Am 19.03.19 um 21:01 schrieb Shaobo He:
> > See here:
> > #if IS_ENABLED(CONFIG_AGP)
> > if (rdev->flags & RADEON_IS_AGP) {
> > return ttm_agp_tt_populate(ttm, ctx);
> > }
> > #endif
> >
>
> This code appears to be after the potential location of NULL pointer
>
> See here:
> #if IS_ENABLED(CONFIG_AGP)
> if (rdev->flags & RADEON_IS_AGP) {
> return ttm_agp_tt_populate(ttm, ctx);
> }
> #endif
>
This code appears to be after the potential location of NULL pointer dereference
that I pointed out. Please see,
```
... or the backend methods is not `radeon_backend_func`.
That's the case when it is an AGP backend.
Moreover, could you point out the check of such case before the
offending code?
See here:
#if IS_ENABLED(CONFIG_AGP)
if (rdev->flags & RADEON_IS_AGP) {
return
Hi Christian,
Thank you very much for your reply. I'm a little confused here so I really
appreciate if you could clarify it more.
For example, I don't understand why the condition of function
`radeon_ttm_tt_to_gtt` returning NULL is the argument being an AGP ttm. Based on
its definition, it
Hi Shaobo,
that question came up a couple of times now. And the answer is: No,
there can't be a NULL pointer dereference.
The function radeon_ttm_tt_to_gtt returns NULL only when it is an AGP
ttm structure, and that case is checked right before the offending code.
Unfortunately I don't see
Hello everyone,
My name is Shaobo He and I am a graduate student at University of Utah. I am
using a static analysis tool to search for null pointer dereferences and came
across a potentially invalid memory access in the file
drivers/gpu/drm/radeon/radeon_ttm.c: in function
