[PATCH 08/13] drm/irq: Check for valid VBLANK before dereference
Thierry Reding
thierry.reding at gmail.com
Wed Aug 12 08:00:30 PDT 2015
From: Thierry Reding <treding at nvidia.com>
When accessing the array of per-CRTC VBLANK structures we must always
check that the index into the array is valid before dereferencing to
avoid crashing.
Signed-off-by: Thierry Reding <treding at nvidia.com>
---
drivers/gpu/drm/drm_irq.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/drm_irq.c b/drivers/gpu/drm/drm_irq.c
index 5c666c780fe9..a957b9618e85 100644
--- a/drivers/gpu/drm/drm_irq.c
+++ b/drivers/gpu/drm/drm_irq.c
@@ -1110,10 +1110,10 @@ void drm_vblank_put(struct drm_device *dev, int crtc)
{
struct drm_vblank_crtc *vblank = &dev->vblank[crtc];
- if (WARN_ON(atomic_read(&vblank->refcount) == 0))
+ if (WARN_ON(crtc >= dev->num_crtcs))
return;
- if (WARN_ON(crtc >= dev->num_crtcs))
+ if (WARN_ON(atomic_read(&vblank->refcount) == 0))
return;
/* Last user schedules interrupt disable */
@@ -1158,6 +1158,9 @@ void drm_wait_one_vblank(struct drm_device *dev, int crtc)
int ret;
u32 last;
+ if (WARN_ON(crtc >= dev->num_crtcs))
+ return;
+
ret = drm_vblank_get(dev, crtc);
if (WARN(ret, "vblank not available on crtc %i, ret=%i\n", crtc, ret))
return;
@@ -1428,6 +1431,9 @@ void drm_vblank_post_modeset(struct drm_device *dev, int crtc)
if (!dev->num_crtcs)
return;
+ if (WARN_ON(crtc >= dev->num_crtcs))
+ return;
+
if (vblank->inmodeset) {
spin_lock_irqsave(&dev->vbl_lock, irqflags);
dev->vblank_disable_allowed = true;
--
2.4.5
More information about the dri-devel
mailing list