AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-01-23 20:09:44 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
30523408c0
linux_dsm_epyc7002/drivers/gpu/drm
History
Chris Wilson 30523408c0 drm/i915: Avoid dereferencing a dead context 
Once the intel_context is closed, the GEM context may be freed and so
the link from intel_context.gem_context is invalid.

<3>[  219.782944] BUG: KASAN: use-after-free in intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<3>[  219.782996] Read of size 8 at addr ffff8881d7dff0b8 by task kworker/0:1/12

<4>[  219.783052] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G     U            5.7.0-rc2-g1f3ffd7683d54-kasan_118+ #1
<4>[  219.783055] Hardware name: System manufacturer System Product Name/Z170 PRO GAMING, BIOS 3402 04/26/2017
<4>[  219.783105] Workqueue: events heartbeat [i915]
<4>[  219.783109] Call Trace:
<4>[  219.783113]  <IRQ>
<4>[  219.783119]  dump_stack+0x96/0xdb
<4>[  219.783177]  ? intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<4>[  219.783182]  print_address_description.constprop.6+0x16/0x310
<4>[  219.783239]  ? intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<4>[  219.783295]  ? intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<4>[  219.783300]  __kasan_report+0x137/0x190
<4>[  219.783359]  ? intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<4>[  219.783366]  kasan_report+0x32/0x50
<4>[  219.783426]  intel_engine_coredump_alloc+0x1bc3/0x2250 [i915]
<4>[  219.783481]  execlists_reset+0x39c/0x13d0 [i915]
<4>[  219.783494]  ? mark_held_locks+0x9e/0xe0
<4>[  219.783546]  ? execlists_hold+0xfc0/0xfc0 [i915]
<4>[  219.783551]  ? lockdep_hardirqs_on+0x348/0x5f0
<4>[  219.783557]  ? _raw_spin_unlock_irqrestore+0x34/0x60
<4>[  219.783606]  ? execlists_submission_tasklet+0x118/0x3a0 [i915]
<4>[  219.783615]  tasklet_action_common.isra.14+0x13b/0x410
<4>[  219.783623]  ? __do_softirq+0x1e4/0x9a7
<4>[  219.783630]  __do_softirq+0x226/0x9a7
<4>[  219.783643]  do_softirq_own_stack+0x2a/0x40
<4>[  219.783647]  </IRQ>
<4>[  219.783692]  ? heartbeat+0x3e2/0x10f0 [i915]
<4>[  219.783696]  do_softirq.part.13+0x49/0x50
<4>[  219.783700]  __local_bh_enable_ip+0x1a2/0x1e0
<4>[  219.783748]  heartbeat+0x409/0x10f0 [i915]
<4>[  219.783801]  ? __live_idle_pulse+0x9f0/0x9f0 [i915]
<4>[  219.783806]  ? lock_acquire+0x1ac/0x8a0
<4>[  219.783811]  ? process_one_work+0x811/0x1870
<4>[  219.783827]  ? rcu_read_lock_sched_held+0x9c/0xd0
<4>[  219.783832]  ? rcu_read_lock_bh_held+0xb0/0xb0
<4>[  219.783836]  ? _raw_spin_unlock_irq+0x1f/0x40
<4>[  219.783845]  process_one_work+0x8ca/0x1870
<4>[  219.783848]  ? lock_acquire+0x1ac/0x8a0
<4>[  219.783852]  ? worker_thread+0x1d0/0xb80
<4>[  219.783864]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
<4>[  219.783870]  ? do_raw_spin_lock+0x129/0x290
<4>[  219.783886]  worker_thread+0x82/0xb80
<4>[  219.783895]  ? __kthread_parkme+0xaf/0x1b0
<4>[  219.783902]  ? process_one_work+0x1870/0x1870
<4>[  219.783906]  kthread+0x34e/0x420
<4>[  219.783911]  ? kthread_create_on_node+0xc0/0xc0
<4>[  219.783918]  ret_from_fork+0x3a/0x50

<3>[  219.783950] Allocated by task 1264:
<4>[  219.783975]  save_stack+0x19/0x40
<4>[  219.783978]  __kasan_kmalloc.constprop.3+0xa0/0xd0
<4>[  219.784029]  i915_gem_create_context+0xa2/0xab8 [i915]
<4>[  219.784081]  i915_gem_context_create_ioctl+0x1fa/0x450 [i915]
<4>[  219.784085]  drm_ioctl_kernel+0x1d8/0x270
<4>[  219.784088]  drm_ioctl+0x676/0x930
<4>[  219.784092]  ksys_ioctl+0xb7/0xe0
<4>[  219.784096]  __x64_sys_ioctl+0x6a/0xb0
<4>[  219.784100]  do_syscall_64+0x94/0x530
<4>[  219.784103]  entry_SYSCALL_64_after_hwframe+0x49/0xb3

<3>[  219.784120] Freed by task 12:
<4>[  219.784141]  save_stack+0x19/0x40
<4>[  219.784145]  __kasan_slab_free+0x130/0x180
<4>[  219.784148]  kmem_cache_free_bulk+0x1bd/0x500
<4>[  219.784152]  kfree_rcu_work+0x1d8/0x890
<4>[  219.784155]  process_one_work+0x8ca/0x1870
<4>[  219.784158]  worker_thread+0x82/0xb80
<4>[  219.784162]  kthread+0x34e/0x420
<4>[  219.784165]  ret_from_fork+0x3a/0x50

Fixes: 2e46a2a0b0 ("drm/i915: Use explicit flag to mark unreachable intel_context")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Acked-by: Akeem G Abodunrin <akeem.g.abodunrin@intel.com>
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20200428090255.10035-1-chris@chris-wilson.co.uk
(cherry picked from commit 24aac336ff)
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
2020-05-04 10:35:47 -07:00
..
amd drm fixes for 5.7-rc1 (part two) 2020-04-10 12:38:28 -07:00
arc drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
arm drm/komeda: mark PM functions as __maybe_unused 2020-03-06 11:25:58 +08:00
armada drm: Remove drm_fb_helper add, add all and remove connector calls 2020-03-06 14:19:58 +01:00
aspeed
ast drm/ast: Use simple encoder 2020-03-02 09:22:43 +01:00
atmel-hlcdc drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
bochs Linux 5.6 2020-03-31 15:15:47 +10:00
bridge drm/bridge: analogix_dp: Split bind() into probe() and real bind() 2020-04-09 10:29:35 +02:00
cirrus drm/cirrus: add drm_driver.release callback. 2020-02-12 10:24:08 +01:00
etnaviv drm/etnaviv: fix TS cache flushing on GPUs with BLT engine 2020-03-20 18:40:44 +01:00
exynos drm/bridge: analogix_dp: Split bind() into probe() and real bind() 2020-04-09 10:29:35 +02:00
fsl-dcu drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
gma500 drm: Remove drm_fb_helper add, add all and remove connector calls 2020-03-06 14:19:58 +01:00
hisilicon Linux 5.6-rc5 2020-03-11 07:27:21 +10:00
i2c drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
i810 drm/i810: Don't include <drm/drm_pci.h> 2019-12-05 08:44:12 +01:00
i915 drm/i915: Avoid dereferencing a dead context 2020-05-04 10:35:47 -07:00
imx drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
ingenic drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
lib
lima drm-misc-next for 5.7: 2020-02-21 05:44:40 +10:00
mcde drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
mediatek sound updates for 5.7-rc1 2020-04-02 15:50:04 -07:00
meson drm/meson: Add YUV420 output support 2020-03-10 10:51:24 +01:00
mga drm/mga: Don't include <drm/drm_pci.h> 2019-12-05 08:44:16 +01:00
mgag200 drm/mgag200: Use simple encoder 2020-03-02 09:22:49 +01:00
msm IOMMU Updates for Linux v5.7 2020-04-08 11:00:00 -07:00
mxsfb drm/panel: decouple connector from drm_panel 2019-12-09 22:57:26 +01:00
nouveau drm fixes for 5.7-rc1 2020-04-07 20:24:34 -07:00
omapdrm ARM: driver updates 2020-04-03 15:05:35 -07:00
panel drm/panel-simple: drop use of data-mapping property 2020-03-25 21:59:22 +01:00
panfrost drm-misc-next for 5.7: 2020-03-12 12:42:56 +10:00
pl111 drm/pl111: Support Integrator IM-PD1 module 2020-02-16 14:31:30 +01:00
qxl drm/qxl: Use simple encoder 2020-03-02 09:22:56 +01:00
r128 drm/r128: Don't include <drm/drm_pci.h> 2019-12-05 08:44:23 +01:00
radeon pci-v5.7-changes 2020-04-03 14:25:02 -07:00
rcar-du drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
rockchip drm/bridge: analogix_dp: Split bind() into probe() and real bind() 2020-04-09 10:29:35 +02:00
savage drm/savage: Don't include <drm/drm_pci.h> 2019-12-05 08:44:34 +01:00
scheduler drm/scheduler: fix rare NULL ptr race 2020-03-26 10:22:36 -04:00
selftests drm/modes: Make sure to parse valid rotation value from cmdline 2020-02-12 18:32:54 +01:00
shmobile
sis drm/sis: Don't include <drm/drm_pci.h> 2019-12-05 08:44:55 +01:00
sti drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
stm drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
sun4i Linux 5.6-rc5 2020-03-11 07:27:21 +10:00
tdfx drm/tdfx: Don't include <drm/drm_pci.h> 2019-12-05 08:45:01 +01:00
tegra drm/tegra: Changes for v5.7-rc1 2020-03-19 10:11:09 +10:00
tidss drm/tidss: Drop pointless static qualifier in dispc_find_csc() 2020-02-28 14:48:58 +02:00
tilcdc drm/bridge: Extend bridge API to disable connector creation 2020-02-26 13:31:23 +02:00
tiny drm/tiny: fix sparse warning: incorrect type in assignment (different base types) 2020-03-14 08:31:30 +01:00
ttm drm fixes for 5.7-rc1 (part two) 2020-04-10 12:38:28 -07:00
tve200 drm: get drm_bridge_panel connector via helper 2019-12-09 22:57:26 +01:00
udl drm/udl: Clear struct drm_connector_funcs.dpms 2020-02-10 09:24:09 +01:00
v3d drm/v3d: Replace wait_for macros to remove use of msleep 2020-03-04 22:15:34 -08:00
vboxvideo drm/vboxvideo: Add missing remove_conflicting_pci_framebuffers call, v2 2020-03-26 17:03:03 +01:00
vc4 drm/vc4: Fix HDMI mode validation 2020-03-27 13:38:47 +01:00
vgem drm/vgem: Close use-after-free race in vgem_gem_create 2020-02-06 19:04:41 +01:00
via Merge branch 'akpm' (patches from Andrew) 2020-01-31 12:16:36 -08:00
virtio drm/virtio: fix OOB in virtio_gpu_object_create 2020-04-06 15:10:37 +02:00
vkms drm/vkms: Convert to CRTC VBLANK callbacks 2020-02-13 13:10:10 +01:00
vmwgfx Merge branch 'ttm-transhuge' of git://people.freedesktop.org/~thomash/linux into drm-next 2020-04-03 09:07:49 +10:00
xen drm/xen: fix passing zero to 'PTR_ERR' warning 2020-03-31 17:14:51 +02:00
zte drm/zte: plane_state->fb iff plane_state->crtc 2020-01-28 15:43:58 +01:00
drm_agpsupport.c drm: use DIV_ROUND_UP helper macro for calculations 2019-11-04 18:17:36 +01:00
drm_atomic_helper.c drm/bridge: Add the necessary bits to support bus format negotiation 2020-01-31 16:39:53 +01:00
drm_atomic_state_helper.c drm/atomic-helper: fix kerneldoc 2020-02-15 13:21:22 +01:00
drm_atomic_uapi.c drm/atomic: Spell CRTC consistently 2019-12-22 11:13:00 +01:00
drm_atomic.c drm/bridge: Fix the bridge kernel doc 2020-02-18 16:50:45 +01:00
drm_auth.c drm/auth: Drop master_create/destroy hooks 2020-01-29 09:14:11 +01:00
drm_blend.c
drm_bridge_connector.c drm: Add helper to create a connector for a chain of bridges 2020-02-26 13:31:41 +02:00
drm_bridge.c drm: Add helper to create a connector for a chain of bridges 2020-02-26 13:31:41 +02:00
drm_bufs.c drm: bufs: Clean up documentation 2020-03-16 09:26:18 +01:00
drm_cache.c drm/gpu: Fix Memory barrier without comment Issue 2019-10-25 09:35:06 +02:00
drm_client_modeset.c Linux 5.6-rc5 2020-03-11 07:27:21 +10:00
drm_client.c drm/client: Dual licence the file in GPL-2 and MIT 2020-02-29 00:16:12 +01:00
drm_color_mgmt.c drm: Inline drm_color_lut_extract() 2019-11-29 21:29:17 +02:00
drm_connector.c drm/connector: Add helper to get a connector type name 2020-02-26 13:31:18 +02:00
drm_context.c drm: context: Clean up documentation 2020-03-16 09:23:55 +01:00
drm_crtc_helper_internal.h
drm_crtc_helper.c drm: drop unused drm_crtc callback 2020-02-15 21:15:17 +01:00
drm_crtc_internal.h drm: Add getfb2 ioctl 2020-01-14 16:22:17 -05:00
drm_crtc.c
drm_damage_helper.c
drm_debugfs_crc.c drm/crc: Actually allow to change the crc source 2020-01-28 16:49:22 +01:00
drm_debugfs.c drm/debugfs: also take per device driver features into account 2020-01-25 15:49:11 +02:00
drm_dma.c drm: fix parameters documentation style in drm_dma 2020-01-18 10:33:12 +01:00
drm_dp_aux_dev.c drm/dp_mst: Add MST support to DP DPCD R/W functions 2020-01-09 18:07:46 -05:00
drm_dp_cec.c
drm_dp_dual_mode_helper.c
drm_dp_helper.c UAPI Changes: 2020-03-19 10:40:27 +10:00
drm_dp_mst_topology_internal.h
drm_dp_mst_topology.c Linux 5.6 2020-03-31 15:15:47 +10:00
drm_drv.c drm: Nerf drm_global_mutex BKL for good drivers 2020-02-11 15:03:09 +01:00
drm_dsc.c
drm_dumb_buffers.c
drm_edid_load.c
drm_edid.c drm/edid: Distribute switch variables for initialization 2020-03-16 10:54:08 +01:00
drm_encoder_slave.c
drm_encoder.c drm/bridge: Make the bridge chain a double-linked list 2019-12-09 10:03:01 +01:00
drm_fb_cma_helper.c drm/fb-cma-helpers: Fix include issue 2020-01-09 17:33:41 +01:00
drm_fb_helper.c drm: Remove unused arg from drm_fb_helper_init 2020-03-06 14:19:57 +01:00
drm_file.c drm/vmwgfx: Hook up the helpers to align buffer objects 2020-03-24 18:50:35 +01:00
drm_flip_work.c
drm_format_helper.c drm/format_helper: Dual licence the file in GPL 2 and MIT 2020-02-17 10:27:13 +01:00
drm_fourcc.c drm/fourcc: Fill out all block sizes for P210 2019-11-28 11:19:32 +01:00
drm_framebuffer.c drm: Add getfb2 ioctl 2020-01-14 16:22:17 -05:00
drm_gem_cma_helper.c
drm_gem_framebuffer_helper.c drm/gem-fb-helper: convert to drm device based logging 2019-12-19 15:55:10 +02:00
drm_gem_shmem_helper.c drm/shmem: drop pgprot_decrypted() 2020-03-02 07:13:19 +01:00
drm_gem_ttm_helper.c drm/ttm: fix mmap refcounting 2019-11-15 08:00:08 +01:00
drm_gem_vram_helper.c drm/vram: Add helpers to validate a display mode's memory requirements 2020-02-06 10:32:54 +01:00
drm_gem.c drm: Mark up racy check of drm_gem_object.handle_count 2020-03-16 10:31:35 +00:00
drm_hashtab.c
drm_hdcp.c drm/hdcp: optimizing the srm handling 2020-03-04 06:33:00 +05:30
drm_internal.h drm/hdcp: optimizing the srm handling 2020-03-04 06:33:00 +05:30
drm_ioc32.c
drm_ioctl.c drm: Add getfb2 ioctl 2020-01-14 16:22:17 -05:00
drm_irq.c drm/irq: remove check on dev->dev_private 2020-02-11 18:39:47 +02:00
drm_kms_helper_common.c
drm_lease.c drm/lease: fix WARNING in idr_destroy 2020-03-18 14:42:18 +01:00
drm_legacy_misc.c
drm_legacy.h
drm_lock.c drm: lock: Clean up documentation 2020-03-16 09:27:09 +01:00
drm_memory.c
drm_mipi_dbi.c drm/mipi-dbi: Remove sending of vblank event 2020-01-30 09:00:45 +01:00
drm_mipi_dsi.c drm/dsi: add helpers for DSI compression mode and PPS packets 2019-11-07 15:00:16 +02:00
drm_mm.c drm/mm: revert "Break long searches in fragmented address spaces" 2020-03-31 17:35:56 +02:00
drm_mode_config.c drm/modeset: Prime modeset lock vs dma_resv 2019-11-21 11:03:31 +01:00
drm_mode_object.c drm/property: Enforce more lifetime rules 2019-11-04 18:17:36 +01:00
drm_modes.c drm/modes: Make sure to parse valid rotation value from cmdline 2020-02-12 18:32:54 +01:00
drm_modeset_helper.c
drm_modeset_lock.c
drm_of.c drm: of: Add drm_of_lvds_get_dual_link_pixel_order 2019-12-18 02:40:16 +02:00
drm_panel_orientation_quirks.c
drm_panel.c drm/drm_panel: Fix EXPORT of drm_panel_of_backlight() one more time 2019-12-17 20:39:33 +01:00
drm_pci.c drm: Make drm_pci_agp_init legacy 2020-03-09 09:22:50 +00:00
drm_plane_helper.c
drm_plane.c
drm_prime.c drm/prime: fix extracting of the DMA addresses from a scatterlist 2020-04-05 10:44:12 -04:00
drm_print.c drm/print: convert debug category macros into an enum 2019-11-14 14:08:57 +02:00
drm_probe_helper.c drm: Stop accessing encoder->bridge directly 2019-12-09 10:02:45 +01:00
drm_property.c drm: limit to INT_MAX in create_blob ioctl 2019-12-04 19:44:13 -08:00
drm_rect.c drm/rect: update kerneldoc for drm_rect_clip_scaled() 2019-11-28 13:15:43 +01:00
drm_scatter.c drm: prevent a harmless integer overflow in drm_legacy_sg_alloc() 2020-02-29 00:16:12 +01:00
drm_scdc_helper.c
drm_self_refresh_helper.c drm/atomic: fix self-refresh helpers crtc state dereference 2019-11-06 13:00:21 -05:00
drm_simple_kms_helper.c drm/simple-kms: Fix documentation for drm_simple_encoder_init() 2020-03-06 09:24:29 +01:00
drm_syncobj.c drm/syncobj: Add documentation for timeline syncobj 2020-01-20 14:22:21 +01:00
drm_sysfs.c drm: sysfs: Use scnprintf() for avoiding potential buffer overflow 2020-03-11 14:54:09 +01:00
drm_trace_points.c
drm_trace.h
drm_vblank.c drm/vblank: Fix documentation of VBLANK timestamp helper 2020-03-06 09:24:54 +01:00
drm_vm.c drm: vm: Clean up documentation 2020-03-16 09:25:22 +01:00
drm_vma_manager.c
drm_vram_helper_common.c
drm_writeback.c
Kconfig drm: unbreak the DRM menu, broken by DRM_EXPORT_FOR_TESTS 2020-03-06 11:15:43 +00:00
Makefile drm: Add helper to create a connector for a chain of bridges 2020-02-26 13:31:41 +02:00