drivers/gpu/drm/qxl/qxl_display.c:99 qxl_alloc_client_monitors_config() error: dereferencing freed memory 'qdev->client_monitors_config'
drivers/gpu/drm/qxl/qxl_object.c:66 qxl_ttm_placement_from_domain() warn: bitwise AND condition is false here
drivers/gpu/drm/qxl/qxl_ioctl.c:353 qxl_clientcap_ioctl() warn: buffer overflow 'qdev->rom->client_capabilities' 58 <= 58
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
if (qdev->client_monitors_config &&
count > qdev->client_monitors_config->count) {
kfree(qdev->client_monitors_config);
if (qdev->client_monitors_config &&
count > qdev->client_monitors_config->count) {
kfree(qdev->client_monitors_config);
+ qdev->client_monitors_config = NULL;
}
if (!qdev->client_monitors_config) {
qdev->client_monitors_config = kzalloc(
}
if (!qdev->client_monitors_config) {
qdev->client_monitors_config = kzalloc(
if (qdev->pdev->revision < 4)
return -ENOSYS;
if (qdev->pdev->revision < 4)
return -ENOSYS;
return -ENOSYS;
if (qdev->rom->client_capabilities[byte] & (1 << idx))
return -ENOSYS;
if (qdev->rom->client_capabilities[byte] & (1 << idx))
qbo->placement.lpfn = 0;
qbo->placement.placement = qbo->placements;
qbo->placement.busy_placement = qbo->placements;
qbo->placement.lpfn = 0;
qbo->placement.placement = qbo->placements;
qbo->placement.busy_placement = qbo->placements;
- if (domain & QXL_GEM_DOMAIN_VRAM)
+ if (domain == QXL_GEM_DOMAIN_VRAM)
qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_VRAM;
qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_VRAM;
- if (domain & QXL_GEM_DOMAIN_SURFACE)
+ if (domain == QXL_GEM_DOMAIN_SURFACE)
qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_PRIV0;
qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_PRIV0;
- if (domain & QXL_GEM_DOMAIN_CPU)
+ if (domain == QXL_GEM_DOMAIN_CPU)
qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM;
if (!c)
qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM;
qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM;
if (!c)
qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM;