[PATCH] drm/i915/switcheroo: check for NULL before dereferencing

Gustavo Sousa gustavo.sousa at intel.com
Mon Aug 18 14:04:34 UTC 2025 

Quoting Jani Nikula (2025-08-18 10:30:30-03:00)
>On Mon, 18 Aug 2025, Gustavo Sousa <gustavo.sousa at intel.com> wrote:
>> Quoting Jani Nikula (2025-08-18 04:16:05-03:00)
>>>Both i915_switcheroo_set_state() and i915_switcheroo_can_switch() check
>>>for i915 == NULL. Commit d2e184f8e16a ("drm/i915/switcheroo: pass
>>>display to HAS_DISPLAY()") started dereferencing it before the NULL
>>>check. Fix it.
>>
>> Hm... Did it? I think i915->display will only give you an invalid
>> address when i915 is NULL, but I don't think any dereferencing will
>> happen, because of the checks on i915.
>
>What would be the case for &i915->display, but not i915->display?

Ah, right.

Yeah, I got confused thinking this was the same as the old times when we
stored display directly in the structure. In that case, we would use
&i915->display and no dereferencing would happen.

Now we store a pointer to the display in i915 and we need
dereferencing in order to get the address.

Sorry for the noise!

--
Gustavo Sousa

>
>>
>> Anyways, playing it safe here is probably a good idea. I would just
>> reword the commit message a bit. With that,
>>
>> Reviewed-by: Gustavo Sousa <gustavo.sousa at intel.com>
>
>Thanks.
>
>>
>>>
>>>Fixes: d2e184f8e16a ("drm/i915/switcheroo: pass display to HAS_DISPLAY()")
>>>Reported-by: kernel test robot <lkp at intel.com>
>>>Reported-by: Dan Carpenter <dan.carpenter at linaro.org>
>>>Closes: https://lore.kernel.org/r/202508160035.hmzuKiww-lkp@intel.com/
>>>Cc: Gustavo Sousa <gustavo.sousa at intel.com>
>>>Signed-off-by: Jani Nikula <jani.nikula at intel.com>
>>>---
>>> drivers/gpu/drm/i915/i915_switcheroo.c | 4 ++--
>>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>>diff --git a/drivers/gpu/drm/i915/i915_switcheroo.c b/drivers/gpu/drm/i915/i915_switcheroo.c
>>>index 231d27497706..3a95a55b2e87 100644
>>>--- a/drivers/gpu/drm/i915/i915_switcheroo.c
>>>+++ b/drivers/gpu/drm/i915/i915_switcheroo.c
>>>@@ -15,7 +15,7 @@ static void i915_switcheroo_set_state(struct pci_dev *pdev,
>>>                                       enum vga_switcheroo_state state)
>>> {
>>>         struct drm_i915_private *i915 = pdev_to_i915(pdev);
>>>-        struct intel_display *display = i915->display;
>>>+        struct intel_display *display = i915 ? i915->display : NULL;
>>>         pm_message_t pmm = { .event = PM_EVENT_SUSPEND };
>>> 
>>>         if (!i915) {
>>>@@ -45,7 +45,7 @@ static void i915_switcheroo_set_state(struct pci_dev *pdev,
>>> static bool i915_switcheroo_can_switch(struct pci_dev *pdev)
>>> {
>>>         struct drm_i915_private *i915 = pdev_to_i915(pdev);
>>>-        struct intel_display *display = i915->display;
>>>+        struct intel_display *display = i915 ? i915->display : NULL;
>>> 
>>>         /*
>>>          * FIXME: open_count is protected by drm_global_mutex but that would lead to
>>>-- 
>>>2.47.2
>>>
>
>-- 
>Jani Nikula, Intel

More information about the Intel-gfx mailing list