<html> <head> <base href="https://bugs.freedesktop.org/"> </head> <body> <div> <a class="bz_bug_link bz_status_ASSIGNED " title="ASSIGNED - Kernel "NULL pointer dereference" with MST monitor on HSW" href="https://bugs.freedesktop.org/show_bug.cgi?id=97666#c11">Comment # 11</a> on <a class="bz_bug_link bz_status_ASSIGNED " title="ASSIGNED - Kernel "NULL pointer dereference" with MST monitor on HSW" href="https://bugs.freedesktop.org/show_bug.cgi?id=97666">bug 97666</a> from <a class="email" href="mailto:carlos.santa@intel.com" title="Carlos Santa <carlos.santa@intel.com>"> Carlos Santa</a> <pre>unfortunately the steps to repro from <a href="show_bug.cgi?id=97666#c1">comment #1</a> are not working for me, so it's making progress on this bug rather slow. I was able to see the null pointer only one time, however the stack trace although similar it wasn't exactly the same (see attachment). Specifically, step #4, where I am supposed to get the screen back is not happening for me, it stays black the entire time with no crash. Step #5 above, where another mode setting occurs I am able to get the screen back but no crash either. (I am on skylake + nightly). I have been trying the above steps consistently 10+ times. Looking at the stack trace and the problem appears to be starting when drm_probe_ddc() gets called from drm_get_edid() inside drm_edid.c. The adapter as a parameter is being passed but never check for null, specifically the call to drm_do_probe_ddc_edid() derefences some of the fields of adapter struct when the call to i2c_transfer() gets called, most likely causing the crash. I am attaching a debug patch as reference.</pre> </div> <hr> You are receiving this mail because: <ul> <li>You are on the CC list for the bug.</li> <li>You are the QA Contact for the bug.</li> </ul> </body> </html>