From 62c8ba7c58e4163f975c5f8b5a3dd5f306a2deda Mon Sep 17 00:00:00 2001 From: Dave Airlie Date: Tue, 16 Apr 2013 13:36:00 +1000 Subject: [PATCH] drm/qxl: fix smatch warnings drivers/gpu/drm/qxl/qxl_display.c:99 qxl_alloc_client_monitors_config() error: dereferencing freed memory 'qdev->client_monitors_config' drivers/gpu/drm/qxl/qxl_object.c:66 qxl_ttm_placement_from_domain() warn: bitwise AND condition is false here drivers/gpu/drm/qxl/qxl_ioctl.c:353 qxl_clientcap_ioctl() warn: buffer overflow 'qdev->rom->client_capabilities' 58 <= 58 Reported-by: Dan Carpenter Signed-off-by: Dave Airlie --- drivers/gpu/drm/qxl/qxl_display.c | 1 + drivers/gpu/drm/qxl/qxl_ioctl.c | 2 +- drivers/gpu/drm/qxl/qxl_object.c | 6 +++--- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/qxl/qxl_display.c b/drivers/gpu/drm/qxl/qxl_display.c index 567a5328cfc4..fcfd4436ceed 100644 --- a/drivers/gpu/drm/qxl/qxl_display.c +++ b/drivers/gpu/drm/qxl/qxl_display.c @@ -84,6 +84,7 @@ void qxl_alloc_client_monitors_config(struct qxl_device *qdev, unsigned count) if (qdev->client_monitors_config && count > qdev->client_monitors_config->count) { kfree(qdev->client_monitors_config); + qdev->client_monitors_config = NULL; } if (!qdev->client_monitors_config) { qdev->client_monitors_config = kzalloc( diff --git a/drivers/gpu/drm/qxl/qxl_ioctl.c b/drivers/gpu/drm/qxl/qxl_ioctl.c index cec617222585..04b64f9cbfdb 100644 --- a/drivers/gpu/drm/qxl/qxl_ioctl.c +++ b/drivers/gpu/drm/qxl/qxl_ioctl.c @@ -347,7 +347,7 @@ static int qxl_clientcap_ioctl(struct drm_device *dev, void *data, if (qdev->pdev->revision < 4) return -ENOSYS; - if (byte > 58) + if (byte >= 58) return -ENOSYS; if (qdev->rom->client_capabilities[byte] & (1 << idx)) diff --git a/drivers/gpu/drm/qxl/qxl_object.c b/drivers/gpu/drm/qxl/qxl_object.c index 51efb94a5dee..d9b12e7bc6e1 100644 --- a/drivers/gpu/drm/qxl/qxl_object.c +++ b/drivers/gpu/drm/qxl/qxl_object.c @@ -59,11 +59,11 @@ void qxl_ttm_placement_from_domain(struct qxl_bo *qbo, u32 domain) qbo->placement.lpfn = 0; qbo->placement.placement = qbo->placements; qbo->placement.busy_placement = qbo->placements; - if (domain & QXL_GEM_DOMAIN_VRAM) + if (domain == QXL_GEM_DOMAIN_VRAM) qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_VRAM; - if (domain & QXL_GEM_DOMAIN_SURFACE) + if (domain == QXL_GEM_DOMAIN_SURFACE) qbo->placements[c++] = TTM_PL_FLAG_CACHED | TTM_PL_FLAG_PRIV0; - if (domain & QXL_GEM_DOMAIN_CPU) + if (domain == QXL_GEM_DOMAIN_CPU) qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM; if (!c) qbo->placements[c++] = TTM_PL_MASK_CACHING | TTM_PL_FLAG_SYSTEM; -- 2.20.1