| Message ID | 20240413002252.30780-1-jeffm@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | drm/mst: Fix NULL pointer dereference in drm_dp_add_payload_part2 (again) | expand |
As a follow up, I read through the original thread before sending this and my understanding is that this message probably shouldn't be getting printed in the first place. I've turned on KMS, ATOMIC, STATE, and DP debugging to see what shakes out. I have a KVM on my desk that I use to switch between systems fairly frequently. I'm speculating that the connecting and disconnecting is related, so I'm hopeful I can trigger it quickly. -Jeff On 4/12/24 20:22, Jeff Mahoney wrote: > Commit 54d217406afe (drm: use mgr->dev in drm_dbg_kms in > drm_dp_add_payload_part2) appears to have been accidentially reverted as > part of commit 5aa1dfcdf0a42 (drm/mst: Refactor the flow for payload > allocation/removement). > > I've been seeing NULL pointer dereferences in drm_dp_add_payload_part2 > due to state->dev being NULL in the debug message printed if the payload > allocation has failed. > > This commit restores mgr->dev to avoid the Oops. > > Fixes: 5aa1dfcdf0a42 ("drm/mst: Refactor the flow for payload allocation/removement") > Cc: stable@vger.kernel.org > Signed-off-by: Jeff Mahoney <jeffm@suse.com> > --- > drivers/gpu/drm/display/drm_dp_mst_topology.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/display/drm_dp_mst_topology.c b/drivers/gpu/drm/display/drm_dp_mst_topology.c > index 03d528209426..3dc966f25c0c 100644 > --- a/drivers/gpu/drm/display/drm_dp_mst_topology.c > +++ b/drivers/gpu/drm/display/drm_dp_mst_topology.c > @@ -3437,7 +3437,7 @@ int drm_dp_add_payload_part2(struct drm_dp_mst_topology_mgr *mgr, > > /* Skip failed payloads */ > if (payload->payload_allocation_status != DRM_DP_MST_PAYLOAD_ALLOCATION_DFP) { > - drm_dbg_kms(state->dev, "Part 1 of payload creation for %s failed, skipping part 2\n", > + drm_dbg_kms(mgr->dev, "Part 1 of payload creation for %s failed, skipping part 2\n", > payload->port->connector->name); > return -EIO; > }
[Public] Hi Jeff, I have a patch sent for this before but not yet get reviewed. Will ping again. https://patchwork.freedesktop.org/series/130852/ Thanks! Regards, Wayne
diff --git a/drivers/gpu/drm/display/drm_dp_mst_topology.c b/drivers/gpu/drm/display/drm_dp_mst_topology.c index 03d528209426..3dc966f25c0c 100644 --- a/drivers/gpu/drm/display/drm_dp_mst_topology.c +++ b/drivers/gpu/drm/display/drm_dp_mst_topology.c @@ -3437,7 +3437,7 @@ int drm_dp_add_payload_part2(struct drm_dp_mst_topology_mgr *mgr, /* Skip failed payloads */ if (payload->payload_allocation_status != DRM_DP_MST_PAYLOAD_ALLOCATION_DFP) { - drm_dbg_kms(state->dev, "Part 1 of payload creation for %s failed, skipping part 2\n", + drm_dbg_kms(mgr->dev, "Part 1 of payload creation for %s failed, skipping part 2\n", payload->port->connector->name); return -EIO; }
Commit 54d217406afe (drm: use mgr->dev in drm_dbg_kms in drm_dp_add_payload_part2) appears to have been accidentially reverted as part of commit 5aa1dfcdf0a42 (drm/mst: Refactor the flow for payload allocation/removement). I've been seeing NULL pointer dereferences in drm_dp_add_payload_part2 due to state->dev being NULL in the debug message printed if the payload allocation has failed. This commit restores mgr->dev to avoid the Oops. Fixes: 5aa1dfcdf0a42 ("drm/mst: Refactor the flow for payload allocation/removement") Cc: stable@vger.kernel.org Signed-off-by: Jeff Mahoney <jeffm@suse.com> --- drivers/gpu/drm/display/drm_dp_mst_topology.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)