On Fri, Jul 20, 2018 at 01:27:43PM +0200, Thomas Zimmermann wrote: > In the Cirrus driver, the regular clean-up code also performs the clean-up > of a failed initialization. If the fbdev's framebuffer was not initialized, > the clean-up will fail within drm_framebuffer_unregister_private. Booting > with cirrus.bpp=16 triggers this bug. > > The framebuffer is currently stored directly within struct cirrus_fbdev. To > fix the bug, we turn it into a pointer that is only set for initialized > framebuffers. The fbdev's clean-up code skips uninitialized framebuffers. > > The memory for struct drm_framebuffer is allocated dynamically. This requires > additional error handling within cirrusfb_create. The framebuffer clean-up is > now performed by drm_framebuffer_put, which also frees the data strcuture's > memory. pushed to drm-misc-next (also the other ones, except the failing ttm_put patches). thanks, Gerd _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/dri-devel