Message ID | 1404134744-15852-1-git-send-email-k.kozlowski@samsung.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On 2014? 06? 30? 22:25, Krzysztof Kozlowski wrote: > Fix a NULL pointer exception when main exynos drm driver was probed > successfully but no components were added (e.g. by incomplete DTS). In > such case the exynos_drm_load() is never called and drvdata is NULL. > Right, it's good report. Applied. Thanks, Inki Dae > The NULL pointer exception may theoretically also happen as a effect of race between > adding components and main driver: if suspend of the driver happens > before adding components. > > Trace: > [ 1.190295] [drm] Initialized drm 1.1.0 20060810 > [ 1.195209] exynos-drm-ipp exynos-drm-ipp: drm ipp registered successfully. > (...) > [ 24.001743] PM: Syncing filesystems ... done. > [ 24.002177] Freezing user space processes ... (elapsed 0.000 seconds) done. > [ 24.007403] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. > [ 24.032559] Unable to handle kernel NULL pointer dereference at virtual address 00000134 > [ 24.035007] pgd = dedd8000 > [ 24.037734] [00000134] *pgd=5ee13831, *pte=00000000, *ppte=00000000 > [ 24.043953] Internal error: Oops: 17 [#1] PREEMPT SMP ARM > [ 24.049329] Modules linked in: > [ 24.052371] CPU: 0 PID: 1 Comm: sh Not tainted 3.16.0-rc3-00035-geba20bbdde04-dirty #51 > [ 24.060354] task: df478000 ti: df480000 task.ti: df480000 > [ 24.065743] PC is at mutex_lock+0x10/0x50 > [ 24.069733] LR is at drm_modeset_lock_all+0x30/0xbc > [ 24.074590] pc : [<c048516c>] lr : [<c02a14b4>] psr: a0000013 > [ 24.074590] sp : df481db8 ip : 00000000 fp : c05e524c > [ 24.086045] r10: 00000002 r9 : c02c1fe4 r8 : deca5e44 > [ 24.091253] r7 : 00000000 r6 : 00000000 r5 : 0000014c r4 : 00000134 > [ 24.097763] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : 00000134 > [ 24.104275] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user > [ 24.111391] Control: 10c53c7d Table: 5edd806a DAC: 00000015 > [ 24.117120] Process sh (pid: 1, stack limit = 0xdf480240) > [ 24.122502] Stack: (0xdf481db8 to 0xdf482000) > [ 24.126843] 1da0: dee01d80 c02a14b4 > [ 24.135004] 1dc0: 00000000 00000000 c07aff98 c02aec7c 00000002 00000000 00000000 c07aff98 > [ 24.143164] 1de0: deca5e10 c02aecf4 c02aecd4 c02c2010 00000000 c02c9470 00000000 00000000 > [ 24.151322] 1e00: 00000000 00000000 deca5e10 deca5e10 00000000 c07aff98 00000002 deca5e44 > [ 24.159482] 1e20: c06d8f78 c06fb800 deca5e78 c02ca660 df7baf00 007b0aa0 deca5e10 c06fb7c8 > [ 24.167641] 1e40: c07aff98 00000000 00000002 c02cbe18 9757aec5 00000005 9757aec5 00000005 > [ 24.175801] 1e60: ded1d380 00000003 00000003 c05c74d8 ded1d380 c07209d4 c05c7514 c07105d8 > [ 24.183960] 1e80: 01e2a738 c0068a74 00000000 c05c7514 ded1d380 c071c6e0 00000004 c07105d8 > [ 24.192119] 1ea0: 01e2a738 c047f1e0 c0600cc0 df481ec4 00000003 00000000 00000003 c05c74d8 > [ 24.200278] 1ec0: ded1d380 c071c6e0 c05c7514 c07105d8 01e2a738 c0069444 c06d905c 00000003 > [ 24.208438] 1ee0: 00000003 ded1d380 c06d9064 00000004 c05c3fc0 c0067d4c df535ab0 ded1d380 > [ 24.216596] 1f00: df481f80 ded1d380 00000004 ded1d1cc ded1d1c0 c0221724 00000004 c016ca6c > [ 24.224756] 1f20: c016ca28 00000000 00000000 c016c1d4 00000000 00000000 b6f37000 df481f80 > [ 24.232915] 1f40: decedd80 00000004 df480000 df480000 b6f37000 c0110920 df47839c 60000013 > [ 24.241074] 1f60: 00000000 00000000 decedd80 decedd80 00000004 df480000 b6f37000 c0110da8 > [ 24.249233] 1f80: 00000000 00000000 00000004 b6edf5d8 00000004 b6f37000 00000004 c000f2a8 > [ 24.257393] 1fa0: 00001000 c000f0e0 b6edf5d8 00000004 00000001 b6f37000 00000004 00000000 > [ 24.265551] 1fc0: b6edf5d8 00000004 b6f37000 00000004 00000004 00000001 00000000 01e2a738 > [ 24.273711] 1fe0: 00000000 beba0a20 b6e1f4f0 b6e7022c 60000010 00000001 ffffffff ffffffff > [ 24.281885] [<c048516c>] (mutex_lock) from [<c02a14b4>] (drm_modeset_lock_all+0x30/0xbc) > [ 24.289950] [<c02a14b4>] (drm_modeset_lock_all) from [<c02aec7c>] (exynos_drm_suspend+0xc/0x64) > [ 24.298627] [<c02aec7c>] (exynos_drm_suspend) from [<c02aecf4>] (exynos_drm_sys_suspend+0x20/0x34) > [ 24.307568] [<c02aecf4>] (exynos_drm_sys_suspend) from [<c02c2010>] (platform_pm_suspend+0x2c/0x54) > [ 24.316597] [<c02c2010>] (platform_pm_suspend) from [<c02c9470>] (dpm_run_callback+0x48/0x170) > [ 24.325188] [<c02c9470>] (dpm_run_callback) from [<c02ca660>] (__device_suspend+0x128/0x39c) > [ 24.333606] [<c02ca660>] (__device_suspend) from [<c02cbe18>] (dpm_suspend+0x5c/0x314) > [ 24.341506] [<c02cbe18>] (dpm_suspend) from [<c0068a74>] (suspend_devices_and_enter+0x8c/0x598) > [ 24.350185] [<c0068a74>] (suspend_devices_and_enter) from [<c0069444>] (pm_suspend+0x4c4/0x5d0) > [ 24.358862] [<c0069444>] (pm_suspend) from [<c0067d4c>] (state_store+0x70/0xd4) > [ 24.366156] [<c0067d4c>] (state_store) from [<c0221724>] (kobj_attr_store+0x14/0x20) > [ 24.373885] [<c0221724>] (kobj_attr_store) from [<c016ca6c>] (sysfs_kf_write+0x44/0x48) > [ 24.381867] [<c016ca6c>] (sysfs_kf_write) from [<c016c1d4>] (kernfs_fop_write+0xc0/0x17c) > [ 24.390027] [<c016c1d4>] (kernfs_fop_write) from [<c0110920>] (vfs_write+0xa0/0x1c4) > [ 24.397750] [<c0110920>] (vfs_write) from [<c0110da8>] (SyS_write+0x40/0x8c) > [ 24.404782] [<c0110da8>] (SyS_write) from [<c000f0e0>] (ret_fast_syscall+0x0/0x3c) > [ 24.412332] Code: e92d4010 e1a04000 f57ff05b f590f000 (e1903f9f) > [ 24.418448] ---[ end trace cfa06690eabe8dd5 ]--- > [ 24.423032] Kernel panic - not syncing: Fatal exception > [ 24.428220] CPU1: stopping > [ 24.430905] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G D 3.16.0-rc3-00035-geba20bbdde04-dirty #51 > [ 24.440549] [<c0016440>] (unwind_backtrace) from [<c001294c>] (show_stack+0x10/0x14) > [ 24.448269] [<c001294c>] (show_stack) from [<c04811e8>] (dump_stack+0x80/0xcc) > [ 24.455472] [<c04811e8>] (dump_stack) from [<c001495c>] (handle_IPI+0x130/0x15c) > [ 24.462850] [<c001495c>] (handle_IPI) from [<c000862c>] (gic_handle_irq+0x60/0x68) > [ 24.470400] [<c000862c>] (gic_handle_irq) from [<c0013440>] (__irq_svc+0x40/0x70) > [ 24.477860] Exception stack(0xdf4bdf88 to 0xdf4bdfd0) > [ 24.482898] df80: ffffffed 00000000 00000000 00000000 df4bc000 c06d042c > [ 24.491058] dfa0: 00000000 ffffffed c06d03c0 00000000 c070c288 00000000 00000000 df4bdfd0 > [ 24.499214] dfc0: c0010324 c0010328 60000013 ffffffff > [ 24.504254] [<c0013440>] (__irq_svc) from [<c0010328>] (arch_cpu_idle+0x28/0x30) > [ 24.511634] [<c0010328>] (arch_cpu_idle) from [<c005f110>] (cpu_startup_entry+0x2c4/0x3f0) > [ 24.519878] [<c005f110>] (cpu_startup_entry) from [<400086c4>] (0x400086c4) > [ 24.526821] ---[ end Kernel panic - not syncing: Fatal exception > > Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com> > Cc: Andrzej Hajda <a.hajda@samsung.com> > Cc: Inki Dae <inki.dae@samsung.com> > Fixes: af65c8048770 ("drm/exynos: Consolidate suspend/resume in drm_drv") > Cc: <stable@vger.kernel.org> > > --- > Probably other DRM drivers may be also affected by this issue (e.g. > msm). > --- > drivers/gpu/drm/exynos/exynos_drm_drv.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c > index ab7d182063c3..e98a882c1bba 100644 > --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c > +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c > @@ -362,7 +362,7 @@ static int exynos_drm_sys_suspend(struct device *dev) > struct drm_device *drm_dev = dev_get_drvdata(dev); > pm_message_t message; > > - if (pm_runtime_suspended(dev)) > + if (pm_runtime_suspended(dev) || !drm_dev) > return 0; > > message.event = PM_EVENT_SUSPEND; > @@ -373,7 +373,7 @@ static int exynos_drm_sys_resume(struct device *dev) > { > struct drm_device *drm_dev = dev_get_drvdata(dev); > > - if (pm_runtime_suspended(dev)) > + if (pm_runtime_suspended(dev) || !drm_dev) > return 0; > > return exynos_drm_resume(drm_dev); >
diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c index ab7d182063c3..e98a882c1bba 100644 --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c @@ -362,7 +362,7 @@ static int exynos_drm_sys_suspend(struct device *dev) struct drm_device *drm_dev = dev_get_drvdata(dev); pm_message_t message; - if (pm_runtime_suspended(dev)) + if (pm_runtime_suspended(dev) || !drm_dev) return 0; message.event = PM_EVENT_SUSPEND; @@ -373,7 +373,7 @@ static int exynos_drm_sys_resume(struct device *dev) { struct drm_device *drm_dev = dev_get_drvdata(dev); - if (pm_runtime_suspended(dev)) + if (pm_runtime_suspended(dev) || !drm_dev) return 0; return exynos_drm_resume(drm_dev);
Fix a NULL pointer exception when main exynos drm driver was probed successfully but no components were added (e.g. by incomplete DTS). In such case the exynos_drm_load() is never called and drvdata is NULL. The NULL pointer exception may theoretically also happen as a effect of race between adding components and main driver: if suspend of the driver happens before adding components. Trace: [ 1.190295] [drm] Initialized drm 1.1.0 20060810 [ 1.195209] exynos-drm-ipp exynos-drm-ipp: drm ipp registered successfully. (...) [ 24.001743] PM: Syncing filesystems ... done. [ 24.002177] Freezing user space processes ... (elapsed 0.000 seconds) done. [ 24.007403] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. [ 24.032559] Unable to handle kernel NULL pointer dereference at virtual address 00000134 [ 24.035007] pgd = dedd8000 [ 24.037734] [00000134] *pgd=5ee13831, *pte=00000000, *ppte=00000000 [ 24.043953] Internal error: Oops: 17 [#1] PREEMPT SMP ARM [ 24.049329] Modules linked in: [ 24.052371] CPU: 0 PID: 1 Comm: sh Not tainted 3.16.0-rc3-00035-geba20bbdde04-dirty #51 [ 24.060354] task: df478000 ti: df480000 task.ti: df480000 [ 24.065743] PC is at mutex_lock+0x10/0x50 [ 24.069733] LR is at drm_modeset_lock_all+0x30/0xbc [ 24.074590] pc : [<c048516c>] lr : [<c02a14b4>] psr: a0000013 [ 24.074590] sp : df481db8 ip : 00000000 fp : c05e524c [ 24.086045] r10: 00000002 r9 : c02c1fe4 r8 : deca5e44 [ 24.091253] r7 : 00000000 r6 : 00000000 r5 : 0000014c r4 : 00000134 [ 24.097763] r3 : 00000000 r2 : 00000000 r1 : 00000000 r0 : 00000134 [ 24.104275] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 24.111391] Control: 10c53c7d Table: 5edd806a DAC: 00000015 [ 24.117120] Process sh (pid: 1, stack limit = 0xdf480240) [ 24.122502] Stack: (0xdf481db8 to 0xdf482000) [ 24.126843] 1da0: dee01d80 c02a14b4 [ 24.135004] 1dc0: 00000000 00000000 c07aff98 c02aec7c 00000002 00000000 00000000 c07aff98 [ 24.143164] 1de0: deca5e10 c02aecf4 c02aecd4 c02c2010 00000000 c02c9470 00000000 00000000 [ 24.151322] 1e00: 00000000 00000000 deca5e10 deca5e10 00000000 c07aff98 00000002 deca5e44 [ 24.159482] 1e20: c06d8f78 c06fb800 deca5e78 c02ca660 df7baf00 007b0aa0 deca5e10 c06fb7c8 [ 24.167641] 1e40: c07aff98 00000000 00000002 c02cbe18 9757aec5 00000005 9757aec5 00000005 [ 24.175801] 1e60: ded1d380 00000003 00000003 c05c74d8 ded1d380 c07209d4 c05c7514 c07105d8 [ 24.183960] 1e80: 01e2a738 c0068a74 00000000 c05c7514 ded1d380 c071c6e0 00000004 c07105d8 [ 24.192119] 1ea0: 01e2a738 c047f1e0 c0600cc0 df481ec4 00000003 00000000 00000003 c05c74d8 [ 24.200278] 1ec0: ded1d380 c071c6e0 c05c7514 c07105d8 01e2a738 c0069444 c06d905c 00000003 [ 24.208438] 1ee0: 00000003 ded1d380 c06d9064 00000004 c05c3fc0 c0067d4c df535ab0 ded1d380 [ 24.216596] 1f00: df481f80 ded1d380 00000004 ded1d1cc ded1d1c0 c0221724 00000004 c016ca6c [ 24.224756] 1f20: c016ca28 00000000 00000000 c016c1d4 00000000 00000000 b6f37000 df481f80 [ 24.232915] 1f40: decedd80 00000004 df480000 df480000 b6f37000 c0110920 df47839c 60000013 [ 24.241074] 1f60: 00000000 00000000 decedd80 decedd80 00000004 df480000 b6f37000 c0110da8 [ 24.249233] 1f80: 00000000 00000000 00000004 b6edf5d8 00000004 b6f37000 00000004 c000f2a8 [ 24.257393] 1fa0: 00001000 c000f0e0 b6edf5d8 00000004 00000001 b6f37000 00000004 00000000 [ 24.265551] 1fc0: b6edf5d8 00000004 b6f37000 00000004 00000004 00000001 00000000 01e2a738 [ 24.273711] 1fe0: 00000000 beba0a20 b6e1f4f0 b6e7022c 60000010 00000001 ffffffff ffffffff [ 24.281885] [<c048516c>] (mutex_lock) from [<c02a14b4>] (drm_modeset_lock_all+0x30/0xbc) [ 24.289950] [<c02a14b4>] (drm_modeset_lock_all) from [<c02aec7c>] (exynos_drm_suspend+0xc/0x64) [ 24.298627] [<c02aec7c>] (exynos_drm_suspend) from [<c02aecf4>] (exynos_drm_sys_suspend+0x20/0x34) [ 24.307568] [<c02aecf4>] (exynos_drm_sys_suspend) from [<c02c2010>] (platform_pm_suspend+0x2c/0x54) [ 24.316597] [<c02c2010>] (platform_pm_suspend) from [<c02c9470>] (dpm_run_callback+0x48/0x170) [ 24.325188] [<c02c9470>] (dpm_run_callback) from [<c02ca660>] (__device_suspend+0x128/0x39c) [ 24.333606] [<c02ca660>] (__device_suspend) from [<c02cbe18>] (dpm_suspend+0x5c/0x314) [ 24.341506] [<c02cbe18>] (dpm_suspend) from [<c0068a74>] (suspend_devices_and_enter+0x8c/0x598) [ 24.350185] [<c0068a74>] (suspend_devices_and_enter) from [<c0069444>] (pm_suspend+0x4c4/0x5d0) [ 24.358862] [<c0069444>] (pm_suspend) from [<c0067d4c>] (state_store+0x70/0xd4) [ 24.366156] [<c0067d4c>] (state_store) from [<c0221724>] (kobj_attr_store+0x14/0x20) [ 24.373885] [<c0221724>] (kobj_attr_store) from [<c016ca6c>] (sysfs_kf_write+0x44/0x48) [ 24.381867] [<c016ca6c>] (sysfs_kf_write) from [<c016c1d4>] (kernfs_fop_write+0xc0/0x17c) [ 24.390027] [<c016c1d4>] (kernfs_fop_write) from [<c0110920>] (vfs_write+0xa0/0x1c4) [ 24.397750] [<c0110920>] (vfs_write) from [<c0110da8>] (SyS_write+0x40/0x8c) [ 24.404782] [<c0110da8>] (SyS_write) from [<c000f0e0>] (ret_fast_syscall+0x0/0x3c) [ 24.412332] Code: e92d4010 e1a04000 f57ff05b f590f000 (e1903f9f) [ 24.418448] ---[ end trace cfa06690eabe8dd5 ]--- [ 24.423032] Kernel panic - not syncing: Fatal exception [ 24.428220] CPU1: stopping [ 24.430905] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G D 3.16.0-rc3-00035-geba20bbdde04-dirty #51 [ 24.440549] [<c0016440>] (unwind_backtrace) from [<c001294c>] (show_stack+0x10/0x14) [ 24.448269] [<c001294c>] (show_stack) from [<c04811e8>] (dump_stack+0x80/0xcc) [ 24.455472] [<c04811e8>] (dump_stack) from [<c001495c>] (handle_IPI+0x130/0x15c) [ 24.462850] [<c001495c>] (handle_IPI) from [<c000862c>] (gic_handle_irq+0x60/0x68) [ 24.470400] [<c000862c>] (gic_handle_irq) from [<c0013440>] (__irq_svc+0x40/0x70) [ 24.477860] Exception stack(0xdf4bdf88 to 0xdf4bdfd0) [ 24.482898] df80: ffffffed 00000000 00000000 00000000 df4bc000 c06d042c [ 24.491058] dfa0: 00000000 ffffffed c06d03c0 00000000 c070c288 00000000 00000000 df4bdfd0 [ 24.499214] dfc0: c0010324 c0010328 60000013 ffffffff [ 24.504254] [<c0013440>] (__irq_svc) from [<c0010328>] (arch_cpu_idle+0x28/0x30) [ 24.511634] [<c0010328>] (arch_cpu_idle) from [<c005f110>] (cpu_startup_entry+0x2c4/0x3f0) [ 24.519878] [<c005f110>] (cpu_startup_entry) from [<400086c4>] (0x400086c4) [ 24.526821] ---[ end Kernel panic - not syncing: Fatal exception Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com> Cc: Andrzej Hajda <a.hajda@samsung.com> Cc: Inki Dae <inki.dae@samsung.com> Fixes: af65c8048770 ("drm/exynos: Consolidate suspend/resume in drm_drv") Cc: <stable@vger.kernel.org> --- Probably other DRM drivers may be also affected by this issue (e.g. msm). --- drivers/gpu/drm/exynos/exynos_drm_drv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)