[Mesa-dev] [PATCH 1/3] i965/drm: Fix dereference-before-NULL-check in brw_bo_unmap().
Lionel Landwerlin
lionel.g.landwerlin at intel.com
Thu Apr 13 06:41:39 UTC 2017
Reviewed-by: Lionel Landwerlin <lionel.g.landwerlin at intel.com>
On 12/04/17 23:33, Kenneth Graunke wrote:
> I introduced this when cleaning up this code. libdrm_intel was fine.
> While passing NULL to free() is a common pattern...passing NULL to
> unmap seems pretty bad. You really ought to know whether you have
> a buffer or not. So, we could add an assert. Not sure whether
> that's better. This takes the defensive plan of bailing early,
> which is what libdrm_intel did originally.
>
> CID: 1405006
> ---
> src/mesa/drivers/dri/i965/brw_bufmgr.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/mesa/drivers/dri/i965/brw_bufmgr.c b/src/mesa/drivers/dri/i965/brw_bufmgr.c
> index 8dda38d1262..fa7bf69a84e 100644
> --- a/src/mesa/drivers/dri/i965/brw_bufmgr.c
> +++ b/src/mesa/drivers/dri/i965/brw_bufmgr.c
> @@ -826,12 +826,12 @@ brw_bo_map_unsynchronized(struct brw_context *brw, struct brw_bo *bo)
> int
> brw_bo_unmap(struct brw_bo *bo)
> {
> - struct brw_bufmgr *bufmgr = bo->bufmgr;
> - int ret = 0;
> -
> if (bo == NULL)
> return 0;
>
> + struct brw_bufmgr *bufmgr = bo->bufmgr;
> + int ret = 0;
> +
> pthread_mutex_lock(&bufmgr->lock);
>
> if (bo->map_count <= 0) {
More information about the mesa-dev
mailing list