From 0939634b421e894d3b43e3202ad46c1512c287c4 Mon Sep 17 00:00:00 2001
From: pengyiqiang <pengyiqiang@xiaomi.com>
Date: Wed, 26 Apr 2023 13:22:49 +0800
Subject: [PATCH] video/fb: fix pollnotify calling crash in advance

When executing up_fbinitialize, the driver may turn on the vsync interrupt. If the vsync interrupt calls fb_pollnotify before executing fb->vtable->priv = fb it will cause null pointer access and crash.

Signed-off-by: pengyiqiang <pengyiqiang@xiaomi.com>
---
 drivers/video/fb.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/video/fb.c b/drivers/video/fb.c
index d9300d3142..e805705ead 100644
--- a/drivers/video/fb.c
+++ b/drivers/video/fb.c
@@ -803,6 +803,13 @@ void fb_pollnotify(FAR struct fb_vtable_s *vtable)
 
   fb = vtable->priv;
 
+  /* Prevent calling before getting the vtable. */
+
+  if (fb == NULL)
+    {
+      return;
+    }
+
   if (fb->vsyncoffset > 0)
     {
       wd_start(&fb->wdog, fb->vsyncoffset, fb_do_pollnotify, (wdparm_t)fb);