Re: [PATCH] fix: drm/amd/display: dm_update_crtc_state: skip_modeset path leaves new_stream dangling, causing double release

[WenTao Liang]

> 2026年6月27日 00:45，Mario Limonciello <mario.limonciello@xxxxxxx> 写道：
> 
> 
> 
> On 6/26/26 07:41, WenTao Liang wrote:
>> The skip_modeset path calls dc_stream_release(new_stream) but does not
>>   set new_stream to NULL. If a subsequent error (e.g., color management
>>   failure) triggers goto fail, the fail label executes a second
>>   dc_stream_release on the same pointer, causing a use-after-free or excess
>>   put on the stream reference.
>> Cc: stable@xxxxxxxxxxxxxxx
>> Fixes: 3ce51649cdf2 ("drm/amdgpu/display: add quirk handling for stutter mode")
>> Signed-off-by: WenTao Liang <vulab@xxxxxxxxxxx>
> 
> The code change looks good to me, but this Fixes hash doesn't really make sense to me.
> 
> Are you sure about that?
> 
> I /think/ this is the correct hash:
> 
> Fixes: 9b690ef3c7042 ("drm/amd/display: Avoid full modeset when not required")
> 
>> ---
>>  drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 1 +
>>  1 file changed, 1 insertion(+)
>> diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
>> index 5fc5d5608506..acf0b01d6f62 100644
>> --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
>> +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
>> @@ -11708,6 +11708,7 @@ static int dm_update_crtc_state(struct amdgpu_display_manager *dm,
>>  	/* Release extra reference */
>>  	if (new_stream)
>>  		dc_stream_release(new_stream);
>> +	new_stream = NULL;
>>    	/*
>>  	 * We want to do dc stream updates that do not require a



Thank you for the review and for catching this. You are right — I used
the wrong Fixes hash. The correct one is indeed:

Fixes: 9b690ef3c7042 ("drm/amd/display: Avoid full modeset when not required")

I will update it in the next version.

Thanks again for your help.

Best regards,
WenTao Liang