff7440a86e ("drm/msm: Convert to using __drm_atomic_helper_crtc_reset() for reset.")
Signed-off-by: Jiasheng Jiang <[email protected]>
---
drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
index 13ce321283ff..22c2787b7b38 100644
--- a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
+++ b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
@@ -968,7 +968,10 @@ static void dpu_crtc_reset(struct drm_crtc *crtc)
if (crtc->state)
dpu_crtc_destroy_state(crtc, crtc->state);
- __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
+ if (cstate)
+ __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
+ else
+ __drm_atomic_helper_crtc_reset(crtc, NULL);
}
/**
--
2.25.1
On 12/6/2022 12:05 AM, Jiasheng Jiang wrote:
> As kzalloc may fail and return NULL pointer,
> it should be better to check cstate
> in order to avoid the NULL pointer dereference
> in __drm_atomic_helper_crtc_reset.
You have wrapped around your lines too short. Please try to utilize the
full word limit for each line.
With that fixed,
Reviewed-by: Abhinav Kumar <[email protected]>
>
> Fixes: 1cff7440a86e ("drm/msm: Convert to using __drm_atomic_helper_crtc_reset() for reset.")
> Signed-off-by: Jiasheng Jiang <[email protected]>
> ---
> drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> index 13ce321283ff..22c2787b7b38 100644
> --- a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> +++ b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> @@ -968,7 +968,10 @@ static void dpu_crtc_reset(struct drm_crtc *crtc)
> if (crtc->state)
> dpu_crtc_destroy_state(crtc, crtc->state);
>
> - __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
> + if (cstate)
> + __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
> + else
> + __drm_atomic_helper_crtc_reset(crtc, NULL);
> }
>
> /**
On 06/12/2022 10:05, Jiasheng Jiang wrote:
> As kzalloc may fail and return NULL pointer,
> it should be better to check cstate
> in order to avoid the NULL pointer dereference
> in __drm_atomic_helper_crtc_reset.
>
> Fixes: 1cff7440a86e ("drm/msm: Convert to using __drm_atomic_helper_crtc_reset() for reset.")
> Signed-off-by: Jiasheng Jiang <[email protected]>
> ---
> drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> index 13ce321283ff..22c2787b7b38 100644
> --- a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> +++ b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
> @@ -968,7 +968,10 @@ static void dpu_crtc_reset(struct drm_crtc *crtc)
> if (crtc->state)
> dpu_crtc_destroy_state(crtc, crtc->state);
>
> - __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
> + if (cstate)
> + __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
> + else
> + __drm_atomic_helper_crtc_reset(crtc, NULL);
NAK.
The proper fix is to add the if() but to skip the else clause. We should
not reset the crtc's state if memory allocation failed.
> }
>
> /**
--
With best wishes
Dmitry
On 08/01/2023 23:56, Dmitry Baryshkov wrote:
> On 06/12/2022 10:05, Jiasheng Jiang wrote:
>> As kzalloc may fail and return NULL pointer,
>> it should be better to check cstate
>> in order to avoid the NULL pointer dereference
>> in __drm_atomic_helper_crtc_reset.
>>
>> Fixes: 1cff7440a86e ("drm/msm: Convert to using
>> __drm_atomic_helper_crtc_reset() for reset.")
>> Signed-off-by: Jiasheng Jiang <[email protected]>
>> ---
>> drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
>> b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
>> index 13ce321283ff..22c2787b7b38 100644
>> --- a/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
>> +++ b/drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c
>> @@ -968,7 +968,10 @@ static void dpu_crtc_reset(struct drm_crtc *crtc)
>> if (crtc->state)
>> dpu_crtc_destroy_state(crtc, crtc->state);
>> - __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
>> + if (cstate)
>> + __drm_atomic_helper_crtc_reset(crtc, &cstate->base);
>> + else
>> + __drm_atomic_helper_crtc_reset(crtc, NULL);
>
> NAK.
>
> The proper fix is to add the if() but to skip the else clause. We should
> not reset the crtc's state if memory allocation failed.
On the other hand... Some of the drivers do exactly this ops.
With the message fixed:
Reviewed-by: Dmitry Baryshkov <[email protected]>
--
With best wishes
Dmitry
On Tue, 06 Dec 2022 16:05:17 +0800, Jiasheng Jiang wrote:
> As kzalloc may fail and return NULL pointer,
> it should be better to check cstate
> in order to avoid the NULL pointer dereference
> in __drm_atomic_helper_crtc_reset.
>
>
Applied, thanks!
[1/1] drm/msm/dpu: Add check for cstate
https://gitlab.freedesktop.org/lumag/msm/-/commit/c96988b7d993
Best regards,
--
Dmitry Baryshkov <[email protected]>