From: Subash Patel subash.rp@samsung.com
exynos_pages_to_sg() internally calls sg_kmalloc() which can return no pages when the system is under high memory crunch. One such instance is chromeos-install in the chromeos. This patch adds check for the return value of the function in subject to return NULL on failure.
BUG=chrome-os-partner:9481 TEST=built, ran on snow and tried chromeos-install without a crash
Change-Id: I0abda74beaedae002a17de9962d7a462a2a7c2fb Signed-off-by: Subash Patel subash.rp@samsung.com --- drivers/gpu/drm/exynos/exynos_drm_dmabuf.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/exynos/exynos_drm_dmabuf.c b/drivers/gpu/drm/exynos/exynos_drm_dmabuf.c index 97325c1..c908a29 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_dmabuf.c +++ b/drivers/gpu/drm/exynos/exynos_drm_dmabuf.c @@ -87,6 +87,10 @@ static struct sg_table * npages = buf->size / buf->page_size;
sgt = exynos_pages_to_sg(buf->pages, npages, buf->page_size); + if (!sgt) { + DRM_DEBUG_PRIME("exynos_pages_to_sg returned NULL!\n"); + goto err_unlock; + } nents = dma_map_sg(attach->dev, sgt->sgl, sgt->nents, dir);
DRM_DEBUG_PRIME("npages = %d buffer size = 0x%lx page_size = 0x%lx\n", @@ -241,7 +245,7 @@ struct drm_gem_object *exynos_dmabuf_prime_import(struct drm_device *drm_dev,
sgt = dma_buf_map_attachment(attach, DMA_BIDIRECTIONAL); - if (IS_ERR(sgt)) { + if (IS_ERR_OR_NULL(sgt)) { ret = PTR_ERR(sgt); goto err_buf_detach; }