Re: [PATCH] drm/amd/display: Add null check for dm_state in create_validate_stream_for_sink

Hamza Mahfooz <hamza.mahfooz@xxxxxxx> · Tue, 16 Jul 2024 11:28:35 -0400

On 7/16/24 11:08, Srinivasan Shanmugam wrote:
This commit adds a null check for the dm_state variable in the
create_validate_stream_for_sink function. Previously, dm_state was being
checked for nullity at line 7194, but then it was being dereferenced
without any nullity check at line 7200. This could potentially lead to a
null pointer dereference error if dm_state is indeed null.

we now ensure that dm_state is not null before  dereferencing it. We do
this by adding a nullity check for dm_state  before the call to
create_stream_for_sink at line 7200. If dm_state  is null, we log an
error message and return NULL immediately.

This fix prevents a null pointer dereference error.

drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:7201 create_validate_stream_for_sink()
error: we previously assumed 'dm_state' could be null (see line 7194)

drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c
     7185 struct dc_stream_state *
     7186 create_validate_stream_for_sink(struct amdgpu_dm_connector *aconnector,
     7187                                 const struct drm_display_mode *drm_mode,
     7188                                 const struct dm_connector_state *dm_state,
     7189                                 const struct dc_stream_state *old_stream)
     7190 {
     7191         struct drm_connector *connector = &aconnector->base;
     7192         struct amdgpu_device *adev = drm_to_adev(connector->dev);
     7193         struct dc_stream_state *stream;
     7194         const struct drm_connector_state *drm_state = dm_state ? &dm_state->base : NULL;
                                                                ^^^^^^^^
                                      ^^^^^^^^^ This used check connector->state but then we changed it to dm_state instead

     7195         int requested_bpc = drm_state ? drm_state->max_requested_bpc : 8;
     7196         enum dc_status dc_result = DC_OK;
     7197
     7198         do {
     7199                 stream = create_stream_for_sink(connector, drm_mode,
     7200                                                 dm_state, old_stream,
                                                          ^^^^^^^^

But dm_state is dereferenced on the next line without checking.  (Presumably the NULL check can be removed).

--> 7201                                                 requested_bpc);
     7202                 if (stream == NULL) {
     7203                         DRM_ERROR("Failed to create stream for sink!\n");
     7204                         break;
     7205                 }
     7206
     7207                 if (aconnector->base.connector_type == DRM_MODE_CONNECTOR_WRITEBACK)

Fixes: fa7041d9d2fc ("drm/amd/display: Fix ineffective setting of max bpc property")
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Cc: Tom Chung <chiahsuan.chung@xxxxxxx>
Cc: Rodrigo Siqueira <Rodrigo.Siqueira@xxxxxxx>
Cc: Roman Li <roman.li@xxxxxxx>
Cc: Hersen Wu <hersenxs.wu@xxxxxxx>
Cc: Alex Hung <alex.hung@xxxxxxx>
Cc: Aurabindo Pillai <aurabindo.pillai@xxxxxxx>
Cc: Harry Wentland <harry.wentland@xxxxxxx>
Cc: Hamza Mahfooz <hamza.mahfooz@xxxxxxx>
Signed-off-by: Srinivasan Shanmugam <srinivasan.shanmugam@xxxxxxx>
---
  drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 5 +++++
  1 file changed, 5 insertions(+)

diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
index d1527c2e46a1..b7eaece455c8 100644
--- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
+++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
@@ -7195,6 +7195,11 @@ create_validate_stream_for_sink(struct amdgpu_dm_connector *aconnector,
  	int requested_bpc = drm_state ? drm_state->max_requested_bpc : 8;
  	enum dc_status dc_result = DC_OK;
  
+	if (!dm_state) {
+		DRM_ERROR("dm_state is NULL!\n");

Use drm_err() instead, DRM_ERROR() is deprecated.

+		return NULL;
+	}
+
  	do {
  		stream = create_stream_for_sink(connector, drm_mode,
  						dm_state, old_stream,
--
Hamza







