Re: BUG: KASAN: use-after-free in amdgpu_job_free_cb

Mon, 15 Jan 2018 06:58:39 -0800 

Hey Andrey,

been sick for the last few days which is why I wasn't able to follow up on that 
other email thread. I'm still working from home today so won't be able to give 
this a spin. Leo, if you got a chance it'd be useful to see if we can repro it. 
If not I'll try it tomorrow.

Harry

On 2018-01-14 06:22 PM, Grodzovsky, Andrey wrote:
> Thanks, you did it right. I will try to think more how this happened, Harry, 
> Leo, if you have banwidth to try and reproduce it it would help, from Kasan 
> prints it seems the way to make it more probable to happen is to move the 
> mouse repeatedly during flipping like video playback, also maybe trying async 
> flip mode makes it more probable.
> 
> Thanks,
> Andrey
> 
> ________________________________________
> From: Johannes Hirte <johannes.hi...@datenkhaos.de>
> Sent: 14 January 2018 15:34:16
> To: Grodzovsky, Andrey
> Cc: Luís Mendes; Deucher, Alexander; Li, Sun peng (Leo); Wentland, Harry; 
> Koenig, Christian; amd-gfx@lists.freedesktop.org
> Subject: Re: BUG: KASAN: use-after-free in amdgpu_job_free_cb
> 
> On 2018 Jan 14, Grodzovsky, Andrey wrote:
>> To be sure it was inserted at the correct place please send me output of git 
>> diff on your modified branch.
>>
>> Thanks,
>> Andrey
>>
> 
> diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c 
> b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
> index bb5fa895fb64..bc2050a5a5c6 100644
> --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
> +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c
> @@ -4802,7 +4802,7 @@ static int amdgpu_dm_atomic_check(struct drm_device 
> *dev,
>          * synchronization events.
>          */
> 
> -       if (lock_and_validation_needed) {
> +       if (lock_and_validation_needed || state->legacy_cursor_update == 
> true) {
> 
>                 ret = do_aquire_global_lock(dev, state);
>                 if (ret)
> 
> If this matters, I've applied the patch on top of 4.15-rc7 with your
> "Fix: Save job's priority on it's creation instead of accessing it from 
> s_entity later on."
> patch. This one is still not upstream, but without I see the other
> use-after-free
> 
> --
> Regards,
>   Johannes
> 
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx

Reply via email to