[PATCH] drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up
Gerd Hoffmann
kraxel at redhat.com
Fri Aug 10 06:03:05 UTC 2018
On Fri, Jul 20, 2018 at 01:27:43PM +0200, Thomas Zimmermann wrote:
> In the Cirrus driver, the regular clean-up code also performs the clean-up
> of a failed initialization. If the fbdev's framebuffer was not initialized,
> the clean-up will fail within drm_framebuffer_unregister_private. Booting
> with cirrus.bpp=16 triggers this bug.
>
> The framebuffer is currently stored directly within struct cirrus_fbdev. To
> fix the bug, we turn it into a pointer that is only set for initialized
> framebuffers. The fbdev's clean-up code skips uninitialized framebuffers.
>
> The memory for struct drm_framebuffer is allocated dynamically. This requires
> additional error handling within cirrusfb_create. The framebuffer clean-up is
> now performed by drm_framebuffer_put, which also frees the data strcuture's
> memory.
pushed to drm-misc-next (also the other ones, except the failing ttm_put
patches).
thanks,
Gerd
More information about the dri-devel
mailing list