From 1c002bc43472063cf8599abb0d6d7367e30456e2 Mon Sep 17 00:00:00 2001
From: Tobias Klausmann <tobias.johannes.klausmann@mni.thm.de>
Date: Fri, 30 Mar 2018 22:32:13 +0200
Subject: [PATCH] modesetting/drmmode: add NULL pointer check in
 drmmode_output_dpms

drmmode_output_dpms is called especially with !output->crtc found in
xf86DisableUnusedFunctions so we have to guard for it, else the server
segfaults:

0  0x00007fdc1706054b in drmmode_output_dpms (output=0x55e15243c210, mode=3) at
drmmode_display.c:2243
1  0x000055e1500b6873 in xf86DisableUnusedFunctions (pScrn=0x55e152133f00) at
xf86Crtc.c:3021
2  0x000055e1500be940 in xf86RandR12CrtcSet (pScreen=<optimized out>,
randr_crtc=0x55e1524b2b90, randr_mode=0x0, x=0, y=0, rotation=<optimized out>,
num_randr_outputs=0, randr_outputs=0x0) at xf86RandR12.c:1244
3  0x000055e1500fa1c2 in RRCrtcSet (crtc=<optimized out>, mode=0x0, x=0, y=0,
rotation=rotation@entry=1, numOutputs=numOutputs@entry=0, outputs=0x0) at
rrcrtc.c:763
4  0x000055e1500fba9e in ProcRRSetCrtcConfig (client=0x55e152bfae50) at
rrcrtc.c:1390
5  0x000055e150044008 in Dispatch () at dispatch.c:478
6  0x000055e150047ff8 in dix_main (argc=13, argv=0x7ffc68561038,
envp=<optimized out>) at main.c:276
7  0x00007fdc1a0c6a87 in __libc_start_main () at /lib64/libc.so.6
8  0x000055e150031d0a in _start () at ../sysdeps/x86_64/start.S:120

Fixes: ba0c75177 ("modesetting: Fix up some XXX from removing GLAMOR_HAS_DRM_*")
Signed-off-by: Tobias Klausmann <tobias.johannes.klausmann@mni.thm.de>
Reviewed-by: Adam Jackson <ajax@redhat.com>
---
 hw/xfree86/drivers/modesetting/drmmode_display.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/hw/xfree86/drivers/modesetting/drmmode_display.c b/hw/xfree86/drivers/modesetting/drmmode_display.c
index 755a61def..03d2fa226 100644
--- a/hw/xfree86/drivers/modesetting/drmmode_display.c
+++ b/hw/xfree86/drivers/modesetting/drmmode_display.c
@@ -2240,14 +2240,17 @@ drmmode_output_dpms(xf86OutputPtr output, int mode)
 {
     drmmode_output_private_ptr drmmode_output = output->driver_private;
     xf86CrtcPtr crtc = output->crtc;
-    modesettingPtr ms = modesettingPTR(crtc->scrn);
+    modesettingPtr ms = NULL;
     drmModeConnectorPtr koutput = drmmode_output->mode_output;
     drmmode_ptr drmmode = drmmode_output->drmmode;
 
     if (!koutput)
         return;
 
-    if (ms->atomic_modeset) {
+    if (crtc)
+        ms = modesettingPTR(crtc->scrn);
+
+    if (ms && ms->atomic_modeset) {
         drmmode_output->dpms = mode;
     } else {
         drmModeConnectorSetProperty(drmmode->fd, koutput->connector_id,