[PATCH v3 4/4] drm/mediatek: Fix dereference before null check

CK Hu (胡俊光) ck.hu at mediatek.com
Thu Jul 13 22:52:41 PDT 2023


Hi, Jason:

On Wed, 2023-06-21 at 18:22 +0800, Jason-JH.Lin wrote:
> Null-checking state suggests that it may be null, but it has already
> been dereferenced on drm_atomic_get_new_plane_state(state, plane).
> 
> The parameter state will never be NULL currently, so just remove the
> state is NULL flow in this function.

Reviewed-by: CK Hu <ck.hu at mediatek.com>


> 
> Fixes: 5ddb0bd4ddc3 ("drm/atomic: Pass the full state to planes async
> atomic check and update")
> Signed-off-by: Jason-JH.Lin <jason-jh.lin at mediatek.com>
> Reviewed-by: AngeloGioacchino Del Regno <
> angelogioacchino.delregno at collabora.com>
> ---
>  drivers/gpu/drm/mediatek/mtk_drm_plane.c | 6 +-----
>  1 file changed, 1 insertion(+), 5 deletions(-)
> 
> diff --git a/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> b/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> index 1cd41454d545..4828ffa75467 100644
> --- a/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> +++ b/drivers/gpu/drm/mediatek/mtk_drm_plane.c
> @@ -122,11 +122,7 @@ static int mtk_plane_atomic_async_check(struct
> drm_plane *plane,
>  	if (ret)
>  		return ret;
>  
> -	if (state)
> -		crtc_state = drm_atomic_get_existing_crtc_state(state,
> -								new_pla
> ne_state->crtc);
> -	else /* Special case for asynchronous cursor updates. */
> -		crtc_state = new_plane_state->crtc->state;
> +	crtc_state = drm_atomic_get_existing_crtc_state(state,
> new_plane_state->crtc);
>  
>  	return drm_atomic_helper_check_plane_state(plane->state,
> crtc_state,
>  						   DRM_PLANE_NO_SCALING
> ,


More information about the linux-arm-kernel mailing list