[Bug 97666] Kernel "NULL pointer dereference" with MST monitor on HSW

Tue Oct 25 01:51:02 UTC 2016

https://bugs.freedesktop.org/show_bug.cgi?id=97666

--- Comment #38 from Carlos Santa <carlos.santa at intel.com> ---
(In reply to Ville Syrjala from comment #37)
> (In reply to Carlos Santa from comment #35)
> > Created attachment 127461 [details]
> > 10-21-2016.dmesg stack trace
> 
> Pushed another little thing to dp_mst_fixes
> 3852841d51ba ("drm/dp/mst: Clear port->pdt when tearing down the i2c
> adapter")
> 
> I don't particularly like how that code is structured, so can't say with any
> certainty that this would help, but let's try anyway.

With this last patch, it still fails the same way as before, no changes to the
values inside the struct that defines the port->connector, it seems it's
corrupted as it's no NULL but not valid at the same time.

In my debugging I added one simple check here,

@@ -1162,7 +1164,8 @@ static void drm_dp_add_port(struct drm_dp_mst_branch
*mstb,
                        drm_dp_put_port(port);
                        goto out;
                }
-               if (port->port_num >= DP_MST_LOGICAL_PORT_0) {
+               printk("************* Carlos %s %d port_num: %d port_status:
%d\n",__FUNCTION__,__LINE__,port->port_num, port->conne
+               if (port->port_num >= DP_MST_LOGICAL_PORT_0 &&
port->connector->status != connector_status_unknown) {
                        port->cached_edid = drm_get_edid(port->connector,
&port->aux.ddc);
                        drm_mode_connector_set_tile_property(port->connector);
                }

where I skip calling drm_get_edid() if the status of the port becomes
"unknown",and with that the crash is avoided ( I still have to force the
modeset with CRTL+F1, CRTL+F7). This shows that the struct port->connector is
certainly not NULL yet it seems to arrive to this point with invalid data,
perhaps corrupted?

Another observation, one has to press the On/Off button for this to become a
problem, if I leave the system to suspend and then wake up the monitor with the
mouse, then I don't see the crash, so maybe it's a cleanup problem during the
off button sequence???

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-gfx-bugs/attachments/20161025/0a5d8afd/attachment.html>
