From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751432AbbGLQwx (ORCPT <rfc822;w@1wt.eu>);
	Sun, 12 Jul 2015 12:52:53 -0400
Received: from mail-ig0-f172.google.com ([209.85.213.172]:35784 "EHLO
	mail-ig0-f172.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751131AbbGLQww convert rfc822-to-8bit (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sun, 12 Jul 2015 12:52:52 -0400
MIME-Version: 1.0
In-Reply-To: <CADDKRnB8D3H_61BCe1gD7TXQt1eRniGTfqPESnK0jM4HE16oCg@mail.gmail.com>
References: <CADDKRnB8D3H_61BCe1gD7TXQt1eRniGTfqPESnK0jM4HE16oCg@mail.gmail.com>
Date: Sun, 12 Jul 2015 09:52:51 -0700
X-Google-Sender-Auth: vKK5gkOq9NFcdl5cgtIPIMkgZEU
Message-ID: <CA+55aFxc=Xi1sjM+VFGw9ZR5-awgOy3VkE7goSuEdTJbYWfMGA@mail.gmail.com>
Subject: Re: [4.2.0-rc1-00201-g59c3cb5] Regression: kernel NULL pointer dereference
From: Linus Torvalds <torvalds@linux-foundation.org>
To: =?UTF-8?Q?J=C3=B6rg_Otte?= <jrg.otte@gmail.com>,
        Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: David Airlie <airlied@linux.ie>, DRI <dri-devel@lists.freedesktop.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Jul 12, 2015 at 1:03 AM, Jörg Otte <jrg.otte@gmail.com> wrote:
>
> BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
> IP: [<ffffffffbd3447bb>] 0xffffffffbd3447bb

Ugh. Please enable KALLSYMS to get sane symbols.

But yes, "crtc_state->base.active" is at offset 9 from "crtc_state",
so it's pretty clearly just that change frm

-       if (intel_crtc->active) {
+       if (crtc_state->base.active) {

and "crtc_state" is NULL.

And the code very much knows that crtc_state can be NULL, since it's
initialized with

        crtc_state = state->base.state ?
                intel_atomic_get_crtc_state(state->base.state,
intel_crtc) : NULL;

Tssk. Daniel? Should I just revert that commit dec4f799d0a4
("drm/i915: Use crtc_state->active in primary check_plane func") for
now, or is there a better fix? Like just checking crtc_state for NULL?

                    Linus