From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 844D7C433F5 for ; Tue, 4 Sep 2018 21:09:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 15FB120867 for ; Tue, 4 Sep 2018 21:09:02 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lekensteyn.nl header.i=@lekensteyn.nl header.b="K8P0gp4W" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 15FB120867 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=lekensteyn.nl Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727290AbeIEBfw (ORCPT ); Tue, 4 Sep 2018 21:35:52 -0400 Received: from lekensteyn.nl ([178.21.112.251]:44485 "EHLO lekensteyn.nl" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727213AbeIEBfv (ORCPT ); Tue, 4 Sep 2018 21:35:51 -0400 X-Greylist: delayed 2474 seconds by postgrey-1.27 at vger.kernel.org; Tue, 04 Sep 2018 21:35:51 EDT DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lekensteyn.nl; s=s2048-2015-q1; h=Message-Id:Date:Subject:Cc:To:From; bh=sGJ23fEclMpORbwCZVDGM19HmTiCRATIn0wraawGi0c=; b=K8P0gp4WKoGP3jdq+/xXN3MRmh1cJoWoPTXuZ70zACMdfQacWX6jeak0DitvGXBWm7x4m3UHcq6RCobJk1qoJibILrwPgOHt15IxTTMfQHYRnyh/BMyHnXd6vHP6jNuAIVvJrfa9ktN0odGxFtYkL3WAdUFX7jALLm4J5SnCwDH8MmbG6UQMHTGQ3x4GFvfjAlJdhGNmm/5TVgpKYzCeZQlsnoM1q7BZbM2XvAZ4pJWcgFQW1eWsrLlHFPWnGC6YVgBiNTPsf8RRgfdR4irymW5PLC4kw2Oh2egqiK6a+G8xTCXHbzwTPKFyld0zDtlMtapcuFwE8XCN8xDPodgZQQ==; Received: by lekensteyn.nl with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1fxHvN-0002Ox-Fh; Tue, 04 Sep 2018 22:27:45 +0200 From: Peter Wu To: Dave Airlie , Gerd Hoffmann Cc: Alan Jenkins , virtualization@lists.linux-foundation.org, dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org Subject: [PATCH] qxl: fix null-pointer crash during suspend Date: Tue, 4 Sep 2018 22:27:47 +0200 Message-Id: <20180904202747.14968-1-peter@lekensteyn.nl> X-Mailer: git-send-email 2.18.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org "crtc->helper_private" is not initialized by the QXL driver and thus the "crtc_funcs->disable" call would crash (resulting in suspend failure). Fix this by converting the suspend/resume functions to use the drm_mode_config_helper_* helpers. Tested system sleep with QEMU 3.0 using "echo mem > /sys/power/state". During suspend the following message is visible from QEMU: spice/server/display-channel.c:2425:display_channel_validate_surface: canvas address is 0x7fd05da68308 for 0 (and is NULL) spice/server/display-channel.c:2426:display_channel_validate_surface: failed on 0 This seems to be triggered by QXL_IO_NOTIFY_CMD after QXL_IO_DESTROY_PRIMARY_ASYNC, but aside from the warning things still seem to work (tested with both the GTK and -spice options). Signed-off-by: Peter Wu --- Hi, I found this issue while trying to suspend a VM that uses QXL. In order to see the stack trace over serial, boot with no_console_suspend. Searching for "qxl_drm_freeze" showed one recent report from Alan: https://lkml.kernel.org/r/891e334c-cf19-032c-b996-59ac166fcde1@gmail.com Kind regards, Peter --- drivers/gpu/drm/qxl/qxl_drv.c | 26 +++++--------------------- 1 file changed, 5 insertions(+), 21 deletions(-) diff --git a/drivers/gpu/drm/qxl/qxl_drv.c b/drivers/gpu/drm/qxl/qxl_drv.c index 2445e75cf7ea..d00f45eed03c 100644 --- a/drivers/gpu/drm/qxl/qxl_drv.c +++ b/drivers/gpu/drm/qxl/qxl_drv.c @@ -136,20 +136,11 @@ static int qxl_drm_freeze(struct drm_device *dev) { struct pci_dev *pdev = dev->pdev; struct qxl_device *qdev = dev->dev_private; - struct drm_crtc *crtc; - - drm_kms_helper_poll_disable(dev); - - console_lock(); - qxl_fbdev_set_suspend(qdev, 1); - console_unlock(); + int ret; - /* unpin the front buffers */ - list_for_each_entry(crtc, &dev->mode_config.crtc_list, head) { - const struct drm_crtc_helper_funcs *crtc_funcs = crtc->helper_private; - if (crtc->enabled) - (*crtc_funcs->disable)(crtc); - } + ret = drm_mode_config_helper_suspend(dev); + if (ret) + return ret; qxl_destroy_monitors_object(qdev); qxl_surf_evict(qdev); @@ -175,14 +166,7 @@ static int qxl_drm_resume(struct drm_device *dev, bool thaw) } qxl_create_monitors_object(qdev); - drm_helper_resume_force_mode(dev); - - console_lock(); - qxl_fbdev_set_suspend(qdev, 0); - console_unlock(); - - drm_kms_helper_poll_enable(dev); - return 0; + return drm_mode_config_helper_resume(dev); } static int qxl_pm_suspend(struct device *dev) -- 2.18.0 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter Wu Subject: [PATCH] qxl: fix null-pointer crash during suspend Date: Tue, 4 Sep 2018 22:27:47 +0200 Message-ID: <20180904202747.14968-1-peter@lekensteyn.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from lekensteyn.nl (lekensteyn.nl [178.21.112.251]) by gabe.freedesktop.org (Postfix) with ESMTPS id 47676895C4 for ; Tue, 4 Sep 2018 21:08:59 +0000 (UTC) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" To: Dave Airlie , Gerd Hoffmann Cc: Alan Jenkins , linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, virtualization@lists.linux-foundation.org List-Id: dri-devel@lists.freedesktop.org ImNydGMtPmhlbHBlcl9wcml2YXRlIiBpcyBub3QgaW5pdGlhbGl6ZWQgYnkgdGhlIFFYTCBkcml2 ZXIgYW5kIHRodXMgdGhlCiJjcnRjX2Z1bmNzLT5kaXNhYmxlIiBjYWxsIHdvdWxkIGNyYXNoIChy ZXN1bHRpbmcgaW4gc3VzcGVuZCBmYWlsdXJlKS4KRml4IHRoaXMgYnkgY29udmVydGluZyB0aGUg c3VzcGVuZC9yZXN1bWUgZnVuY3Rpb25zIHRvIHVzZSB0aGUKZHJtX21vZGVfY29uZmlnX2hlbHBl cl8qIGhlbHBlcnMuCgpUZXN0ZWQgc3lzdGVtIHNsZWVwIHdpdGggUUVNVSAzLjAgdXNpbmcgImVj aG8gbWVtID4gL3N5cy9wb3dlci9zdGF0ZSIuCkR1cmluZyBzdXNwZW5kIHRoZSBmb2xsb3dpbmcg bWVzc2FnZSBpcyB2aXNpYmxlIGZyb20gUUVNVToKCiAgICBzcGljZS9zZXJ2ZXIvZGlzcGxheS1j aGFubmVsLmM6MjQyNTpkaXNwbGF5X2NoYW5uZWxfdmFsaWRhdGVfc3VyZmFjZTogY2FudmFzIGFk ZHJlc3MgaXMgMHg3ZmQwNWRhNjgzMDggZm9yIDAgKGFuZCBpcyBOVUxMKQogICAgc3BpY2Uvc2Vy dmVyL2Rpc3BsYXktY2hhbm5lbC5jOjI0MjY6ZGlzcGxheV9jaGFubmVsX3ZhbGlkYXRlX3N1cmZh Y2U6IGZhaWxlZCBvbiAwCgpUaGlzIHNlZW1zIHRvIGJlIHRyaWdnZXJlZCBieSBRWExfSU9fTk9U SUZZX0NNRCBhZnRlcgpRWExfSU9fREVTVFJPWV9QUklNQVJZX0FTWU5DLCBidXQgYXNpZGUgZnJv bSB0aGUgd2FybmluZyB0aGluZ3Mgc3RpbGwKc2VlbSB0byB3b3JrICh0ZXN0ZWQgd2l0aCBib3Ro IHRoZSBHVEsgYW5kIC1zcGljZSBvcHRpb25zKS4KClNpZ25lZC1vZmYtYnk6IFBldGVyIFd1IDxw ZXRlckBsZWtlbnN0ZXluLm5sPgotLS0KSGksCgpJIGZvdW5kIHRoaXMgaXNzdWUgd2hpbGUgdHJ5 aW5nIHRvIHN1c3BlbmQgYSBWTSB0aGF0IHVzZXMgUVhMLiBJbiBvcmRlciB0byBzZWUKdGhlIHN0 YWNrIHRyYWNlIG92ZXIgc2VyaWFsLCBib290IHdpdGggbm9fY29uc29sZV9zdXNwZW5kLiBTZWFy Y2hpbmcgZm9yCiJxeGxfZHJtX2ZyZWV6ZSIgc2hvd2VkIG9uZSByZWNlbnQgcmVwb3J0IGZyb20g QWxhbjoKaHR0cHM6Ly9sa21sLmtlcm5lbC5vcmcvci84OTFlMzM0Yy1jZjE5LTAzMmMtYjk5Ni01 OWFjMTY2ZmNkZTFAZ21haWwuY29tCgpLaW5kIHJlZ2FyZHMsClBldGVyCi0tLQogZHJpdmVycy9n cHUvZHJtL3F4bC9xeGxfZHJ2LmMgfCAyNiArKysrKy0tLS0tLS0tLS0tLS0tLS0tLS0tLQogMSBm aWxlIGNoYW5nZWQsIDUgaW5zZXJ0aW9ucygrKSwgMjEgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0 IGEvZHJpdmVycy9ncHUvZHJtL3F4bC9xeGxfZHJ2LmMgYi9kcml2ZXJzL2dwdS9kcm0vcXhsL3F4 bF9kcnYuYwppbmRleCAyNDQ1ZTc1Y2Y3ZWEuLmQwMGY0NWVlZDAzYyAxMDA2NDQKLS0tIGEvZHJp dmVycy9ncHUvZHJtL3F4bC9xeGxfZHJ2LmMKKysrIGIvZHJpdmVycy9ncHUvZHJtL3F4bC9xeGxf ZHJ2LmMKQEAgLTEzNiwyMCArMTM2LDExIEBAIHN0YXRpYyBpbnQgcXhsX2RybV9mcmVlemUoc3Ry dWN0IGRybV9kZXZpY2UgKmRldikKIHsKIAlzdHJ1Y3QgcGNpX2RldiAqcGRldiA9IGRldi0+cGRl djsKIAlzdHJ1Y3QgcXhsX2RldmljZSAqcWRldiA9IGRldi0+ZGV2X3ByaXZhdGU7Ci0Jc3RydWN0 IGRybV9jcnRjICpjcnRjOwotCi0JZHJtX2ttc19oZWxwZXJfcG9sbF9kaXNhYmxlKGRldik7Ci0K LQljb25zb2xlX2xvY2soKTsKLQlxeGxfZmJkZXZfc2V0X3N1c3BlbmQocWRldiwgMSk7Ci0JY29u c29sZV91bmxvY2soKTsKKwlpbnQgcmV0OwogCi0JLyogdW5waW4gdGhlIGZyb250IGJ1ZmZlcnMg Ki8KLQlsaXN0X2Zvcl9lYWNoX2VudHJ5KGNydGMsICZkZXYtPm1vZGVfY29uZmlnLmNydGNfbGlz dCwgaGVhZCkgewotCQljb25zdCBzdHJ1Y3QgZHJtX2NydGNfaGVscGVyX2Z1bmNzICpjcnRjX2Z1 bmNzID0gY3J0Yy0+aGVscGVyX3ByaXZhdGU7Ci0JCWlmIChjcnRjLT5lbmFibGVkKQotCQkJKCpj cnRjX2Z1bmNzLT5kaXNhYmxlKShjcnRjKTsKLQl9CisJcmV0ID0gZHJtX21vZGVfY29uZmlnX2hl bHBlcl9zdXNwZW5kKGRldik7CisJaWYgKHJldCkKKwkJcmV0dXJuIHJldDsKIAogCXF4bF9kZXN0 cm95X21vbml0b3JzX29iamVjdChxZGV2KTsKIAlxeGxfc3VyZl9ldmljdChxZGV2KTsKQEAgLTE3 NSwxNCArMTY2LDcgQEAgc3RhdGljIGludCBxeGxfZHJtX3Jlc3VtZShzdHJ1Y3QgZHJtX2Rldmlj ZSAqZGV2LCBib29sIHRoYXcpCiAJfQogCiAJcXhsX2NyZWF0ZV9tb25pdG9yc19vYmplY3QocWRl dik7Ci0JZHJtX2hlbHBlcl9yZXN1bWVfZm9yY2VfbW9kZShkZXYpOwotCi0JY29uc29sZV9sb2Nr KCk7Ci0JcXhsX2ZiZGV2X3NldF9zdXNwZW5kKHFkZXYsIDApOwotCWNvbnNvbGVfdW5sb2NrKCk7 Ci0KLQlkcm1fa21zX2hlbHBlcl9wb2xsX2VuYWJsZShkZXYpOwotCXJldHVybiAwOworCXJldHVy biBkcm1fbW9kZV9jb25maWdfaGVscGVyX3Jlc3VtZShkZXYpOwogfQogCiBzdGF0aWMgaW50IHF4 bF9wbV9zdXNwZW5kKHN0cnVjdCBkZXZpY2UgKmRldikKLS0gCjIuMTguMAoKX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KZHJpLWRldmVsIG1haWxpbmcgbGlz dApkcmktZGV2ZWxAbGlzdHMuZnJlZWRlc2t0b3Aub3JnCmh0dHBzOi8vbGlzdHMuZnJlZWRlc2t0 b3Aub3JnL21haWxtYW4vbGlzdGluZm8vZHJpLWRldmVsCg==