From: Baihan Li<libai...@huawei.com>
When hibmc loaded failed, the driver use hibmc_unload to free the
resource, but the mutexes in mode.config are not init, which will
access an NULL pointer.
Fixes: b3df5e65cc03 ("drm/hibmc: Drop drm_vblank_cleanup")
Reported-by:oushixiong1...@163.com
Signed-off-by: Baihan Li<libai...@huawei.com>
---
drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c
b/drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c
index 4cdcc34070ee..ac552c339671 100644
--- a/drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c
+++ b/drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c
@@ -319,13 +319,13 @@ static int hibmc_load(struct drm_device *dev)
ret = hibmc_hw_init(priv);
if (ret)
- goto err;
+ return ret;
ret = drmm_vram_helper_init(dev, pci_resource_start(pdev, 0),
pci_resource_len(pdev, 0));
if (ret) {
drm_err(dev, "Error initializing VRAM MM; %d\n", ret);
- goto err;
+ return ret;
The mutexes in mode.config are initialized when calling hibmc_kms_init(),
if calling hibmc_kms_init() failed it also need to return.
You may want to look at the following patch:
LKML: oushixiong1025@163 ...: [PATCH] drm/hisilicon: Fix a NULL
pointer access when hibmc_load failed
<https://lkml.org/lkml/2025/5/20/331>
Reported-by: Shixiong Ou <oushixi...@kylinos.cn>
Thanks and Regards,
Shixiong Ou.
Hi Shixiong,
Thanks for your advice!
Actually, even if the calling of drmm_mode_config_init() failed, these mutexes
are still initialized,
and it's the same for hibmc_kms_init() failed, so we don't need to change its
return.
Thanks,
Baihan Li
}
ret = hibmc_kms_init(priv);
