[PATCH] drm/msm/dpu: Add callback function pointer check before its call
Abhinav Kumar
quic_abhinavk at quicinc.com
Mon Apr 8 16:51:43 UTC 2024
On 4/8/2024 1:55 AM, Aleksandr Mishin wrote:
> In dpu_core_irq_callback_handler() callback function pointer is compared to NULL,
> but then callback function is unconditionally called by this pointer.
> Fix this bug by adding conditional return.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
Yes , as dmitry wrote, this should be Reported-by.
But rest LGTM.
> Fixes: c929ac60b3ed ("drm/msm/dpu: allow just single IRQ callback")
> Signed-off-by: Aleksandr Mishin <amishin at t-argos.ru>
> ---
> drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c b/drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c
> index 946dd0135dff..03a16fbd4c99 100644
> --- a/drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c
> +++ b/drivers/gpu/drm/msm/disp/dpu1/dpu_hw_interrupts.c
> @@ -223,9 +223,11 @@ static void dpu_core_irq_callback_handler(struct dpu_kms *dpu_kms, unsigned int
>
> VERB("IRQ=[%d, %d]\n", DPU_IRQ_REG(irq_idx), DPU_IRQ_BIT(irq_idx));
>
> - if (!irq_entry->cb)
> + if (!irq_entry->cb) {
> DRM_ERROR("no registered cb, IRQ=[%d, %d]\n",
> DPU_IRQ_REG(irq_idx), DPU_IRQ_BIT(irq_idx));
> + return;
> + }
>
> atomic_inc(&irq_entry->count);
>
More information about the dri-devel
mailing list