On Mon, Jun 20, 2016 at 12:42:55PM +0100, Chris Wilson wrote: > On Fri, Jun 17, 2016 at 09:33:27AM +0200, Daniel Vetter wrote: > > With the previous patch this is now redudant, the core always > > sets a reasonable dev->unique string. > > > > Cc: Sean Paul <seanpaul@xxxxxxxxxxxx> > > Signed-off-by: Daniel Vetter <daniel.vetter@xxxxxxxxx> > > Will this fix: Oh the hilarity. No, this will unfortunately not fix this. And the bug has been there since forever, since if you use the drmOpenByName (which doesn't call SET_VERSION which hence might result with master->unique still NULL). I think the right fix for this would be to insert another else if (dev->unique) case in drm_name_info. I'll try to type that one. -Daniel > > [ 4442.886507] ================================================================== > [ 4442.886854] BUG: KASAN: null-ptr-deref on address 0000000000000050 > [ 4442.887116] Read of size 8 by task cat/1376 > [ 4442.887369] CPU: 1 PID: 1376 Comm: cat Not tainted 4.7.0-rc4+ #356 > [ 4442.887692] Hardware name: /NUC5CPYB, BIOS PYBSWCEL.86A.0027.2015.0507.1758 05/07/2015 > [ 4442.888169] 0000000000000000 ffff88022f057a50 ffffffff8145ebab ffff88022f057ae0 > [ 4442.889531] ffff880234672900 ffff88022f057ad0 ffffffff812509f8 ffff880234672900 > [ 4442.890551] ffffffff8124c214 0000000000000292 ffff88022f057ab0 ffffffff81114554 > [ 4442.891561] Call Trace: > [ 4442.891832] [<ffffffff8145ebab>] dump_stack+0x68/0x9d > [ 4442.892119] [<ffffffff812509f8>] kasan_report_error+0x438/0x530 > [ 4442.892416] [<ffffffff8124c214>] ? __slab_alloc.constprop.66+0x44/0x70 > [ 4442.892710] [<ffffffff81114554>] ? __lock_is_held+0x84/0xc0 > [ 4442.893003] [<ffffffff81250ee9>] kasan_report+0x39/0x3b > [ 4442.893290] [<ffffffff8124c300>] ? __kmalloc+0xc0/0x2b0 > [ 4442.893578] [<ffffffff815e2963>] ? drm_name_info+0xf3/0x150 > [ 4442.893864] [<ffffffff8124fa3e>] __asan_load8+0x5e/0x70 > [ 4442.894148] [<ffffffff815e2963>] drm_name_info+0xf3/0x150 > [ 4442.894436] [<ffffffff81294085>] seq_read+0x1f5/0x820 > [ 4442.894727] [<ffffffff81293e90>] ? seq_hlist_next_percpu+0x120/0x120 > [ 4442.895019] [<ffffffff811f2630>] ? warn_alloc_failed+0x1e0/0x1e0 > [ 4442.895314] [<ffffffff813d7ec5>] ? full_proxy_read+0x5/0xf0 > [ 4442.895604] [<ffffffff813d7f70>] full_proxy_read+0xb0/0xf0 > [ 4442.895892] [<ffffffff813d7ec5>] ? full_proxy_read+0x5/0xf0 > [ 4442.896182] [<ffffffff81254ad7>] __vfs_read+0xd7/0x320 > [ 4442.896469] [<ffffffff81254a00>] ? do_loop_readv_writev+0x120/0x120 > [ 4442.896760] [<ffffffff811185c0>] ? debug_check_no_locks_freed+0x1a0/0x1a0 > [ 4442.897063] [<ffffffff81226c60>] ? copy_page_range+0xc20/0xc20 > [ 4442.897352] [<ffffffff811368aa>] ? debug_lockdep_rcu_enabled.part.4+0x1a/0x30 > [ 4442.897694] [<ffffffff811368f5>] ? debug_lockdep_rcu_enabled+0x35/0x40 > [ 4442.897987] [<ffffffff81256735>] ? rw_verify_area+0x65/0x140 > [ 4442.898276] [<ffffffff812568cc>] vfs_read+0xbc/0x170 > [ 4442.898564] [<ffffffff812586bb>] SyS_read+0xab/0x130 > [ 4442.898850] [<ffffffff81258610>] ? vfs_copy_file_range+0x2f0/0x2f0 > [ 4442.899139] [<ffffffff81118072>] ? trace_hardirqs_on_caller+0x182/0x280 > [ 4442.899433] [<ffffffff8100179a>] ? trace_hardirqs_on_thunk+0x1a/0x1c > [ 4442.899728] [<ffffffff8181b165>] entry_SYSCALL_64_fastpath+0x18/0xa8 > [ 4442.900018] [<ffffffff81113b20>] ? trace_hardirqs_off_caller+0xc0/0x110 > [ 4442.900301] ================================================================== > [ 4442.900603] Disabling lock debugging due to kernel taint > [ 4442.901031] BUG: unable to handle kernel NULL pointer dereference at 0000000000000050 > [ 4442.906576] IP: [<ffffffff815e2963>] drm_name_info+0xf3/0x150 > [ 4442.906877] PGD 23472f067 PUD 2350f8067 PMD 0 > [ 4442.907418] Oops: 0000 [#1] SMP KASAN > [ 4442.907592] Modules linked in: vgem i915 intel_gtt > [ 4442.908279] CPU: 1 PID: 1376 Comm: cat Tainted: G B 4.7.0-rc4+ #356 > [ 4442.908500] Hardware name: /NUC5CPYB, BIOS PYBSWCEL.86A.0027.2015.0507.1758 05/07/2015 > [ 4442.908732] task: ffff880234672900 ti: ffff88022f050000 task.ti: ffff88022f050000 > [ 4442.908952] RIP: 0010:[<ffffffff815e2963>] [<ffffffff815e2963>] drm_name_info+0xf3/0x150 > [ 4442.909310] RSP: 0018:ffff88022f057b28 EFLAGS: 00010282 > [ 4442.909492] RAX: ffff880234672900 RBX: 0000000000000000 RCX: ffffffff81117f06 > [ 4442.909680] RDX: 0000000000000004 RSI: 0000000000000003 RDI: ffffffff82181b20 > [ 4442.909868] RBP: ffff88022f057b50 R08: 0000000000000003 R09: 0000000000000000 > [ 4442.910054] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8802346c55f0 > [ 4442.910240] R13: ffff880235a6a000 R14: 0000000000000000 R15: ffff880231f1c7e0 > [ 4442.910428] FS: 00007f9349817700(0000) GS:ffff880237700000(0000) knlGS:0000000000000000 > [ 4442.910652] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 4442.910834] CR2: 0000000000000050 CR3: 00000002350f6000 CR4: 00000000001006e0 > [ 4442.911016] Stack: > [ 4442.911185] ffff880235a6a000 0000000000000001 ffff880235a6a0c0 0000000000000000 > [ 4442.911906] ffff880231f1c7e0 ffff88022f057ca0 ffffffff81294085 ffff880234673028 > [ 4442.912627] ffff880234672fd8 00007f93497f5000 ffff880235a6a030 ffff88022f057ee0 > [ 4442.913349] Call Trace: > [ 4442.913534] [<ffffffff81294085>] seq_read+0x1f5/0x820 > [ 4442.913735] [<ffffffff81293e90>] ? seq_hlist_next_percpu+0x120/0x120 > [ 4442.919906] [<ffffffff811f2630>] ? warn_alloc_failed+0x1e0/0x1e0 > [ 4442.920111] [<ffffffff813d7ec5>] ? full_proxy_read+0x5/0xf0 > [ 4442.920314] [<ffffffff813d7f70>] full_proxy_read+0xb0/0xf0 > [ 4442.920514] [<ffffffff813d7ec5>] ? full_proxy_read+0x5/0xf0 > [ 4442.920715] [<ffffffff81254ad7>] __vfs_read+0xd7/0x320 > [ 4442.920916] [<ffffffff81254a00>] ? do_loop_readv_writev+0x120/0x120 > [ 4442.921119] [<ffffffff811185c0>] ? debug_check_no_locks_freed+0x1a0/0x1a0 > [ 4442.921322] [<ffffffff81226c60>] ? copy_page_range+0xc20/0xc20 > [ 4442.921522] [<ffffffff811368aa>] ? debug_lockdep_rcu_enabled.part.4+0x1a/0x30 > [ 4442.921757] [<ffffffff811368f5>] ? debug_lockdep_rcu_enabled+0x35/0x40 > [ 4442.921961] [<ffffffff81256735>] ? rw_verify_area+0x65/0x140 > [ 4442.922162] [<ffffffff812568cc>] vfs_read+0xbc/0x170 > [ 4442.922360] [<ffffffff812586bb>] SyS_read+0xab/0x130 > [ 4442.922558] [<ffffffff81258610>] ? vfs_copy_file_range+0x2f0/0x2f0 > [ 4442.922758] [<ffffffff81118072>] ? trace_hardirqs_on_caller+0x182/0x280 > [ 4442.922962] [<ffffffff8100179a>] ? trace_hardirqs_on_thunk+0x1a/0x1c > [ 4442.923163] [<ffffffff8181b165>] entry_SYSCALL_64_fastpath+0x18/0xa8 > [ 4442.923365] [<ffffffff81113b20>] ? trace_hardirqs_off_caller+0xc0/0x110 > [ 4442.923561] Code: 5c 41 5d 41 5e 41 5f 5d c3 48 8d 7b 10 e8 96 d0 c6 ff 4c 8b 7b 10 eb ad e8 8b d0 c6 ff 49 8b 5c 24 18 48 8d 7b 50 e8 7d d0 c6 ff <4c> 8b 73 50 4d 85 f6 74 41 49 8d 7c 24 20 e8 6a d0 c6 ff 49 8b > [ 4442.937003] RIP [<ffffffff815e2963>] drm_name_info+0xf3/0x150 > [ 4442.937306] RSP <ffff88022f057b28> > [ 4442.937476] CR2: 0000000000000050 > [ 4442.941304] ---[ end trace 7b3b90baf4ed1a85 ]--- > > -- > Chris Wilson, Intel Open Source Technology Centre -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch _______________________________________________ Intel-gfx mailing list Intel-gfx@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/intel-gfx