[Bug 109084] [CI][DRMTIP] igt at kms_cursor_legacy@2x-long-flip-vs-cursor-legacy - incomplete - RIP: 0010:skl_check_pipe_max_pixel_rate+0x8b/0x2d0
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Apr 16 00:03:10 UTC 2019
https://bugs.freedesktop.org/show_bug.cgi?id=109084
--- Comment #8 from Clinton Taylor <clinton.a.taylor at intel.com> ---
Testing so far:
Ran 2x-long-flip-vs-cursor-legacy for 5 hours today without duplicating the
issue. During the 5 hours the DUT had 3 CRTC's enabled and I hot-plugged DP and
USB_C cables in and out at random intervals to attempt to cause an invalid CRTC
to occur.
Possible fixes to NULL de-reference:
There appears to be 2 ways to get a GP fault in
skl_check_pipe_max_pixel_rate().
1. intel_crtc passed in is NULL.
2. pstate is resolving as NULL via
drm_atomic_crtc_state_for_each_plane_state().
Assuming intel_crtc_state (cstate) is valid since it's already de-referenced
several times in intel_crtc_atomic_check().
Based on the offset (0x8b) in the OOP message the issue is probably not
intel_crtc which is de-referenced to get dev_priv in the first line of code.
GP message: skl_check_pipe_max_pixel_rate+0x8b/0x2d0 [i915]
Submit patch to protect intel_crtc in intel_display.c and pstate in intel_pm.c
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-gfx-bugs/attachments/20190416/a4d8691c/attachment-0001.html>
More information about the intel-gfx-bugs
mailing list