[Intel-gfx] [PATCH] drm/i915: fix NULL deref in the load detect code
Daniel Vetter
daniel.vetter at ffwll.ch
Fri Feb 14 16:35:54 CET 2014
Looks like I've missed one of the potential NULL deref bugs in Jesse's
fbdev->fb embedded struct to pointer conversions. Fix it up.
This regression has been introduced in
commit 8bcd45534ddf68ab71aeed709dacd9cf65dc0f75
Author: Jesse Barnes <jbarnes at virtuousgeek.org>
Date: Fri Feb 7 12:10:38 2014 -0800
drm/i915: alloc intel_fb in the intel_fbdev struct
Cc: Jesse Barnes <jbarnes at virtuousgeek.org>
Signed-off-by: Daniel Vetter <daniel.vetter at ffwll.ch>
---
drivers/gpu/drm/i915/intel_display.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
index 0d3f2a5f4d2d..f19e6ea36dc4 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -7754,13 +7754,15 @@ mode_fits_in_fbdev(struct drm_device *dev,
struct drm_i915_gem_object *obj;
struct drm_framebuffer *fb;
- if (dev_priv->fbdev == NULL)
+ if (!dev_priv->fbdev)
return NULL;
- obj = dev_priv->fbdev->fb->obj;
- if (obj == NULL)
+ if (!dev_priv->fbdev->fb)
return NULL;
+ obj = dev_priv->fbdev->fb->obj;
+ BUG_ON(!obj);
+
fb = &dev_priv->fbdev->fb->base;
if (fb->pitches[0] < intel_framebuffer_pitch_for_width(mode->hdisplay,
fb->bits_per_pixel))
--
1.8.4.rc3
More information about the Intel-gfx
mailing list