Re: [4.2.0-rc1-00201-g59c3cb5] Regression: kernel NULL pointer dereference
From: Maarten Lankhorst
Date: Mon Jul 13 2015 - 01:56:16 EST
Op 12-07-15 om 18:52 schreef Linus Torvalds:
> On Sun, Jul 12, 2015 at 1:03 AM, JÃrg Otte <jrg.otte@xxxxxxxxx> wrote:
>> BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
>> IP: [<ffffffffbd3447bb>] 0xffffffffbd3447bb
> Ugh. Please enable KALLSYMS to get sane symbols.
>
> But yes, "crtc_state->base.active" is at offset 9 from "crtc_state",
> so it's pretty clearly just that change frm
>
> - if (intel_crtc->active) {
> + if (crtc_state->base.active) {
>
> and "crtc_state" is NULL.
>
> And the code very much knows that crtc_state can be NULL, since it's
> initialized with
>
> crtc_state = state->base.state ?
> intel_atomic_get_crtc_state(state->base.state,
> intel_crtc) : NULL;
>
> Tssk. Daniel? Should I just revert that commit dec4f799d0a4
> ("drm/i915: Use crtc_state->active in primary check_plane func") for
> now, or is there a better fix? Like just checking crtc_state for NULL?
>
> Linus
More symbols would be nice.
With the transitional helpers when crtc_state == NULL you don't want to update the scalers or funny things happen.
Fix is probably something like this:
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
index ba9321998a41..830e07b23a15 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -13276,7 +13276,7 @@ intel_check_primary_plane(struct drm_plane *plane,
if (ret)
return ret;
- if (crtc_state->base.active) {
+ if (crtc_state ? crtc_state->base.active || crtc->state->active) {
struct intel_plane_state *old_state =
to_intel_plane_state(plane->state);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/