drm: Implement state readout support

[PATCH 22/29] drm/tidss: crtc: Cleanup reset implementation

Posted by Maxime Ripard 1 month ago

The tidss_crtc_reset() function will (rightfully) destroy any
pre-existing state.

However, the tidss CRTC driver has its own CRTC state structure that
subclasses drm_crtc_state, and yet will destroy the previous state
by calling __drm_atomic_helper_crtc_destroy_state() and kfree() on its
drm_crtc_state pointer.

It works only because the drm_crtc_state is the first field in the
structure, and thus its offset is 0. It's incredibly fragile however, so
let's call our destroy implementation in such a case to deal with it
properly.

Signed-off-by: Maxime Ripard <mripard@kernel.org>
---
 drivers/gpu/drm/tidss/tidss_crtc.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/gpu/drm/tidss/tidss_crtc.c b/drivers/gpu/drm/tidss/tidss_crtc.c
index eb431a238b11d22349d61f0e17f05994f50d5f2f..8fcc6a2f94770ae825eeb2a3b09856a2bf2d6a1e 100644
--- a/drivers/gpu/drm/tidss/tidss_crtc.c
+++ b/drivers/gpu/drm/tidss/tidss_crtc.c
@@ -355,13 +355,11 @@ static void tidss_crtc_destroy_state(struct drm_crtc *crtc,
 static void tidss_crtc_reset(struct drm_crtc *crtc)
 {
 	struct tidss_crtc_state *tstate;
 
 	if (crtc->state)
-		__drm_atomic_helper_crtc_destroy_state(crtc->state);
-
-	kfree(crtc->state);
+		tidss_crtc_destroy_state(crtc, crtc->state);
 
 	tstate = kzalloc(sizeof(*tstate), GFP_KERNEL);
 	if (!tstate) {
 		crtc->state = NULL;
 		return;

-- 
2.50.1

Re: [PATCH 22/29] drm/tidss: crtc: Cleanup reset implementation

Posted by Thomas Zimmermann 1 month ago


Am 02.09.25 um 10:32 schrieb Maxime Ripard:
> The tidss_crtc_reset() function will (rightfully) destroy any
> pre-existing state.
>
> However, the tidss CRTC driver has its own CRTC state structure that
> subclasses drm_crtc_state, and yet will destroy the previous state
> by calling __drm_atomic_helper_crtc_destroy_state() and kfree() on its
> drm_crtc_state pointer.
>
> It works only because the drm_crtc_state is the first field in the
> structure, and thus its offset is 0. It's incredibly fragile however, so
> let's call our destroy implementation in such a case to deal with it
> properly.
>
> Signed-off-by: Maxime Ripard <mripard@kernel.org>

Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>

> ---
>   drivers/gpu/drm/tidss/tidss_crtc.c | 4 +---
>   1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/drivers/gpu/drm/tidss/tidss_crtc.c b/drivers/gpu/drm/tidss/tidss_crtc.c
> index eb431a238b11d22349d61f0e17f05994f50d5f2f..8fcc6a2f94770ae825eeb2a3b09856a2bf2d6a1e 100644
> --- a/drivers/gpu/drm/tidss/tidss_crtc.c
> +++ b/drivers/gpu/drm/tidss/tidss_crtc.c
> @@ -355,13 +355,11 @@ static void tidss_crtc_destroy_state(struct drm_crtc *crtc,
>   static void tidss_crtc_reset(struct drm_crtc *crtc)
>   {
>   	struct tidss_crtc_state *tstate;
>   
>   	if (crtc->state)
> -		__drm_atomic_helper_crtc_destroy_state(crtc->state);
> -
> -	kfree(crtc->state);
> +		tidss_crtc_destroy_state(crtc, crtc->state);
>   
>   	tstate = kzalloc(sizeof(*tstate), GFP_KERNEL);
>   	if (!tstate) {
>   		crtc->state = NULL;
>   		return;
>

-- 
--
Thomas Zimmermann
Graphics Driver Developer
SUSE Software Solutions Germany GmbH
Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
HRB 36809 (AG Nuernberg)

Re: (subset) [PATCH 22/29] drm/tidss: crtc: Cleanup reset implementation

Posted by Maxime Ripard 3 days, 1 hour ago

On Tue, 02 Sep 2025 10:32:50 +0200, Maxime Ripard wrote:
> The tidss_crtc_reset() function will (rightfully) destroy any
> pre-existing state.
> 
> However, the tidss CRTC driver has its own CRTC state structure that
> subclasses drm_crtc_state, and yet will destroy the previous state
> by calling __drm_atomic_helper_crtc_destroy_state() and kfree() on its
> drm_crtc_state pointer.
> 
> [...]

Applied to misc/kernel.git (drm-misc-next).

Thanks!
Maxime