mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-02-15 20:18:04 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f315e030a202012a551eb648fa10cd90bd925b20
linux/drivers/gpu/drm
History
Thomas Zimmermann 27a7e8b6c5 drm/sysfb: Do not deref unexisting CRTC state in atomic_disable 
Do not access CRTC state in drm_sysfb_plane_helper_atomic_disable().
Use format from sysfb device for clearing scanout buffer. This is
the behavior from before commit 061963cd9e ("drm/sysfb: Blit to
CRTC destination format").

When being disabled, the plane has no associated CRTC. Trying to deref
the format pointer results in a segmentation fault. An example stack
track is shown below.

[   58.948915] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000023: 0000 [#1] SMP KASAN PTI
[   58.959971] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]
[...]
[   58.979308] RIP: 0010:drm_sysfb_plane_helper_atomic_disable+0x1af/0x520
[...]
[   59.084227] Call Trace:
[   59.086682]  <TASK>
[   59.088793]  ? __pfx_drm_sysfb_plane_helper_atomic_disable+0x10/0x10
[   59.095155]  ? crtc_disable+0xf2/0x5a0
[   59.098920]  drm_atomic_helper_commit_planes+0x848/0x1030
[   59.104336]  drm_atomic_helper_commit_tail+0x41/0xb0
[   59.109316]  commit_tail+0x204/0x330
[   59.112903]  drm_atomic_helper_commit+0x242/0x2e0
[   59.117618]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[   59.122851]  drm_atomic_commit+0x1e1/0x290
[   59.126957]  ? drm_atomic_add_affected_connectors+0x266/0x330
[   59.132714]  ? __pfx_drm_atomic_commit+0x10/0x10
[   59.137343]  ? __pfx___drm_printfn_info+0x10/0x10
[   59.142058]  ? drm_atomic_set_crtc_for_connector+0x436/0x630
[   59.147729]  atomic_remove_fb+0x631/0x920
[   59.151751]  ? save_trace+0xcf/0x180
[   59.155343]  ? __pfx_atomic_remove_fb+0x10/0x10
[   59.159890]  ? __pfx___drm_dev_dbg+0x10/0x10
[   59.164173]  drm_framebuffer_remove+0x19a/0x710

Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de>
Fixes: 061963cd9e ("drm/sysfb: Blit to CRTC destination format")
Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14874
Cc: Thomas Zimmermann <tzimmermann@suse.de>
Cc: Javier Martinez Canillas <javierm@redhat.com>
Cc: dri-devel@lists.freedesktop.org
Reviewed-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
Link: https://lore.kernel.org/r/20250826145044.954396-1-tzimmermann@suse.de
2025-08-27 14:09:58 +02:00
..
adp
drm: convert many bridge drivers from devm_kzalloc() to devm_drm_bridge_alloc() API
2025-05-23 15:03:47 +02:00
amd
drm/amdgpu: fix task hang from failed job submission during process kill
2025-08-12 16:16:36 -04:00
arm
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
armada
drm/armada: Pass along the format info from .fb_create() to drm_helper_mode_fill_fb_struct()
2025-07-16 20:07:32 +03:00
aspeed
ast
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
atmel-hlcdc
bridge
drm/bridge: simple-bridge: Add support for radxa ra620
2025-08-22 21:10:17 +03:00
ci
drm/ci: Uprev igt
2025-07-04 11:06:38 -07:00
clients
drm/fbdev-client: Skip DRM clients if modesetting is absent
2025-07-06 14:05:07 +03:00
display
drm/dp: drm_edp_backlight_set_level: do not always send 3-byte commands
2025-08-21 13:41:59 +03:00
etnaviv
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
exynos
Merge tag 'mm-stable-2025-07-30-15-25' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-07-31 14:57:54 -07:00
fsl-dcu
gma500
Merge tag 'mm-stable-2025-07-30-15-25' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-07-31 14:57:54 -07:00
gud
drm/gud: Remove unnecessary logging
2025-08-11 17:18:24 +02:00
hisilicon
Merge tag 'pci-v6.16-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci
2025-06-04 11:26:17 -07:00
hyperv
drm/hyperv: Add support for drm_panic
2025-06-05 14:59:56 +02:00
i915
drm/i915/psr: Do not trigger Frame Change events from frontbuffer flush
2025-08-12 09:05:11 +01:00
imagination
drm/gpuvm: Pass map arguments through a struct
2025-08-19 21:19:31 -07:00
imx
drm/imx: Add i.MX8qxp Display Controller KMS
2025-05-14 15:11:31 +08:00
ingenic
drm: Pass the format info to .fb_create()
2025-07-16 20:03:14 +03:00
kmb
lib
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
lima
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
logicvc
loongson
PCI: Add CONFIG_MMU dependency
2025-04-23 15:40:30 -05:00
mcde
drm/mcde: convert to devm_drm_bridge_alloc() API
2025-04-29 11:21:23 +02:00
mediatek
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
meson
Merge tag 'drm-misc-next-2025-06-12' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next
2025-06-18 08:09:35 +10:00
mgag200
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
msm
drm/msm: fix msm_gem_vma_new() allocations for managed GPUVMs
2025-08-23 17:20:18 +03:00
mxsfb
drm/mxsfb: put the bridge returned by drm_bridge_chain_get_first_bridge()
2025-07-22 13:01:28 +02:00
nouveau
Merge drm/drm-next into drm-misc-next
2025-08-20 09:33:06 +02:00
nova
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
omapdrm
Merge tag 'drm-misc-next-fixes-2025-08-12' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes
2025-08-14 07:51:34 +10:00
panel
drm/panel: ilitek-ili9881c: Add Bestar BSD1218-A101KL68 support
2025-08-22 23:00:07 +02:00
panfrost
Merge drm/drm-next into drm-misc-next
2025-08-20 09:33:06 +02:00
panthor
drm/gpuvm: Pass map arguments through a struct
2025-08-19 21:19:31 -07:00
pl111
qxl
drm/gem: Pass along the format info from .fb_create() to drm_helper_mode_fill_fb_struct()
2025-07-16 20:05:58 +03:00
radeon
drm/radeon: Pass along the format info from .fb_create() to drm_helper_mode_fill_fb_struct()
2025-08-06 15:26:16 +03:00
renesas
drm: renesas: rz-du: mipi_dsi: Convert to RUNTIME_PM_OPS()
2025-08-14 06:57:34 +01:00
rockchip
drm/rockchip: dsi2: add support rk3576
2025-08-22 23:13:11 +02:00
scheduler
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
sitronix
drm/sitronix/st7571-i2c: Add support for the ST7567 Controller
2025-07-16 12:12:39 +02:00
solomon
drm/ssd130x: fix ssd132x_clear_screen() columns
2025-06-12 14:04:56 +02:00
sprd
drm/sprd: move to devm_platform_ioremap_resource() usage
2025-03-10 16:25:01 -04:00
sti
drm/sti: hda: convert to devm_drm_bridge_alloc() API
2025-07-09 11:24:45 +02:00
stm
drm/bridge: stm_lvds: convert to devm_drm_bridge_alloc() API
2025-05-21 13:40:09 +02:00
sun4i
drm: sun4i: de33: mixer: add mixer configuration for the H616
2025-06-02 09:59:10 +02:00
sysfb
drm/sysfb: Do not deref unexisting CRTC state in atomic_disable
2025-08-27 14:09:58 +02:00
tegra
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
tests
drm: Pass the format info to .fb_create()
2025-07-16 20:03:14 +03:00
tidss
drm/tidss: Remove early fb
2025-08-13 11:11:02 +03:00
tilcdc
tiny
drm/sharp-memory: Do not access GEM-DMA vaddr directly
2025-08-11 18:49:55 +02:00
ttm
Merge tag 'mm-stable-2025-07-30-15-25' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-07-31 14:57:54 -07:00
tve200
udl
drm/gem-shmem: Do not map s/g table by default
2025-07-07 15:23:41 +02:00
v3d
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
vboxvideo
vc4
drm: Pass the format info to .fb_create()
2025-07-16 20:03:14 +03:00
vgem
drm/vgem/vgem_drv convert to use faux_device
2025-07-07 15:24:14 +02:00
virtio
drm/virtio: clean up minor codestyle issues
2025-08-20 13:36:45 +03:00
vkms
drm/vkms: Add writeback encoders as possible clones
2025-07-31 16:29:59 +02:00
vmwgfx
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
xe
Merge drm/drm-next into drm-misc-next
2025-08-20 09:33:06 +02:00
xen
drm/gem: Pass along the format info from .fb_create() to drm_helper_mode_fill_fb_struct()
2025-07-16 20:05:58 +03:00
xlnx
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
drm_atomic_helper.c
drm/atomic-helper: put the bridge returned by drm_bridge_chain_get_first_bridge()
2025-07-22 13:01:28 +02:00
drm_atomic_state_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_atomic_uapi.c
drm: re-allow no-op changes on non-primary planes in async flips
2025-08-22 14:31:21 -03:00
drm_atomic.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_auth.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_blend.c
drm/doc: document front-buffer rendering
2025-04-30 23:35:00 +02:00
drm_bridge_helper.c
drm/bridge: Include <linux/export.h>
2025-06-16 09:02:25 +02:00
drm_bridge.c
Merge tag 'drm-misc-next-2025-08-14' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next
2025-08-19 07:02:30 +10:00
drm_buddy.c
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
drm_cache.c
drm/gpu: Remove dead checks on wbinvd_on_all_cpus()'s return value
2025-07-10 13:07:26 +02:00
drm_client_event.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_client_modeset.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_client.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_color_mgmt.c
drm/color-mgmt: Prepare for RGB332 palettes
2025-08-26 09:54:18 +02:00
drm_connector.c
drm/connector: move HDR sink metadata to display info
2025-06-23 21:44:55 +03:00
drm_crtc_helper_internal.h
drm_crtc_helper.c
drm: Remove redundant statement in drm_crtc_helper_set_mode()
2025-03-27 14:02:57 +02:00
drm_crtc_internal.h
drm_crtc.c
drm_damage_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_debugfs_crc.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_debugfs.c
drm: add debugfs support on per client-id basis
2025-07-04 15:59:06 +02:00
drm_displayid_internal.h
drm/edid: Refactor DisplayID timing block structs
2025-04-16 20:40:51 +03:00
drm_displayid.c
drm_draw_internal.h
drm_draw.c
Merge drm/drm-next into drm-misc-next
2025-04-07 14:35:48 +02:00
drm_drv.c
drm: move drm based debugfs funcs to drm_debugfs.c
2025-07-04 15:58:22 +02:00
drm_dumb_buffers.c
drm_edid_load.c
drm_edid.c
Merge tag 'drm-misc-next-2025-06-26' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next
2025-06-27 09:58:05 +10:00
drm_eld.c
drm_encoder.c
drm_exec.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_fb_dma_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_fb_helper.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_fbdev_dma.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_fbdev_shmem.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_fbdev_ttm.c
drm/client: Include <linux/export.h>
2025-06-16 09:02:29 +02:00
drm_file.c
drm: add debugfs support on per client-id basis
2025-07-04 15:59:06 +02:00
drm_flip_work.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_format_helper.c
drm/format-helper: Add XRGB8888-to-RGB332 to drm_fb_blit()
2025-08-26 09:54:18 +02:00
drm_format_internal.h
drm/format-helper: Split off byte swapping from drm_fb_xrgb8888_to_rgb565()
2025-06-27 15:59:23 +02:00
drm_fourcc.c
drm: Pass pixel_format+modifier directly to drm_get_format_info()
2025-07-16 20:01:13 +03:00
drm_framebuffer.c
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
drm_gem_atomic_helper.c
drm/gem: Include <linux/export.h>
2025-06-16 09:02:35 +02:00
drm_gem_dma_helper.c
Revert "drm/gem-dma: Use dma_buf from GEM object instance"
2025-07-17 12:26:19 +02:00
drm_gem_framebuffer_helper.c
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
drm_gem_shmem_helper.c
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
drm_gem_ttm_helper.c
drm/gem: Include <linux/export.h>
2025-06-16 09:02:35 +02:00
drm_gem_vram_helper.c
drm/gem: Include <linux/export.h>
2025-06-16 09:02:35 +02:00
drm_gem.c
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
drm_gpusvm.c
drm/gpusvm: Make drm_gpusvm_for_each_* macros public
2025-08-19 21:19:36 -07:00
drm_gpuvm.c
drm/gpuvm: Introduce drm_gpuvm_madvise_ops_create
2025-08-19 21:19:35 -07:00
drm_internal.h
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
drm_ioc32.c
drm_ioctl.c
drm: Add DRM prime interface to reassign GEM handle
2025-07-18 08:59:24 +02:00
drm_kms_helper_common.c
drm_lease.c
drm_managed.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_mipi_dbi.c
drm/format-helper: Split off byte swapping from drm_fb_xrgb8888_to_rgb565()
2025-06-27 15:59:23 +02:00
drm_mipi_dsi.c
drm: Add MIPI read_multi func and two write macros
2025-08-14 15:42:26 -07:00
drm_mm.c
drm_mode_config.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_mode_object.c
drm_modes.c
drm_modeset_helper.c
drm: Make passing of format info to drm_helper_mode_fill_fb_struct() mandatory
2025-07-16 20:12:35 +03:00
drm_modeset_lock.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_of.c
drm: of: fix documentation reference
2025-08-21 16:21:08 +02:00
drm_pagemap.c
drm/xe: Implement and use the drm_pagemap populate_mm op
2025-06-26 18:00:10 +02:00
drm_panel_backlight_quirks.c
drm/panel: Include <linux/export.h>
2025-06-16 09:02:39 +02:00
drm_panel_orientation_quirks.c
drm/panel: Include <linux/export.h>
2025-06-16 09:02:39 +02:00
drm_panel.c
drm/panel: Allow powering on panel follower after panel is enabled
2025-08-25 09:17:49 -07:00
drm_panic_qr.rs
Merge tag 'rust-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux
2025-08-03 13:49:10 -07:00
drm_panic.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_pci.c
drm: Do not include <linux/export.h>
2025-06-16 09:00:09 +02:00
drm_plane_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_plane.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_prime.c
Merge drm/drm-next into drm-misc-n
2025-08-11 14:37:45 +02:00
drm_print.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_privacy_screen_x86.c
drm_privacy_screen.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_probe_helper.c
drm/probe-helper: put the bridge returned by drm_bridge_chain_get_first_bridge()
2025-07-22 13:01:28 +02:00
drm_property.c
drm_rect.c
drm_self_refresh_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_simple_kms_helper.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_suballoc.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_syncobj.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_sysfs.c
sysfs: treewide: switch back to attribute_group::bin_attrs
2025-06-17 10:44:15 +02:00
drm_trace_points.c
drm_trace.h
drm_vblank_work.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_vblank.c
treewide, timers: Rename from_timer() to timer_container_of()
2025-06-08 09:07:37 +02:00
drm_vma_manager.c
drm: Include <linux/export.h>
2025-06-16 09:01:23 +02:00
drm_writeback.c
Merge tag 'drm-next-2025-07-30' of https://gitlab.freedesktop.org/drm/kernel
2025-07-30 19:26:49 -07:00
Kconfig
Merge tag 'pci-v6.16-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci
2025-06-04 11:26:17 -07:00
Kconfig.debug
drm/format-helper: Move drm_fb_build_fourcc_list() to sysfb helpers
2025-06-18 10:46:03 +02:00
Makefile
drm/gpusvm, drm/pagemap: Move migration functionality to drm_pagemap
2025-06-26 18:00:07 +02:00