Patch "fbdev: Fix unregistering of framebuffers without device" has been added to the 5.17-stable tree
This is a note to let you know that I've just added the patch titled
fbdev: Fix unregistering of framebuffers without device
to the 5.17-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fbdev-fix-unregistering-of-framebuffers-without-device.patch
and it can be found in the queue-5.17 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 Mon Sep 17 00:00:00 2001
From: Thomas Zimmermann
Date: Mon, 4 Apr 2022 21:44:02 +0200
Subject: fbdev: Fix unregistering of framebuffers without device
From: Thomas Zimmermann
commit 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 upstream.
OF framebuffers do not have an underlying device in the Linux
device hierarchy. Do a regular unregister call instead of hot
unplugging such a non-existing device. Fixes a NULL dereference.
An example error message on ppc64le is shown below.
BUG: Kernel NULL pointer dereference on read at 0x0060
Faulting instruction address: 0xc080dfa4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[...]
CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
NIP: c080dfa4 LR: c080df9c CTR: c0797430
REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
MSR: 82009033 CR: 28228282 XER: 2000
CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
GPR00: c080df9c c4133280 c169d200 0029
GPR04: efff c4132f90 c4132f88
GPR08: c15658f8 c15cd200 c14f57d0 48228283
GPR12: c0003fffe300 2000
GPR16: 000113fc4a40 0005 000113fcfb80
GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
GPR24: 0001 000a c00800db0168 c21f6ec0
GPR28: c16d65a8 c4b36460 c16d64b0
NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
[c4133280] [c080df9c]
do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
[c4133350] [c080e4d0]
remove_conflicting_framebuffers+0x60/0x150
[c41333a0] [c080e6f4]
remove_conflicting_pci_framebuffers+0x134/0x1b0
[c4133450] [c00800e70438]
drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
[c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
[...]
[c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
[c4133e10] [c000c3cc] system_call_common+0xec/0x250
The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
firmware fb devices on forced removal"). Most firmware framebuffers
have an underlying platform device, which can be hot-unplugged
before loading the native graphics driver. OF framebuffers do not
(yet) have that device. Fix the code by unregistering the framebuffer
as before without a hot unplug.
Tested with 5.17 on qemu ppc64le emulation.
Signed-off-by: Thomas Zimmermann
Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced removal")
Reported-by: Sudip Mukherjee
Reviewed-by: Daniel Vetter
Reviewed-by: Javier Martinez Canillas
Tested-by: Sudip Mukherjee
Cc: Zack Rusin
Cc: Javier Martinez Canillas
Cc: Hans de Goede
Cc: sta...@vger.kernel.org # v5.11+
Cc: Helge Deller
Cc: Daniel Vetter
Cc: Sam Ravnborg
Cc: Zheyu Ma
Cc: Xiyu Yang
Cc: Zhen Lei
Cc: Matthew Wilcox
Cc: Alex Deucher
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: linux-fb...@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
Link:
https://patchwork.freedesktop.org/patch/msgid/20220404194402.29974-1-tzimmerm...@suse.de
Signed-off-by: Greg Kroah-Hartman
---
drivers/video/fbdev/core/fbmem.c |9 -
1 file changed, 8 insertions(+), 1 deletion(-)
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1583,7 +1583,14 @@ static void do_remove_conflicting_frameb
* If it's not a platform device, at least print a
warning. A
* fix would add code to remove the device from the
system.
*/
- if (dev_is_platform(device)) {
+ if (!device) {
+ /* TODO: Represent each OF framebuffer as its
own
+* device in the device hierarchy. For now, offb
+* doesn't have such a device, so unregister the
+* framebuffer as
Patch "fbdev: Fix unregistering of framebuffers without device" has been added to the 5.16-stable tree
This is a note to let you know that I've just added the patch titled
fbdev: Fix unregistering of framebuffers without device
to the 5.16-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fbdev-fix-unregistering-of-framebuffers-without-device.patch
and it can be found in the queue-5.16 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 Mon Sep 17 00:00:00 2001
From: Thomas Zimmermann
Date: Mon, 4 Apr 2022 21:44:02 +0200
Subject: fbdev: Fix unregistering of framebuffers without device
From: Thomas Zimmermann
commit 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 upstream.
OF framebuffers do not have an underlying device in the Linux
device hierarchy. Do a regular unregister call instead of hot
unplugging such a non-existing device. Fixes a NULL dereference.
An example error message on ppc64le is shown below.
BUG: Kernel NULL pointer dereference on read at 0x0060
Faulting instruction address: 0xc080dfa4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[...]
CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
NIP: c080dfa4 LR: c080df9c CTR: c0797430
REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
MSR: 82009033 CR: 28228282 XER: 2000
CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
GPR00: c080df9c c4133280 c169d200 0029
GPR04: efff c4132f90 c4132f88
GPR08: c15658f8 c15cd200 c14f57d0 48228283
GPR12: c0003fffe300 2000
GPR16: 000113fc4a40 0005 000113fcfb80
GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
GPR24: 0001 000a c00800db0168 c21f6ec0
GPR28: c16d65a8 c4b36460 c16d64b0
NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
[c4133280] [c080df9c]
do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
[c4133350] [c080e4d0]
remove_conflicting_framebuffers+0x60/0x150
[c41333a0] [c080e6f4]
remove_conflicting_pci_framebuffers+0x134/0x1b0
[c4133450] [c00800e70438]
drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
[c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
[...]
[c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
[c4133e10] [c000c3cc] system_call_common+0xec/0x250
The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
firmware fb devices on forced removal"). Most firmware framebuffers
have an underlying platform device, which can be hot-unplugged
before loading the native graphics driver. OF framebuffers do not
(yet) have that device. Fix the code by unregistering the framebuffer
as before without a hot unplug.
Tested with 5.17 on qemu ppc64le emulation.
Signed-off-by: Thomas Zimmermann
Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced removal")
Reported-by: Sudip Mukherjee
Reviewed-by: Daniel Vetter
Reviewed-by: Javier Martinez Canillas
Tested-by: Sudip Mukherjee
Cc: Zack Rusin
Cc: Javier Martinez Canillas
Cc: Hans de Goede
Cc: sta...@vger.kernel.org # v5.11+
Cc: Helge Deller
Cc: Daniel Vetter
Cc: Sam Ravnborg
Cc: Zheyu Ma
Cc: Xiyu Yang
Cc: Zhen Lei
Cc: Matthew Wilcox
Cc: Alex Deucher
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: linux-fb...@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
Link:
https://patchwork.freedesktop.org/patch/msgid/20220404194402.29974-1-tzimmerm...@suse.de
Signed-off-by: Greg Kroah-Hartman
---
drivers/video/fbdev/core/fbmem.c |9 -
1 file changed, 8 insertions(+), 1 deletion(-)
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1581,7 +1581,14 @@ static void do_remove_conflicting_frameb
* If it's not a platform device, at least print a
warning. A
* fix would add code to remove the device from the
system.
*/
- if (dev_is_platform(device)) {
+ if (!device) {
+ /* TODO: Represent each OF framebuffer as its
own
+* device in the device hierarchy. For now, offb
+* doesn't have such a device, so unregister the
+* framebuffer as
Patch "fbdev: Fix unregistering of framebuffers without device" has been added to the 5.15-stable tree
This is a note to let you know that I've just added the patch titled
fbdev: Fix unregistering of framebuffers without device
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fbdev-fix-unregistering-of-framebuffers-without-device.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 Mon Sep 17 00:00:00 2001
From: Thomas Zimmermann
Date: Mon, 4 Apr 2022 21:44:02 +0200
Subject: fbdev: Fix unregistering of framebuffers without device
From: Thomas Zimmermann
commit 0f525289ff0ddeb380813bd81e0f9bdaaa1c9078 upstream.
OF framebuffers do not have an underlying device in the Linux
device hierarchy. Do a regular unregister call instead of hot
unplugging such a non-existing device. Fixes a NULL dereference.
An example error message on ppc64le is shown below.
BUG: Kernel NULL pointer dereference on read at 0x0060
Faulting instruction address: 0xc080dfa4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[...]
CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
NIP: c080dfa4 LR: c080df9c CTR: c0797430
REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
MSR: 82009033 CR: 28228282 XER: 2000
CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
GPR00: c080df9c c4133280 c169d200 0029
GPR04: efff c4132f90 c4132f88
GPR08: c15658f8 c15cd200 c14f57d0 48228283
GPR12: c0003fffe300 2000
GPR16: 000113fc4a40 0005 000113fcfb80
GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
GPR24: 0001 000a c00800db0168 c21f6ec0
GPR28: c16d65a8 c4b36460 c16d64b0
NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
[c4133280] [c080df9c]
do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
[c4133350] [c080e4d0]
remove_conflicting_framebuffers+0x60/0x150
[c41333a0] [c080e6f4]
remove_conflicting_pci_framebuffers+0x134/0x1b0
[c4133450] [c00800e70438]
drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
[c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
[...]
[c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
[c4133e10] [c000c3cc] system_call_common+0xec/0x250
The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
firmware fb devices on forced removal"). Most firmware framebuffers
have an underlying platform device, which can be hot-unplugged
before loading the native graphics driver. OF framebuffers do not
(yet) have that device. Fix the code by unregistering the framebuffer
as before without a hot unplug.
Tested with 5.17 on qemu ppc64le emulation.
Signed-off-by: Thomas Zimmermann
Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced removal")
Reported-by: Sudip Mukherjee
Reviewed-by: Daniel Vetter
Reviewed-by: Javier Martinez Canillas
Tested-by: Sudip Mukherjee
Cc: Zack Rusin
Cc: Javier Martinez Canillas
Cc: Hans de Goede
Cc: sta...@vger.kernel.org # v5.11+
Cc: Helge Deller
Cc: Daniel Vetter
Cc: Sam Ravnborg
Cc: Zheyu Ma
Cc: Xiyu Yang
Cc: Zhen Lei
Cc: Matthew Wilcox
Cc: Alex Deucher
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: linux-fb...@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
Link:
https://patchwork.freedesktop.org/patch/msgid/20220404194402.29974-1-tzimmerm...@suse.de
Signed-off-by: Greg Kroah-Hartman
---
drivers/video/fbdev/core/fbmem.c |9 -
1 file changed, 8 insertions(+), 1 deletion(-)
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1581,7 +1581,14 @@ static void do_remove_conflicting_frameb
* If it's not a platform device, at least print a
warning. A
* fix would add code to remove the device from the
system.
*/
- if (dev_is_platform(device)) {
+ if (!device) {
+ /* TODO: Represent each OF framebuffer as its
own
+* device in the device hierarchy. For now, offb
+* doesn't have such a device, so unregister the
+* framebuffer as
Re: [PATCH] fbdev: Fix unregistering of framebuffers without device
Hi
Am 05.04.22 um 11:01 schrieb Daniel Vetter:
On Mon, Apr 04, 2022 at 09:44:02PM +0200, Thomas Zimmermann wrote:
OF framebuffers do not have an underlying device in the Linux
device hierarchy. Do a regular unregister call instead of hot
unplugging such a non-existing device. Fixes a NULL dereference.
An example error message on ppc64le is shown below.
BUG: Kernel NULL pointer dereference on read at 0x0060
Faulting instruction address: 0xc080dfa4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[...]
CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
NIP: c080dfa4 LR: c080df9c CTR: c0797430
REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
MSR: 82009033 CR: 28228282 XER:
2000
CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
GPR00: c080df9c c4133280 c169d200 0029
GPR04: efff c4132f90 c4132f88
GPR08: c15658f8 c15cd200 c14f57d0 48228283
GPR12: c0003fffe300 2000
GPR16: 000113fc4a40 0005 000113fcfb80
GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
GPR24: 0001 000a c00800db0168 c21f6ec0
GPR28: c16d65a8 c4b36460 c16d64b0
NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
[c4133280] [c080df9c]
do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
[c4133350] [c080e4d0]
remove_conflicting_framebuffers+0x60/0x150
[c41333a0] [c080e6f4]
remove_conflicting_pci_framebuffers+0x134/0x1b0
[c4133450] [c00800e70438]
drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
[c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
[...]
[c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
[c4133e10] [c000c3cc] system_call_common+0xec/0x250
The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
firmware fb devices on forced removal"). Most firmware framebuffers
have an underlying platform device, which can be hot-unplugged
before loading the native graphics driver. OF framebuffers do not
(yet) have that device. Fix the code by unregistering the framebuffer
as before without a hot unplug.
Tested with 5.17 on qemu ppc64le emulation.
Signed-off-by: Thomas Zimmermann
Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced removal")
Reported-by: Sudip Mukherjee
Cc: Zack Rusin
Cc: Javier Martinez Canillas
Cc: Hans de Goede
Cc: sta...@vger.kernel.org # v5.11+
Cc: Helge Deller
Cc: Daniel Vetter
Cc: Sam Ravnborg
Cc: Zheyu Ma
Cc: Xiyu Yang
Cc: Zhen Lei
Cc: Matthew Wilcox
Cc: Alex Deucher
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: linux-fb...@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
---
drivers/video/fbdev/core/fbmem.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
index 34d6bb1bf82e..a6bb0e438216 100644
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1579,7 +1579,14 @@ static void do_remove_conflicting_framebuffers(struct
apertures_struct *a,
* If it's not a platform device, at least print a
warning. A
* fix would add code to remove the device from the
system.
*/
- if (dev_is_platform(device)) {
+ if (!device) {
+ /* TODO: Represent each OF framebuffer as its
own
+* device in the device hierarchy. For now, offb
+* doesn't have such a device, so unregister the
+* framebuffer as before without warning.
+*/
+ do_unregister_framebuffer(registered_fb[i]);
Reviewed-by: Daniel Vetter
Might be good to have a fb_info flag for offb and then check in
register_framebuffer that everyone else does have a device? Just to make
sure we don't have more surprises here ...
That exists already: all generic/firmware drivers are flagged with
FBINFO_MISC_FIRMWARE specifically for the purpose of unloading.
HW-native fbdev drivers don't have the flags and will never be unloaded.
I double-checked and of the generic drivers, (efifb, vesafb, offb,
simplefb, vga16) only offb had no device set.
Best regards
Thomas
-Daniel
+ } else if (dev_is_platform(device)) {
Re: [PATCH] fbdev: Fix unregistering of framebuffers without device
Hello Thomas,
On 4/4/22 21:44, Thomas Zimmermann wrote:
> OF framebuffers do not have an underlying device in the Linux
> device hierarchy. Do a regular unregister call instead of hot
> unplugging such a non-existing device. Fixes a NULL dereference.
> An example error message on ppc64le is shown below.
>
> BUG: Kernel NULL pointer dereference on read at 0x0060
> Faulting instruction address: 0xc080dfa4
> Oops: Kernel access of bad area, sig: 11 [#1]
> LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
> [...]
> CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
> NIP: c080dfa4 LR: c080df9c CTR: c0797430
> REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
> MSR: 82009033 CR: 28228282 XER:
> 2000
> CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
> GPR00: c080df9c c4133280 c169d200 0029
> GPR04: efff c4132f90 c4132f88
> GPR08: c15658f8 c15cd200 c14f57d0 48228283
> GPR12: c0003fffe300 2000
> GPR16: 000113fc4a40 0005 000113fcfb80
> GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
> GPR24: 0001 000a c00800db0168 c21f6ec0
> GPR28: c16d65a8 c4b36460 c16d64b0
> NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
> [c4133280] [c080df9c]
> do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
> [c4133350] [c080e4d0]
> remove_conflicting_framebuffers+0x60/0x150
> [c41333a0] [c080e6f4]
> remove_conflicting_pci_framebuffers+0x134/0x1b0
> [c4133450] [c00800e70438]
> drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
> [c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
> [...]
> [c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
> [c4133e10] [c000c3cc] system_call_common+0xec/0x250
>
> The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
> firmware fb devices on forced removal"). Most firmware framebuffers
> have an underlying platform device, which can be hot-unplugged
> before loading the native graphics driver. OF framebuffers do not
> (yet) have that device. Fix the code by unregistering the framebuffer
> as before without a hot unplug.
>
I believe the assumption that all firmware fb would have an underlying
device was a reasonable one and it's a pity that offb doesn't...
But that is how things are and your patch is the least intrusive fix.
Reviewed-by: Javier Martinez Canillas
--
Best regards,
Javier Martinez Canillas
Linux Engineering
Red Hat
Re: [PATCH] fbdev: Fix unregistering of framebuffers without device
On Mon, Apr 04, 2022 at 09:44:02PM +0200, Thomas Zimmermann wrote:
> OF framebuffers do not have an underlying device in the Linux
> device hierarchy. Do a regular unregister call instead of hot
> unplugging such a non-existing device. Fixes a NULL dereference.
> An example error message on ppc64le is shown below.
>
> BUG: Kernel NULL pointer dereference on read at 0x0060
> Faulting instruction address: 0xc080dfa4
> Oops: Kernel access of bad area, sig: 11 [#1]
> LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
> [...]
> CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
> NIP: c080dfa4 LR: c080df9c CTR: c0797430
> REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
> MSR: 82009033 CR: 28228282 XER:
> 2000
> CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
> GPR00: c080df9c c4133280 c169d200 0029
> GPR04: efff c4132f90 c4132f88
> GPR08: c15658f8 c15cd200 c14f57d0 48228283
> GPR12: c0003fffe300 2000
> GPR16: 000113fc4a40 0005 000113fcfb80
> GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
> GPR24: 0001 000a c00800db0168 c21f6ec0
> GPR28: c16d65a8 c4b36460 c16d64b0
> NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
> [c4133280] [c080df9c]
> do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
> [c4133350] [c080e4d0]
> remove_conflicting_framebuffers+0x60/0x150
> [c41333a0] [c080e6f4]
> remove_conflicting_pci_framebuffers+0x134/0x1b0
> [c4133450] [c00800e70438]
> drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
> [c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
> [...]
> [c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
> [c4133e10] [c000c3cc] system_call_common+0xec/0x250
>
> The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
> firmware fb devices on forced removal"). Most firmware framebuffers
> have an underlying platform device, which can be hot-unplugged
> before loading the native graphics driver. OF framebuffers do not
> (yet) have that device. Fix the code by unregistering the framebuffer
> as before without a hot unplug.
>
> Tested with 5.17 on qemu ppc64le emulation.
>
> Signed-off-by: Thomas Zimmermann
> Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced
> removal")
> Reported-by: Sudip Mukherjee
> Cc: Zack Rusin
> Cc: Javier Martinez Canillas
> Cc: Hans de Goede
> Cc: sta...@vger.kernel.org # v5.11+
> Cc: Helge Deller
> Cc: Daniel Vetter
> Cc: Sam Ravnborg
> Cc: Zheyu Ma
> Cc: Xiyu Yang
> Cc: Zhen Lei
> Cc: Matthew Wilcox
> Cc: Alex Deucher
> Cc: Tetsuo Handa
> Cc: Guenter Roeck
> Cc: linux-fb...@vger.kernel.org
> Cc: dri-devel@lists.freedesktop.org
> Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
> ---
> drivers/video/fbdev/core/fbmem.c | 9 -
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/video/fbdev/core/fbmem.c
> b/drivers/video/fbdev/core/fbmem.c
> index 34d6bb1bf82e..a6bb0e438216 100644
> --- a/drivers/video/fbdev/core/fbmem.c
> +++ b/drivers/video/fbdev/core/fbmem.c
> @@ -1579,7 +1579,14 @@ static void do_remove_conflicting_framebuffers(struct
> apertures_struct *a,
>* If it's not a platform device, at least print a
> warning. A
>* fix would add code to remove the device from the
> system.
>*/
> - if (dev_is_platform(device)) {
> + if (!device) {
> + /* TODO: Represent each OF framebuffer as its
> own
> + * device in the device hierarchy. For now, offb
> + * doesn't have such a device, so unregister the
> + * framebuffer as before without warning.
> + */
> + do_unregister_framebuffer(registered_fb[i]);
Reviewed-by: Daniel Vetter
Might be good to have a fb_info flag for offb and then check in
register_framebuffer that everyone else does have a device? Just to make
sure we don't have more surprises here ...
-Daniel
> + } else if (dev_is_platform(device)) {
> registered_fb[i]->forced_out = true;
>
> platform_device_unregister(to_platform_device(device));
> } else {
> --
> 2.35.1
>
--
Daniel Vetter
Software Engineer, Intel Corporation
[PATCH] fbdev: Fix unregistering of framebuffers without device
OF framebuffers do not have an underlying device in the Linux
device hierarchy. Do a regular unregister call instead of hot
unplugging such a non-existing device. Fixes a NULL dereference.
An example error message on ppc64le is shown below.
BUG: Kernel NULL pointer dereference on read at 0x0060
Faulting instruction address: 0xc080dfa4
Oops: Kernel access of bad area, sig: 11 [#1]
LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries
[...]
CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1
NIP: c080dfa4 LR: c080df9c CTR: c0797430
REGS: c4132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)
MSR: 82009033 CR: 28228282 XER: 2000
CFAR: c000c80c DAR: 0060 DSISR: 4000 IRQMASK: 0
GPR00: c080df9c c4133280 c169d200 0029
GPR04: efff c4132f90 c4132f88
GPR08: c15658f8 c15cd200 c14f57d0 48228283
GPR12: c0003fffe300 2000
GPR16: 000113fc4a40 0005 000113fcfb80
GPR20: 01000f7283b0 c0e4a588 c0e4a5b0
GPR24: 0001 000a c00800db0168 c21f6ec0
GPR28: c16d65a8 c4b36460 c16d64b0
NIP [c080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0
[c4133280] [c080df9c]
do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)
[c4133350] [c080e4d0]
remove_conflicting_framebuffers+0x60/0x150
[c41333a0] [c080e6f4]
remove_conflicting_pci_framebuffers+0x134/0x1b0
[c4133450] [c00800e70438]
drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]
[c4133490] [c00800da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]
[...]
[c4133db0] [c002aaa0] system_call_exception+0x170/0x2d0
[c4133e10] [c000c3cc] system_call_common+0xec/0x250
The bug [1] was introduced by commit 27599aacbaef ("fbdev: Hot-unplug
firmware fb devices on forced removal"). Most firmware framebuffers
have an underlying platform device, which can be hot-unplugged
before loading the native graphics driver. OF framebuffers do not
(yet) have that device. Fix the code by unregistering the framebuffer
as before without a hot unplug.
Tested with 5.17 on qemu ppc64le emulation.
Signed-off-by: Thomas Zimmermann
Fixes: 27599aacbaef ("fbdev: Hot-unplug firmware fb devices on forced removal")
Reported-by: Sudip Mukherjee
Cc: Zack Rusin
Cc: Javier Martinez Canillas
Cc: Hans de Goede
Cc: sta...@vger.kernel.org # v5.11+
Cc: Helge Deller
Cc: Daniel Vetter
Cc: Sam Ravnborg
Cc: Zheyu Ma
Cc: Xiyu Yang
Cc: Zhen Lei
Cc: Matthew Wilcox
Cc: Alex Deucher
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: linux-fb...@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Link: https://lore.kernel.org/all/YkHXO6LGHAN0p1pq@debian/ # [1]
---
drivers/video/fbdev/core/fbmem.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
index 34d6bb1bf82e..a6bb0e438216 100644
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1579,7 +1579,14 @@ static void do_remove_conflicting_framebuffers(struct
apertures_struct *a,
* If it's not a platform device, at least print a
warning. A
* fix would add code to remove the device from the
system.
*/
- if (dev_is_platform(device)) {
+ if (!device) {
+ /* TODO: Represent each OF framebuffer as its
own
+* device in the device hierarchy. For now, offb
+* doesn't have such a device, so unregister the
+* framebuffer as before without warning.
+*/
+ do_unregister_framebuffer(registered_fb[i]);
+ } else if (dev_is_platform(device)) {
registered_fb[i]->forced_out = true;
platform_device_unregister(to_platform_device(device));
} else {
--
2.35.1
