[Intel-gfx] [PATCH -next] drm/i915: fix potential NULL pointer dereference in i915_gem_context_get_hang_stats()
Damien Lespiau
damien.lespiau at intel.com
Thu Jul 11 20:23:36 CEST 2013
On Thu, Jun 20, 2013 at 08:01:47AM +0800, Wei Yongjun wrote:
> From: Wei Yongjun <yongjun_wei at trendmicro.com.cn>
>
> The dereference should be moved below the NULL test.
>
> Signed-off-by: Wei Yongjun <yongjun_wei at trendmicro.com.cn>
> ---
> drivers/gpu/drm/i915/i915_gem_context.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/i915/i915_gem_context.c b/drivers/gpu/drm/i915/i915_gem_context.c
> index ff47145..f32107e 100644
> --- a/drivers/gpu/drm/i915/i915_gem_context.c
> +++ b/drivers/gpu/drm/i915/i915_gem_context.c
> @@ -309,7 +309,7 @@ i915_gem_context_get_hang_stats(struct intel_ring_buffer *ring,
> u32 id)
> {
> struct drm_i915_private *dev_priv = ring->dev->dev_private;
> - struct drm_i915_file_private *file_priv = file->driver_priv;
> + struct drm_i915_file_private *file_priv;
> struct i915_hw_context *to;
>
> if (dev_priv->hw_contexts_disabled)
> @@ -321,6 +321,7 @@ i915_gem_context_get_hang_stats(struct intel_ring_buffer *ring,
> if (file == NULL)
> return ERR_PTR(-EINVAL);
>
> + file_priv = file->driver_priv;
> if (id == DEFAULT_CONTEXT_ID)
> return &file_priv->hang_stats;
I think we could just not check for file == NULL here as it comes
directly from the ioctl() through i915_gem_execbuffer().
Patch coming...
--
Damien
More information about the Intel-gfx
mailing list