openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux/drivers
History
Gabriel Krisman Bertazi c0411316ab drm: bochs: Prevent double-free of fb helper 
If fbdev registration fails for whatever reason, the error path of
bochs_fbdev_init() will call bochs_fbdev_fini(), but since an fbdev
initialization error is not fatal to the probe function, a subsequent
device removal will try to call bochs_fbdev_fini() again, hitting the
Oops below.

This was detected by 0-day with a failing framebuffer registration and
CONFIG_DEBUG_TEST_DRIVER_REMOVE=y.  This reproduces the scenario I
mentioned above at insmod time, because the test attempts to remove the
device right after probing.

root@debian:~# insmod bochs-drm.ko
[   17.609635] [drm] Found bochs VGA, ID 0xb0c0.
[   17.612974] [drm] Framebuffer size 16384 kB @ 0xfa000000, mmio @ 0xfebf2000.
[   17.613938] [TTM] Zone  kernel: Available graphics memory: 1022244 kiB
[   17.614701] [TTM] Initializing pool allocator
[   17.615427] [TTM] Initializing DMA pool allocator
[   17.619143] fbcon: bochsdrmfb (fb0) is primary device
[   17.619428] Console: switching to colour frame buffer device 128x48
[   17.621047] bochs-drm 0000:00:02.0: fb0: bochsdrmfb frame buffer device
[   17.641111] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
[   17.642380] general protection fault: 0000 [#1] SMP
[   17.642985] Modules linked in: bochs_drm(+)
[   17.643259] CPU: 4 PID: 3279 Comm: insmod Tainted: G        W       4.11.0-rc1+ #119
[   17.643259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[   17.643259] task: ffff88007af35e00 task.stack: ffffc90000d84000
[   17.643259] RIP: 0010:drm_fb_helper_fini+0x8e/0x110
[   17.643259] RSP: 0018:ffffc90000d87ad0 EFLAGS: 00010202
[   17.643259] RAX: dead000000000200 RBX: ffff8800790d5770 RCX: 0000000000000000
[   17.652101] RDX: dead000000000100 RSI: 000000007fffffff RDI: ffffffff81eaf820
[   17.652101] RBP: ffffc90000d87ae0 R08: 0000000000000000 R09: ffff88007271d918
[   17.652101] R10: ffffc90000d87a88 R11: 0000000000000000 R12: 0000000000000000
[   17.652101] R13: ffff8800790d56d0 R14: 0000000000000000 R15: 0000000000000000
[   17.652101] FS:  00007f9285995700(0000) GS:ffff88007cf00000(0000) knlGS:0000000000000000
[   17.652101] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   17.652101] CR2: 0000564f1cf9f1e8 CR3: 0000000079686000 CR4: 00000000000006e0
[   17.652101] Call Trace:
[   17.652101]  bochs_fbdev_fini+0x24/0x90 [bochs_drm]
[   17.652101]  bochs_unload+0x16/0x50 [bochs_drm]
[   17.652101]  drm_dev_unregister+0x37/0xd0
[   17.652101]  drm_put_dev+0x31/0x60
[   17.652101]  bochs_pci_remove+0x10/0x20 [bochs_drm]
[   17.652101]  pci_device_remove+0x34/0xb0
[   17.652101]  driver_probe_device+0xd0/0x370
[   17.652101]  __driver_attach+0x96/0xa0
[   17.652101]  ? driver_probe_device+0x370/0x370
[   17.652101]  bus_for_each_dev+0x5b/0x90
[   17.652101]  driver_attach+0x19/0x20
[   17.652101]  bus_add_driver+0x11c/0x220
[   17.652101]  driver_register+0x5b/0xd0
[   17.652101]  ? 0xffffffffa0006000
[   17.652101]  __pci_register_driver+0x47/0x50
[   17.652101]  drm_pci_init+0xe1/0xf0
[   17.652101]  ? 0xffffffffa0006000
[   17.652101]  bochs_init+0x3c/0x1000 [bochs_drm]
[   17.652101]  do_one_initcall+0x3e/0x180
[   17.652101]  ? kmem_cache_alloc_trace+0x33/0x150
[   17.652101]  do_init_module+0x5a/0x1eb
[   17.652101]  load_module+0x1ea0/0x2650
[   17.652101]  ? __symbol_put+0x40/0x40
[   17.652101]  ? kernel_read_file+0x19e/0x1c0
[   17.652101]  ? kernel_read_file_from_fd+0x44/0x70
[   17.652101]  SYSC_finit_module+0xba/0xc0
[   17.652101]  SyS_finit_module+0x9/0x10
[   17.652101]  entry_SYSCALL_64_fastpath+0x1a/0xa9
[   17.652101] RIP: 0033:0x7f92854da119
[   17.652101] RSP: 002b:00007ffcd0390498 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   17.652101] RAX: ffffffffffffffda RBX: 00007f928578eb58 RCX: 00007f92854da119
[   17.652101] RDX: 0000000000000000 RSI: 0000564f1c8bd638 RDI: 0000000000000003
[   17.652101] RBP: 000000000000270e R08: 0000000000000000 R09: 00007f9285790ea0
[   17.652101] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f928578eb58
[   17.652101] R13: 0000000000001020 R14: 0000564f1cf9e1c0 R15: 00007f928578eb00
[   17.652101] Code: c7 20 f8 ea 81 e8 b3 3e 50 00 48 8b 83 d0 00 00 00 48 8d 93 d0 00 00 00 48 39 c2 74 46 48 8b 83 d8 00 00 00 48 8b 93 d0 00 00 00 <48> 89 42 08 48 89 10 48 b8 00 01 00 00 0000 ad de 48 89 83 d0
[   17.652101] RIP: drm_fb_helper_fini+0x8e/0x110 RSP: ffffc90000d87ad0
[   17.653331] ---[ end trace 542fd75a2e60a6a4 ]---

Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.co.uk>
Link: http://patchwork.freedesktop.org/patch/msgid/20170324045444.11912-1-krisman@collabora.co.uk
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 		2017-03-27 10:34:52 +02:00
..
accessibility
acpi acpi/processor: Check for duplicate processor ids at hotplug time 2017-03-11 14:41:20 +01:00
amba
android sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
ata ahci: qoriq: correct the sata ecc setting error 2017-03-09 11:55:23 -05:00
atm sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
auxdisplay auxdisplay: ht16k33: remove private workqueue 2017-02-10 15:57:28 +01:00
base drivers core: remove assert_held_device_hotplug() 2017-03-16 16:56:19 -07:00
bcma
block A fix for the recently discovered misdirected requests bug present in 2017-03-10 11:05:47 -08:00
bluetooth btmrvl: fix spelling mistake: "actived" -> "activated" 2017-02-19 00:26:37 +01:00
bus ARM: SoC driver updates 2017-02-23 15:57:04 -08:00
cdrom Merge branch 'for-4.11/next' into for-4.11/linus-merge 2017-02-17 14:08:19 -07:00
char Linux 4.11-rc3 2017-03-23 12:05:13 +10:00
clk ARM: SoC: late DT updates for v4.11 2017-03-03 16:15:48 -08:00
clocksource Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-17 13:13:35 -07:00
connector
cpufreq Merge branches 'pm-cpufreq-fixes' and 'intel_pstate-fixes' 2017-03-18 00:45:09 +01:00
cpuidle Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-03 10:16:38 -08:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2017-03-15 09:26:04 -07:00
dax device-dax: fix debug output typo 2017-03-10 19:56:56 -08:00
dca
devfreq scripts/spelling.txt: add "followings" pattern and fix typo instances 2017-02-27 18:43:47 -08:00
dio
dma sched/headers: Prepare to move the get_task_struct()/put_task_struct() and related APIs from <linux/sched.h> to <linux/sched/task.h> 2017-03-02 08:42:40 +01:00
dma-buf dma-fence: add dma_fence_match_context helper 2017-03-17 23:51:36 +05:30
edac Merge branch 'ras-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-02-20 12:47:44 -08:00
eisa
extcon scripts/spelling.txt: add "swithc" pattern and fix typo instances 2017-02-27 18:43:46 -08:00
firewire Merge branch 'idr-4.11' of git://git.infradead.org/users/willy/linux-dax 2017-02-28 20:29:41 -08:00
firmware Merge branch 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-07 14:25:48 -08:00
fmc
fpga fpga zynq: Use the scatterlist interface 2017-02-10 15:20:44 +01:00
fsi drivers/fsi: add driver to device matches 2017-02-10 15:19:48 +01:00
gpio This is the bulk of GPIO changes for the v4.11 cycle 2017-02-23 08:46:04 -08:00
gpu drm: bochs: Prevent double-free of fb helper 2017-03-27 10:34:52 +02:00
hid sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
hsi sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
hv scripts/spelling.txt: add "disble(d)" pattern and fix typo instances 2017-03-09 17:01:09 -08:00
hwmon scripts/spelling.txt: add "followings" pattern and fix typo instances 2017-02-27 18:43:47 -08:00
hwspinlock
hwtracing mm, fs: reduce fault, page_mkwrite, and pfn_mkwrite to take only vmf 2017-02-24 17:46:54 -08:00
i2c Linux 4.11-rc3 2017-03-23 12:05:13 +10:00
ide sched/headers: Prepare for new header dependencies before moving code to <linux/sched/task_stack.h> 2017-03-02 08:42:36 +01:00
idle Power management turbostat utility updates for v4.11-rc1 2017-03-02 17:41:27 -08:00
iio Staging/IIO driver fixes for 4.11-rc1 2017-03-04 11:26:18 -08:00
infiniband sched/headers: Prepare to move the get_task_struct()/put_task_struct() and related APIs from <linux/sched.h> to <linux/sched/task.h> 2017-03-02 08:42:40 +01:00
input Input: rmi4 - f30: detect INPUT_PROP_BUTTONPAD from the button count 2017-03-01 10:01:56 -08:00
iommu sched/headers: Prepare for new header dependencies before moving code to <linux/sched/mm.h> 2017-03-02 08:42:28 +01:00
ipack
irqchip irqchip/irqdomain updates for 4.11-rc2 2017-03-09 12:06:41 +01:00
isdn Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-03-14 21:31:23 -07:00
leds sched/headers: Prepare for new header dependencies before moving code to <linux/sched/loadavg.h> 2017-03-02 08:42:27 +01:00
lguest sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
lightnvm lightnvm: set default lun range when no luns are specified 2017-02-15 08:27:21 -07:00
macintosh powerpc/pmac: Fix crash in dma-mapping.h with NULL dma_ops 2017-03-10 14:17:23 +11:00
mailbox sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
mcb
md Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md 2017-03-16 11:43:48 -07:00
media Merge branch 'akpm' (patches from Andrew) 2017-03-10 08:34:42 -08:00
memory ARM: SoC driver updates 2017-02-23 15:57:04 -08:00
memstick Merge branch 'for-4.11/next' into for-4.11/linus-merge 2017-02-17 14:08:19 -07:00
message SCSI misc on 20170220 2017-02-21 11:51:42 -08:00
mfd staging/iio driver patches for 4.11-rc1 2017-02-22 12:14:01 -08:00
misc mm: convert generic code to 5-level paging 2017-03-09 11:48:47 -08:00
mmc sched/headers: Prepare for new header dependencies before moving code to <uapi/linux/sched/types.h> 2017-03-02 08:42:27 +01:00
mtd scripts/spelling.txt: add "disble(d)" pattern and fix typo instances 2017-03-09 17:01:09 -08:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-03-14 21:31:23 -07:00
nfc scripts/spelling.txt: add "omited" pattern and fix typo instances 2017-02-27 18:43:47 -08:00
ntb ntb: ntb_hw_intel: link_poll isn't clearing the pending status properly 2017-02-16 23:11:26 -05:00
nubus
nvdimm nfit, libnvdimm: fix interleave set cookie calculation 2017-03-01 00:49:42 -08:00
nvme Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2017-03-03 10:53:35 -08:00
nvmem
of Pointer for Markus's image conversion work. 2017-03-14 15:07:33 +01:00
oprofile sched/headers: Prepare to move the get_task_struct()/put_task_struct() and related APIs from <linux/sched.h> to <linux/sched/task.h> 2017-03-02 08:42:40 +01:00
parisc Merge branch 'parisc-4.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2017-03-03 16:20:06 -08:00
parport sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
pci PCI/ASPM: Always set link->downstream to avoid NULL dereference on remove 2017-03-07 14:23:30 -06:00
pcmcia
perf sched/headers: Prepare for new header dependencies before moving code to <linux/sched/clock.h> 2017-03-02 08:42:27 +01:00
phy pci-v4.11-changes 2017-02-23 11:53:22 -08:00
pinctrl pinctrl: uniphier: change pin names of aio/xirq for LD11 2017-03-06 14:38:05 +01:00
platform platform-drivers-x86 for v4.11-2 2017-03-13 13:23:43 -07:00
pnp
power scripts/spelling.txt: add "intialization" pattern and fix typo instances 2017-02-27 18:43:47 -08:00
powercap
pps
ps3 sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
ptp 4.11 is going to be a relatively large release for KVM, with a little over 2017-02-22 18:22:53 -08:00
pwm pwm: Changes for v4.11-rc1 2017-03-01 09:46:02 -08:00
rapidio rapidio: use get_user_pages_unlocked() 2017-02-27 18:43:45 -08:00
ras
regulator regulator: Updates for v4.11 2017-02-20 17:23:57 -08:00
remoteproc virtio, vhost: optimizations, fixes 2017-03-02 13:53:13 -08:00
reset ARM: SoC driver updates 2017-02-23 15:57:04 -08:00
rpmsg virtio, vhost: optimizations, fixes 2017-03-02 13:53:13 -08:00
rtc sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
s390 Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-03 10:16:38 -08:00
sbus
scsi Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2017-03-19 18:06:31 -07:00
sfi
sh
sn
soc sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
spi sched/headers: Prepare for new header dependencies before moving code to <uapi/linux/sched/types.h> 2017-03-02 08:42:27 +01:00
spmi
ssb
staging Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-03-14 21:31:23 -07:00
target tcmu: Convert cmd_time_out into backend device attribute 2017-03-18 16:32:30 -07:00
tc
thermal sched/headers: Prepare for new header dependencies before moving code to <uapi/linux/sched/types.h> 2017-03-02 08:42:27 +01:00
thunderbolt
tty serial: samsung: Continue to work if DMA request fails 2017-03-07 19:58:37 +01:00
uio sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
usb USB fixes for 4.11-rc2 2017-03-11 00:08:39 -08:00
uwb
vfio sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
vhost Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-03 10:16:38 -08:00
video sched/headers: Remove the <linux/mm_types.h> dependency from <linux/sched.h> 2017-03-03 01:45:16 +01:00
virt
virtio Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-03 10:16:38 -08:00
vlynq
vme
w1 sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
watchdog watchdog: retu: restore MFD dependency 2017-03-01 06:15:10 -08:00
xen drivers, xen: convert grant_map.users from atomic_t to refcount_t 2017-03-13 12:45:18 -04:00
zorro
Kconfig drivers/fsi: Add empty fsi bus definitions 2017-02-10 15:19:48 +01:00
Makefile pci-v4.11-changes 2017-02-23 11:53:22 -08:00