On Mon, May 13, 2019 at 01:32:39PM -0700, Bjorn Andersson wrote: > On Wed 08 May 19:03 PDT 2019, Brian Masney wrote: > > > The msm_gem_object structure contains resv and _resv fields that are > > no longer needed since the reservation object is now stored on > > drm_gem_object. msm_atomic_prepare_fb() and msm_atomic_prepare_fb() > > both referenced the wrong reservation object, and would lead to an > > attempt to dereference a NULL pointer. Correct those two cases to > > point to the correct reservation object. > > > > Signed-off-by: Brian Masney <masneyb@xxxxxxxxxxxxx> > > Fixes: dd55cf6929e6 ("drm: msm: Switch to use drm_gem_object reservation_object") > > Reviewed-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx> > Tested-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx> > > This resolves a NULL-pointer dereference about to show up in v5.2-rc1, > so please pick this up for -rc. Let me send out another version of just this patch. This snippet below that I removed needs to stay. I got a little too over eager removing code. > > @@ -973,9 +973,6 @@ static int msm_gem_new_impl(struct drm_device *dev, > > msm_obj->flags = flags; > > msm_obj->madv = MSM_MADV_WILLNEED; > > > > - if (resv) > > - msm_obj->base.resv = resv; > > - > > INIT_LIST_HEAD(&msm_obj->submit_entry); > > INIT_LIST_HEAD(&msm_obj->vmas); > > Brian