Am 07.09.23 um 15:53 schrieb Thomas Hellström:
While trying to replicate a weird drm_exec lock alloc tracking warning using the drm_exec kunit test, the warning was shadowed by a UAF warning from KASAN due to a bug in the drm kunit helpers. Patch 1 fixes that drm kunit UAF. Patch 2 introduces a drm_exec kunit subtest that fails if the conditions for the weird warning are met. The series previously also had a patch with a drm_exec workaround for the warning but that patch has already been commited to drm_misc_next_fixes.
Thinking more about this what happens when somebody calls drm_exec_unlock_obj() on the first locked object?
Christian.
v2: - Rewording of commit messages - Add some commit message tags v3: - Remove an already committed patch - Rework the test to not require dmesg inspection (Maxime Ripard) - Condition the test on CONFIG_LOCK_ALLOC - Update code comments and commit messages (Maxime Ripard) Cc: Maxime Ripard <mripard@xxxxxxxxxx> Cc: Christian König <christian.koenig@xxxxxxx> Thomas Hellström (2): drm/tests: helpers: Avoid a driver uaf drm/tests/drm_exec: Add a test for object freeing within drm_exec_fini() drivers/gpu/drm/tests/drm_exec_test.c | 82 +++++++++++++++++++++++++++ include/drm/drm_kunit_helpers.h | 4 +- 2 files changed, 85 insertions(+), 1 deletion(-)