projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 41b9bb1)
drm/i915: Handle early failure during intel_get_load_detect_pipe
authorChris Wilson <chris@chris-wilson.co.uk>
Wed, 19 Oct 2016 11:37:43 +0000 (12:37 +0100)
committerDaniel Vetter <daniel.vetter@ffwll.ch>
Thu, 20 Oct 2016 07:05:34 +0000 (09:05 +0200)
In the error path, we have to be ready to handle an error before either
the state or restore_state have been allocated.

[  397.001342] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  397.001419] IP: [<ffffffffa04347b4>] intel_get_load_detect_pipe+0xe4/0x610 [i915]
[  397.001502] PGD 136a2a067
[  397.001523] PUD 134b5f067
[  397.001546] PMD 0

[  397.001569] Oops: 0002 [#1] PREEMPT SMP
[  397.001599] Modules linked in: snd_hda_intel i915 cdc_ncm usbnet mii x86_pkg_temp_thermal intel_powerclamp coretemp crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_hda_codec snd_hwdep snd_hda_core snd_pcm lpc_ich mei_me mei sdhci_pci sdhci mmc_core e1000e ptp pps_core [last unloaded: i915]
[  397.001902] CPU: 1 PID: 9287 Comm: kms_force_conne Tainted: G     U          4.9.0-rc1-CI-CI_DRM_1730+ #1
[  397.001965] Hardware name: LENOVO 2356GCG/2356GCG, BIOS G7ET31WW (1.13 ) 07/02/2012
[  397.002017] task: ffff880138c38040 task.stack: ffffc900083e4000
[  397.002057] RIP: 0010:[<ffffffffa04347b4>]  [<ffffffffa04347b4>] intel_get_load_detect_pipe+0xe4/0x610 [i915]
[  397.002153] RSP: 0018:ffffc900083e7ae8  EFLAGS: 00010286
[  397.002191] RAX: 00000000ffffffdd RBX: ffffc900083e7bc8 RCX: 0000000000000006
[  397.002239] RDX: 0000000000000006 RSI: ffff880138c388b8 RDI: ffffc900083e79e0
[  397.002287] RBP: ffffc900083e7b78 R08: 0000000000000000 R09: 0000000000000000
[  397.002335] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  397.002386] R13: ffff8801305e1158 R14: 00000000ffffffdd R15: 0000000000000000
[  397.002434] FS:  00007fea1b03c740(0000) GS:ffff88013e240000(0000) knlGS:0000000000000000
[  397.002488] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  397.002528] CR2: 0000000000000000 CR3: 00000001361da000 CR4: 00000000001406e0
[  397.002576] Stack:
[  397.002592]  ffff88013046f180 0000000000000000 ffffc900083e7bc0 0000000000000000
[  397.002655]  0000000000000000 ffff8801306bd038 ffff88012e980000 ffffc90000000001
[  397.002718]  ffffc90000000000 ffff880136b8ca88 ffff88012e980890 ffff88012e980540
[  397.002780] Call Trace:
[  397.002828]  [<ffffffffa044e8c4>] intel_crt_detect+0x3c4/0x8f0 [i915]
[  397.002876]  [<ffffffff810e37fa>] ? vprintk_default+0x1a/0x20
[  397.002918]  [<ffffffff8116eb68>] ? printk+0x43/0x4b
[  397.002956]  [<ffffffff81546b06>] drm_helper_probe_single_connector_modes+0x406/0x4f0
[  397.003014]  [<ffffffff81819c09>] ? mutex_unlock+0x9/0x10
[  397.003054]  [<ffffffff815723dc>] drm_mode_getconnector+0x33c/0x3c0
[  397.003099]  [<ffffffff810ed59d>] ? debug_lockdep_rcu_enabled+0x1d/0x20
[  397.003147]  [<ffffffff811a6bae>] ? __might_fault+0x3e/0x90
[  397.003191]  [<ffffffff8155aaf6>] drm_ioctl+0x1f6/0x480
[  397.003231]  [<ffffffff815720a0>] ? drm_mode_connector_property_set_ioctl+0x30/0x30
[  397.003285]  [<ffffffff8120308e>] do_vfs_ioctl+0x8e/0x690
[  397.003324]  [<ffffffff810a102c>] ? task_work_run+0x8c/0xb0
[  397.003366]  [<ffffffff810d6d92>] ? trace_hardirqs_on_caller+0x122/0x1b0
[  397.003412]  [<ffffffff812036cc>] SyS_ioctl+0x3c/0x70
[  397.003451]  [<ffffffff8181df2e>] entry_SYSCALL_64_fastpath+0x1c/0xb1
[  397.003496] Code: 85 c0 41 89 c6 75 57 49 8b 85 f0 00 00 00 48 89 de 45 31 ff 48 8d 78 20 e8 1a 89 13 e1 45 31 c9 85 c0 41 89 c6 0f 84 2f 01 00 00 <f0> 41 83 29 01 74 53 f0 41 83 2f 01 74 2d 41 83 fe dd 75 35 48
[  397.003837] RIP  [<ffffffffa04347b4>] intel_get_load_detect_pipe+0xe4/0x610 [i915]
[  397.003921]  RSP <ffffc900083e7ae8>
[  397.003947] CR2: 0000000000000000

Testcase: igt/kms_force_connector_basic/force-load-detect # ivb-3720m
Fixes: 0853695c3ba4 ("drm: Add reference counting to drm_atomic_state"
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: http://patchwork.freedesktop.org/patch/msgid/20161019113743.19847-1-chris@chris-wilson.co.uk
drivers/gpu/drm/i915/intel_display.c patch | blob | blame | history

diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
index 1e3b5eebd2a2daf8d7b6b237e480ea1080be94fe..e11896cd2015eaa3cde6fb8c8af3dab7cb7ba26e 100644 (file)
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -11251,9 +11251,14 @@ found:
        return true;
 
 fail:
-       drm_atomic_state_put(state);
-       drm_atomic_state_put(restore_state);
-       restore_state = state = NULL;
+       if (state) {
+               drm_atomic_state_put(state);
+               state = NULL;
+       }
+       if (restore_state) {
+               drm_atomic_state_put(restore_state);
+               restore_state = NULL;
+       }
 
        if (ret == -EDEADLK) {
                drm_modeset_backoff(ctx);