| Message ID | 3221e88c-3351-42e6-aeb1-69f4f014b509@stanley.mountain (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [next] drm/msm/dpu: fix error pointer dereference in msm_kms_init_aspace() | expand |
On Tue, Feb 25, 2025 at 10:30:26AM +0300, Dan Carpenter wrote: > If msm_gem_address_space_create() fails, then return right away. > Otherwise it leads to a Oops when we dereference "aspace" on the next > line. > > Fixes: 2d215d440faa ("drm/msm: register a fault handler for display mmu faults") > Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> > --- > drivers/gpu/drm/msm/msm_kms.c | 1 + > 1 file changed, 1 insertion(+) > Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
On 2/24/2025 11:30 PM, Dan Carpenter wrote: > If msm_gem_address_space_create() fails, then return right away. > Otherwise it leads to a Oops when we dereference "aspace" on the next > line. > > Fixes: 2d215d440faa ("drm/msm: register a fault handler for display mmu faults") > Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> > --- > drivers/gpu/drm/msm/msm_kms.c | 1 + > 1 file changed, 1 insertion(+) > Reviewed-by: Abhinav Kumar <quic_abhinavk@quicinc.com>
diff --git a/drivers/gpu/drm/msm/msm_kms.c b/drivers/gpu/drm/msm/msm_kms.c index b877278888e6..35d5397e73b4 100644 --- a/drivers/gpu/drm/msm/msm_kms.c +++ b/drivers/gpu/drm/msm/msm_kms.c @@ -209,6 +209,7 @@ struct msm_gem_address_space *msm_kms_init_aspace(struct drm_device *dev) if (IS_ERR(aspace)) { dev_err(mdp_dev, "aspace create, error %pe\n", aspace); mmu->funcs->destroy(mmu); + return aspace; } msm_mmu_set_fault_handler(aspace->mmu, kms, msm_kms_fault_handler);
If msm_gem_address_space_create() fails, then return right away. Otherwise it leads to a Oops when we dereference "aspace" on the next line. Fixes: 2d215d440faa ("drm/msm: register a fault handler for display mmu faults") Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> --- drivers/gpu/drm/msm/msm_kms.c | 1 + 1 file changed, 1 insertion(+)