Thanks, you did it right. I will try to think more how this happened, Harry, Leo, if you have banwidth to try and reproduce it it would help, from Kasan prints it seems the way to make it more probable to happen is to move the mouse repeatedly during flipping like video playback, also maybe trying async flip mode makes it more probable.
Thanks,
Andrey
________________________________________
From: Johannes Hirte <johannes.hirte@xxxxxxxxxxxxx>
Sent: 14 January 2018 15:34:16
To: Grodzovsky, Andrey
Cc: LuÃs Mendes; Deucher, Alexander; Li, Sun peng (Leo); Wentland, Harry; Koenig, Christian; amd-gfx at lists.freedesktop.org
Subject: Re: BUG: KASAN: use-after-free in amdgpu_job_free_cb
On 2018 Jan 14, Grodzovsky, Andrey wrote:
> To be sure it was inserted at the correct place please send me output of git diff on your modified branch.
>
> Thanks,
> Andrey
>
diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
index bb5fa895fb64..bc2050a5a5c6 100644
--- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
+++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
@@ -4802,7 +4802,7 @@ static int amdgpu_dm_atomic_check(struct drm_device *dev,
* synchronization events.
*/
- if (lock_and_validation_needed) {
+ if (lock_and_validation_needed || state->legacy_cursor_update == true) {
ret = do_aquire_global_lock(dev, state);
if (ret)
If this matters, I've applied the patch on top of 4.15-rc7 with your
"Fix: Save job's priority on it's creation instead of accessing it from s_entity later on."
patch. This one is still not upstream, but without I see the other
use-after-free
--
Regards,
Johannes
