linux

iv/linux

History

Chris Wilson bee7fb158f drm: Protect drm_connector_register_all() under DRIVER_MODESET

0-day kbuilder found

[    1.360244] BUG: unable to handle kernel NULL pointer dereference at   (null)
[    1.360972] IP: [<c14db9ad>] mutex_lock_nested+0x11f/0x2c3
[    1.361512] *pde = 00000000
[    1.361827] Oops: 0002 [#1]
[    1.362123] Modules linked in:
[    1.362451] CPU: 0 PID: 1 Comm: swapper Not tainted 4.7.0-rc2-00564-ge28cd4d #1
[    1.363202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[    1.364105] task: c03d0000 ti: d28da000 task.ti: d28da000
[    1.364636] EIP: 0060:[<c14db9ad>] EFLAGS: 00210096 CPU: 0
[    1.365215] EIP is at mutex_lock_nested+0x11f/0x2c3
[    1.365703] EAX: 00000000 EBX: d39e8ae8 ECX: d39e8b14 EDX: c1361cf9
[    1.366351] ESI: c03d0000 EDI: d28dbed0 EBP: d28dbeec ESP: d28dbec0
[    1.367010]  DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
[    1.367534] CR0: 80050033 CR2: 00000000 CR3: 019a9000 CR4: 00000690
[    1.368152] Stack:
[    1.368356]  d39e8b14 d39e8b24 c1361cf9 00200246 d39e8b14 00000000 11111111 d28dbed0
[    1.369235]  d39e8800 d39e8ae8 00000000 d28dbf08 c1361cf9 d28dbf0c c10b25be d39e8800
[    1.370087]  00000000 00000000 d28dbf1c c135e37d fffffff4 ffffffff 00000000 d28dbf28
[    1.371012] Call Trace:
[    1.371272]  [<c1361cf9>] ? drm_connector_register_all+0x1a/0x92
[    1.371847]  [<c1361cf9>] drm_connector_register_all+0x1a/0x92
[    1.372421]  [<c10b25be>] ? kstrdup+0x25/0x3a
[    1.372863]  [<c135e37d>] drm_dev_register+0x59/0x99
[    1.373358]  [<c195ea3e>] vgem_init+0x34/0x49
[    1.373770]  [<c195ea0a>] ? mipi_dsi_bus_init+0xf/0xf
[    1.374257]  [<c100048f>] do_one_initcall+0x7c/0xfd
[    1.374754]  [<c104b409>] ? parse_args+0x1fd/0x314
[    1.375259]  [<c1939c10>] ? kernel_init_freeable+0xd0/0x179
[    1.375837]  [<c1939c2c>] kernel_init_freeable+0xec/0x179
[    1.376371]  [<c14d66ea>] kernel_init+0x8/0xcb
[    1.376806]  [<c14debce>] ret_from_kernel_thread+0xe/0x30
[    1.377322]  [<c14d66e2>] ? rest_init+0x10e/0x10e
[    1.377754] Code: 89 fa e8 71 c5 b7 ff 8b 4e 04 89 fa 89 d8 e8 8e c6 b7 ff 8d 43 2c 89 45 d4 8b 43 30 8d 4b 2c 89 45 e8 89 7b 30 89 4d e4 8b 55 dc <89> 38 8d 43 3c 89 75 ec e8 c9 dd b7 ff eb 0c 31 c0 87 03 48
+75
[    1.380442] EIP: [<c14db9ad>] mutex_lock_nested+0x11f/0x2c3 SS:ESP 0068:d28dbec0
[    1.381174] CR2: 0000000000000000

when loading the non-modesetting vGEM module. To prevent use of the
uninitialised dev->mode_config from drm_dev_register() we move the
drm_connector_register_all() under a DRIVER_MODESET guard. Longer term,
we probably want to initialise the embedded dev->mode_config automatically
from drm_dev_init() for all DRIVER_MODESET drivers.

v2: Also protect drm_dev_unregister.

Fixes: e28cd4d0a223 ("drm: Automatically register/unregister all connectors")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Emil Velikov <emil.l.velikov@gmail.com>
Cc: dri-devel@lists.freedesktop.org
Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>
Testcase: igt/vgem_reload_basic
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: http://patchwork.freedesktop.org/patch/msgid/1466257601-5656-1-git-send-email-chris@chris-wilson.co.uk

2016-06-19 00:30:25 +02:00

amd

drm/amdgpu: use crtc directly in drm_crtc_vblank_put()

2016-06-13 18:38:06 +02:00

arc

Merge tag 'topic/drm-misc-2016-06-15' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-16 05:49:32 +10:00

arm

drm/hdlcd: Use helper support for nonblocking commits

2016-06-10 17:11:17 +02:00

armada

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

ast

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

atmel-hlcdc

drm: atmel-hlcdc: Rely on the default ->best_encoder() behavior

2016-06-10 17:22:11 +02:00

bochs

drm/bochs: Use lockless gem BO free callback

2016-06-01 09:40:16 +02:00

bridge

drm/bridge: dw-hdmi: Use drm_atomic_helper_best_encoder()

2016-06-10 17:25:30 +02:00

cirrus

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

etnaviv

dma-buf/fence: make fence context 64 bit v2

2016-06-02 08:27:41 +02:00

exynos

drm: exynos: Rely on the default ->best_encoder() behavior

2016-06-10 17:22:15 +02:00

fsl-dcu

drm: fsl-dcu: Rely on the default ->best_encoder() behavior

2016-06-10 17:22:19 +02:00

gma500

drm/gma500: use drm_crtc_vblank_{on,off}()

2016-06-13 18:38:19 +02:00

hisilicon

drm/hisilicon: Implement some semblance of vblank event handling

2016-06-09 10:28:14 +02:00

i2c

Merge drm-fixes into drm-next.

2016-03-14 09:46:02 +10:00

i810

…

i915

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

imx

drm/imx: plane: Don't set plane->crtc in ipu_plane_update()

2016-05-30 09:14:00 +02:00

mediatek

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

mga

…

mgag200

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

msm

drm/atomic-helper: Massage swap_state signature somewhat

2016-06-10 16:52:12 +02:00

nouveau

drm/nouveau: replace legacy vblank helpers

2016-06-13 18:33:41 +02:00

omapdrm

drm: omap: Rely on the default ->best_encoder() behavior

2016-06-10 17:25:11 +02:00

panel

drm/panel: simple: Add support for TPK U.S.A. LLC Fusion 7" and 10.1" panels

2016-05-12 11:32:14 +02:00

qxl

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

r128

…

radeon

drm/radeon: use crtc directly in drm_crtc_vblank_put()

2016-06-13 18:38:12 +02:00

rcar-du

drm: rcar-du: Rely on the default ->best_encoder() behavior

2016-06-10 17:24:26 +02:00

rockchip

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

savage

…

shmobile

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

sis

…

sti

drm/sti: Don't call drm_helper_disable_unused_functions

2016-06-17 14:27:02 +02:00

sun4i

drm: sun4i: Rely on the default ->best_encoder() behavior

2016-06-10 17:24:44 +02:00

tdfx

…

tegra

drm: tegra: Rely on the default ->best_encoder() behavior

2016-06-10 17:24:48 +02:00

tilcdc

drm/tilcdc: Use lockless gem BO free callback

2016-06-01 09:41:02 +02:00

ttm

Linux 4.6-rc7

2016-05-09 13:49:56 +10:00

udl

drm/udl: use drm_crtc_send_vblank_event()

2016-06-06 18:03:06 +02:00

vc4

drm: vc4: Rely on the default ->best_encoder() behavior

2016-06-10 17:24:58 +02:00

vgem

drm/vgem: Use lockless gem BO free callback

2016-05-31 15:28:10 +02:00

via

mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros

2016-04-04 10:41:08 -07:00

virtio

drm/virtio: Don't reinvent a flipping wheel

2016-06-14 16:32:47 +02:00

vmwgfx

drm/vmwgfx: use *_32_bits() macros

2016-06-15 13:10:38 +02:00

ati_pcigart.c

…

drm_agpsupport.c

drm: Give drm_agp_clear drm_legacy_ prefix

2016-04-27 08:41:34 +02:00

drm_atomic_helper.c

drm/atomic-helpers: Clear up cleanup_done a bit

2016-06-15 17:25:36 +02:00

drm_atomic.c

drm/atomic: Add struct drm_crtc_commit to track async updates

2016-06-10 16:57:54 +02:00

drm_auth.c

drm: Extract drm_master_relase

2016-06-16 10:17:58 +02:00

drm_bridge.c

drm/doc: Switch to sphinx/rst fixed-width quoting

2016-06-03 20:58:24 +02:00

drm_bufs.c

drm: Hide master MAP cleanup in drm_bufs.c

2016-04-27 10:14:17 +02:00

drm_cache.c

x86/cpufeature: Remove cpu_has_clflush

2016-03-31 13:35:09 +02:00

drm_context.c

…

drm_crtc_helper.c

drm: drm_helper_crtc_enable_color_mgmt() => drm_crtc_enable_color_mgmt()

2016-06-07 17:10:49 +03:00

drm_crtc_internal.h

drm/mode: rework drm_mode_object_put to drm_mode_object_unregister.

2016-04-22 10:26:37 +10:00

drm_crtc.c

drm: Automatically register/unregister all connectors

2016-06-17 14:42:40 +02:00

drm_debugfs.c

drm: Nuke legacy maps debugfs files

2016-06-16 10:16:11 +02:00

drm_dma.c

…

drm_dp_aux_dev.c

drm/dp: Allow signals to interrupt drm_aux-dev reads/writes

2016-04-28 11:48:09 +02:00

drm_dp_dual_mode_helper.c

drm: Add helper for DP++ adaptors

2016-05-23 11:10:46 +03:00

drm_dp_helper.c

drm: Minimally initialise drm_dp_aux

2016-06-17 14:41:47 +02:00

drm_dp_mst_topology.c

Linux 4.6-rc7

2016-05-09 13:49:56 +10:00

drm_drv.c

drm: Protect drm_connector_register_all() under DRIVER_MODESET

2016-06-19 00:30:25 +02:00

drm_edid_load.c

Fix annoyingly awkward typo in drm_edid_load.c

2016-05-30 09:59:28 +02:00

drm_edid.c

drm/edid: add displayid detailed 1 timings to the modelist. (v1.1)

2016-05-23 11:35:31 +10:00

drm_encoder_slave.c

…

drm_fb_cma_helper.c

drm: fb: cma: fix memory leak

2016-06-13 09:53:09 +02:00

drm_fb_helper.c

drm: Replace fb_helper->atomic with mode_config->atomic_commit

2016-06-09 08:43:28 +02:00

drm_flip_work.c

…

drm_fops.c

drm: Extract drm_master_relase

2016-06-16 10:17:58 +02:00

drm_fourcc.c

drm: Move format-related helpers to drm_fourcc.c

2016-06-09 11:58:50 +02:00

drm_gem_cma_helper.c

drm: Wrap direct calls to driver->gem_free_object from CMA

2016-06-01 15:00:28 +10:00

drm_gem.c

drm/doc: Appease sphinx

2016-06-02 16:25:20 +02:00

drm_global.c

…

drm_hashtab.c

…

drm_info.c

drm: Nuke legacy maps debugfs files

2016-06-16 10:16:11 +02:00

drm_internal.h

drm: Extract drm_master_relase

2016-06-16 10:17:58 +02:00

drm_ioc32.c

…

drm_ioctl.c

drm: Move drm_getmap into drm_bufs.c and give it a legacy prefix

2016-04-27 08:42:48 +02:00

drm_irq.c

drm: make drm_vblank_{get,put}() static

2016-06-13 18:37:33 +02:00

drm_kms_helper_common.c

…

drm_legacy.h

drm: Hide hw.lock cleanup in filp->release better

2016-06-16 10:16:37 +02:00

drm_lock.c

drm: Hide hw.lock cleanup in filp->release better

2016-06-16 10:16:37 +02:00

drm_memory.c

…

drm_mipi_dsi.c

drm/dsi: Add uevent callback

2016-06-13 10:45:57 +02:00

drm_mm.c

drm/mm: avoid possible null pointer dereference

2016-05-23 14:56:11 +02:00

drm_modes.c

Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next

2016-06-09 11:19:28 +10:00

drm_modeset_lock.c

drm/doc: Switch to sphinx/rst fixed-width quoting

2016-06-03 20:58:24 +02:00

drm_of.c

…

drm_panel.c

drm/panel: Flesh out kerneldoc

2016-05-06 16:04:48 +02:00

drm_pci.c

drm: Give drm_agp_clear drm_legacy_ prefix

2016-04-27 08:41:34 +02:00

drm_plane_helper.c

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

drm_platform.c

…

drm_prime.c

drm/prime: fix error path deadlock fail

2016-06-13 17:32:18 +02:00

drm_probe_helper.c

drm: Only create a cmdline mode if no probed modes match

2016-06-02 15:10:22 +02:00

drm_rect.c

…

drm_scatter.c

…

drm_simple_kms_helper.c

drm: Deal with rotation in drm_plane_helper_check_update()

2016-06-17 16:41:25 +02:00

drm_sysfs.c

drm: Remove dev_pm_ops from drm_class

2016-06-09 08:43:25 +02:00

drm_trace_points.c

…

drm_trace.h

…

drm_vm.c

drm: Nuke legacy maps debugfs files

2016-06-16 10:16:11 +02:00

drm_vma_manager.c

drm/doc: Switch to sphinx/rst fixed-width quoting

2016-06-03 20:58:24 +02:00

Kconfig

drm/mediatek: Add DRM Driver for Mediatek SoC MT8173.

2016-05-06 17:47:35 +02:00

Makefile

drm: Add helper for simple display pipeline

2016-06-10 17:33:17 +02:00