[Intel-gfx] [PATCH] drm/i915: Fix possible null dereference in framebuffer_info debugfs function

Daniel Vetter daniel at ffwll.ch
Thu Nov 26 06:38:33 PST 2015 

On Thu, Nov 26, 2015 at 12:43:19PM +0000, Chris Wilson wrote:
> On Thu, Nov 26, 2015 at 04:32:30PM +0530, Namrta Salonie wrote:
> > Found by static code analysis tool.
> > 
> > v2: Inserted block instead of goto & renamed variables (Chris)
> > 
> > Signed-off-by: Namrta Salonie <namrta.salonie at intel.com>
> > Signed-off-by: Deepak S <deepak.s at intel.com>
> > ---
> >  drivers/gpu/drm/i915/i915_debugfs.c |   32 +++++++++++++++-----------------
> >  1 file changed, 15 insertions(+), 17 deletions(-)
> > 
> > diff --git a/drivers/gpu/drm/i915/i915_debugfs.c b/drivers/gpu/drm/i915/i915_debugfs.c
> > index a3b22bd..7c068ea 100644
> > --- a/drivers/gpu/drm/i915/i915_debugfs.c
> > +++ b/drivers/gpu/drm/i915/i915_debugfs.c
> > @@ -1865,31 +1865,29 @@ static int i915_gem_framebuffer_info(struct seq_file *m, void *data)
> >  {
> >  	struct drm_info_node *node = m->private;
> >  	struct drm_device *dev = node->minor->dev;
> > -	struct intel_fbdev *ifbdev = NULL;
> > -	struct intel_framebuffer *fb;
> > +	struct intel_framebuffer *fbdev_fb = NULL;
> >  	struct drm_framebuffer *drm_fb;
> >  
> >  #ifdef CONFIG_DRM_FBDEV_EMULATION
> > -	struct drm_i915_private *dev_priv = dev->dev_private;
> >  
> > -	ifbdev = dev_priv->fbdev;
> > -	fb = to_intel_framebuffer(ifbdev->helper.fb);
> > -
> > -	seq_printf(m, "fbcon size: %d x %d, depth %d, %d bpp, modifier 0x%llx, refcount %d, obj ",
> > -		   fb->base.width,
> > -		   fb->base.height,
> > -		   fb->base.depth,
> > -		   fb->base.bits_per_pixel,
> > -		   fb->base.modifier[0],
> > -		   atomic_read(&fb->base.refcount.refcount));
> > -	describe_obj(m, fb->obj);
> > -	seq_putc(m, '\n');
> > +	if (to_i915(dev)->fbdev) {
> > +		fbdev_fb = to_intel_framebuffer(to_i915(dev)->fbdev->helper.fb);
> > +		seq_printf(m, "fbcon size: %d x %d, depth %d, %d bpp, modifier 0x%llx, refcount %d, obj ",
> > +				fbdev_fb->base.width,
> > +				fbdev_fb->base.height,
> > +				fbdev_fb->base.depth,
> > +				fbdev_fb->base.bits_per_pixel,
> > +				fbdev_fb->base.modifier[0],
> > +				atomic_read(&fbdev_fb->base.refcount.refcount));
> 
> These should be aligned to the opening '('

Patch also doesn't apply cleanly any more on top of drm-intel-nightly. Can
you please rebase and fix up the alignment problem Chris pointed out
above?

Thanks, Daniel

> 
> Reviewed-by: Chris Wilson <chris at chris-wilson.co.uk>
> -Chris
> 
> -- 
> Chris Wilson, Intel Open Source Technology Centre
> _______________________________________________
> Intel-gfx mailing list
> Intel-gfx at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/intel-gfx

-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch

More information about the Intel-gfx mailing list