From: Ander Conselvan de Oliveira Date: Mon, 30 Mar 2015 07:41:19 +0000 (+0300) Subject: drm/atomic: Clear crtcs, connectors and planes when clearing state X-Git-Tag: firefly_0821_release~176^2~1915^2~19^2~2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=8a5c0bde54ca0354ae8b7e9d37d17bc514aa6c42;p=firefly-linux-kernel-4.4.55.git drm/atomic: Clear crtcs, connectors and planes when clearing state Users of the atomic state assume that if the pointer to a crtc, plane or connector is not NULL in the respective object vector, than the state for that object in *_states vector also won't be NULL. That assumption was broken by drm_atomic_state_clear(), which would clear the state pointer but leave the pointer to the object still set. This fixes a NULL pointer dereference in i915 caused by the use of drm_atomic_state_clear(). Cc: dri-devel@lists.freedesktop.org Signed-off-by: Ander Conselvan de Oliveira Signed-off-by: Daniel Vetter --- diff --git a/drivers/gpu/drm/drm_atomic.c b/drivers/gpu/drm/drm_atomic.c index 5d3abe3904f0..00ea88151c01 100644 --- a/drivers/gpu/drm/drm_atomic.c +++ b/drivers/gpu/drm/drm_atomic.c @@ -134,6 +134,7 @@ void drm_atomic_state_clear(struct drm_atomic_state *state) connector->funcs->atomic_destroy_state(connector, state->connector_states[i]); + state->connectors[i] = NULL; state->connector_states[i] = NULL; } @@ -145,6 +146,7 @@ void drm_atomic_state_clear(struct drm_atomic_state *state) crtc->funcs->atomic_destroy_state(crtc, state->crtc_states[i]); + state->crtcs[i] = NULL; state->crtc_states[i] = NULL; } @@ -156,6 +158,7 @@ void drm_atomic_state_clear(struct drm_atomic_state *state) plane->funcs->atomic_destroy_state(plane, state->plane_states[i]); + state->planes[i] = NULL; state->plane_states[i] = NULL; } }