drivers/gpu/drm/panthor/panthor_fw.c | 4 ---- 1 file changed, 4 deletions(-)
This patch removes the MCU halt and wait for halt procedures during
panthor_fw_unplug() as the MCU can be in a variety of states or the FW
may not even be loaded/initialized at all, the latter of which can lead
to a NULL pointer dereference.
It should be safe on unplug to just disable the MCU without waiting for
it to halt as it may not be able to.
Fixes: 514072549865 ("drm/panthor: Support GLB_REQ.STATE field for Mali-G1 GPUs")
Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
Signed-off-by: Karunika Choo <karunika.choo@arm.com>
---
drivers/gpu/drm/panthor/panthor_fw.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c
index 4beaa589ba66..a64ec8756bed 100644
--- a/drivers/gpu/drm/panthor/panthor_fw.c
+++ b/drivers/gpu/drm/panthor/panthor_fw.c
@@ -1261,10 +1261,6 @@ void panthor_fw_unplug(struct panthor_device *ptdev)
if (ptdev->fw->irq.irq)
panthor_job_irq_suspend(&ptdev->fw->irq);
- panthor_fw_halt_mcu(ptdev);
- if (!panthor_fw_wait_mcu_halted(ptdev))
- drm_warn(&ptdev->base, "Failed to halt MCU on unplug");
-
panthor_fw_stop(ptdev);
}
--
2.49.0> This patch removes the … See also once more: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.19-rc1#n94 Regards, Markus
On Mon, Dec 15, 2025 at 08:33:12PM +0000, Karunika Choo wrote:
> This patch removes the MCU halt and wait for halt procedures during
> panthor_fw_unplug() as the MCU can be in a variety of states or the FW
> may not even be loaded/initialized at all, the latter of which can lead
> to a NULL pointer dereference.
>
> It should be safe on unplug to just disable the MCU without waiting for
> it to halt as it may not be able to.
>
> Fixes: 514072549865 ("drm/panthor: Support GLB_REQ.STATE field for Mali-G1 GPUs")
> Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
> Signed-off-by: Karunika Choo <karunika.choo@arm.com>
Reviewed-by: Liviu Dudau <liviu@dudau.co.uk>
Best regards,
Liviu
> ---
> drivers/gpu/drm/panthor/panthor_fw.c | 4 ----
> 1 file changed, 4 deletions(-)
>
> diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c
> index 4beaa589ba66..a64ec8756bed 100644
> --- a/drivers/gpu/drm/panthor/panthor_fw.c
> +++ b/drivers/gpu/drm/panthor/panthor_fw.c
> @@ -1261,10 +1261,6 @@ void panthor_fw_unplug(struct panthor_device *ptdev)
> if (ptdev->fw->irq.irq)
> panthor_job_irq_suspend(&ptdev->fw->irq);
>
> - panthor_fw_halt_mcu(ptdev);
> - if (!panthor_fw_wait_mcu_halted(ptdev))
> - drm_warn(&ptdev->base, "Failed to halt MCU on unplug");
> -
> panthor_fw_stop(ptdev);
> }
>
> --
> 2.49.0
>
Hello,
At 2025-12-16 20:51:53, "Liviu Dudau" <liviu.dudau@arm.com> wrote:
>On Mon, Dec 15, 2025 at 08:33:12PM +0000, Karunika Choo wrote:
>> This patch removes the MCU halt and wait for halt procedures during
>> panthor_fw_unplug() as the MCU can be in a variety of states or the FW
>> may not even be loaded/initialized at all, the latter of which can lead
>> to a NULL pointer dereference.
>>
>> It should be safe on unplug to just disable the MCU without waiting for
>> it to halt as it may not be able to.
>>
>> Fixes: 514072549865 ("drm/panthor: Support GLB_REQ.STATE field for Mali-G1 GPUs")
>> Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
>> Signed-off-by: Karunika Choo <karunika.choo@arm.com>
>
>Reviewed-by: Liviu Dudau <liviu@dudau.co.uk>
Tested-by: Andy Yan <andyshrk@163.com>
Hope can be merged in 6.19 release cycle.
>
>Best regards,
>Liviu
>
>> ---
>> drivers/gpu/drm/panthor/panthor_fw.c | 4 ----
>> 1 file changed, 4 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c
>> index 4beaa589ba66..a64ec8756bed 100644
>> --- a/drivers/gpu/drm/panthor/panthor_fw.c
>> +++ b/drivers/gpu/drm/panthor/panthor_fw.c
>> @@ -1261,10 +1261,6 @@ void panthor_fw_unplug(struct panthor_device *ptdev)
>> if (ptdev->fw->irq.irq)
>> panthor_job_irq_suspend(&ptdev->fw->irq);
>>
>> - panthor_fw_halt_mcu(ptdev);
>> - if (!panthor_fw_wait_mcu_halted(ptdev))
>> - drm_warn(&ptdev->base, "Failed to halt MCU on unplug");
>> -
>> panthor_fw_stop(ptdev);
>> }
>>
>> --
>> 2.49.0
>>
On 19/01/2026 06:33, Andy Yan wrote:
>
> Hello,
>
> At 2025-12-16 20:51:53, "Liviu Dudau" <liviu.dudau@arm.com> wrote:
>> On Mon, Dec 15, 2025 at 08:33:12PM +0000, Karunika Choo wrote:
>>> This patch removes the MCU halt and wait for halt procedures during
>>> panthor_fw_unplug() as the MCU can be in a variety of states or the FW
>>> may not even be loaded/initialized at all, the latter of which can lead
>>> to a NULL pointer dereference.
>>>
>>> It should be safe on unplug to just disable the MCU without waiting for
>>> it to halt as it may not be able to.
>>>
>>> Fixes: 514072549865 ("drm/panthor: Support GLB_REQ.STATE field for Mali-G1 GPUs")
>>> Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
>>> Signed-off-by: Karunika Choo <karunika.choo@arm.com>
>>
>> Reviewed-by: Liviu Dudau <liviu@dudau.co.uk>
>
> Tested-by: Andy Yan <andyshrk@163.com>
>
> Hope can be merged in 6.19 release cycle.
Boris has already merged this:
commit 920c6af98e98e6afedf6318a75bac95af8415c6c
Author: Karunika Choo <karunika.choo@arm.com>
Date: Mon Dec 15 20:33:12 2025 +0000
drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug
However it's in the drm-misc-next branch which means it won't be pulled
until the merge window. Ideally it would have gone in via
drm-misc-fixes, but given this (AFAIK) only triggers in the combination
of loading the panthor driver *and* not having the correct firmware I
didn't think it was worth worrying about - and so haven't asked the DRM
maintainers to cherry pick it. The fix should get backported into a
6.19.x stable release.
If I've missed something then let me (and the DRM maintainers) know and
the commit can be cherry-picked.
Thanks,
Steve
>
>>
>> Best regards,
>> Liviu
>>
>>> ---
>>> drivers/gpu/drm/panthor/panthor_fw.c | 4 ----
>>> 1 file changed, 4 deletions(-)
>>>
>>> diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c
>>> index 4beaa589ba66..a64ec8756bed 100644
>>> --- a/drivers/gpu/drm/panthor/panthor_fw.c
>>> +++ b/drivers/gpu/drm/panthor/panthor_fw.c
>>> @@ -1261,10 +1261,6 @@ void panthor_fw_unplug(struct panthor_device *ptdev)
>>> if (ptdev->fw->irq.irq)
>>> panthor_job_irq_suspend(&ptdev->fw->irq);
>>>
>>> - panthor_fw_halt_mcu(ptdev);
>>> - if (!panthor_fw_wait_mcu_halted(ptdev))
>>> - drm_warn(&ptdev->base, "Failed to halt MCU on unplug");
>>> -
>>> panthor_fw_stop(ptdev);
>>> }
>>>
>>> --
>>> 2.49.0
>>>
On Mon, 15 Dec 2025 20:33:12 +0000
Karunika Choo <karunika.choo@arm.com> wrote:
> This patch removes the MCU halt and wait for halt procedures during
> panthor_fw_unplug() as the MCU can be in a variety of states or the FW
> may not even be loaded/initialized at all, the latter of which can lead
> to a NULL pointer dereference.
>
> It should be safe on unplug to just disable the MCU without waiting for
> it to halt as it may not be able to.
>
> Fixes: 514072549865 ("drm/panthor: Support GLB_REQ.STATE field for Mali-G1 GPUs")
> Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
> Signed-off-by: Karunika Choo <karunika.choo@arm.com>
Reviewed-by: Boris Brezillon <boris.brezillon@collabora.com>
> ---
> drivers/gpu/drm/panthor/panthor_fw.c | 4 ----
> 1 file changed, 4 deletions(-)
>
> diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c
> index 4beaa589ba66..a64ec8756bed 100644
> --- a/drivers/gpu/drm/panthor/panthor_fw.c
> +++ b/drivers/gpu/drm/panthor/panthor_fw.c
> @@ -1261,10 +1261,6 @@ void panthor_fw_unplug(struct panthor_device *ptdev)
> if (ptdev->fw->irq.irq)
> panthor_job_irq_suspend(&ptdev->fw->irq);
>
> - panthor_fw_halt_mcu(ptdev);
> - if (!panthor_fw_wait_mcu_halted(ptdev))
> - drm_warn(&ptdev->base, "Failed to halt MCU on unplug");
> -
> panthor_fw_stop(ptdev);
> }
>
© 2016 - 2026 Red Hat, Inc.