Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965113AbcCNMda (ORCPT ); Mon, 14 Mar 2016 08:33:30 -0400 Received: from mail-wm0-f46.google.com ([74.125.82.46]:35745 "EHLO mail-wm0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932332AbcCNMdX (ORCPT ); Mon, 14 Mar 2016 08:33:23 -0400 Subject: Re: Oops in 3.10.99 -- NULL pointer dereference in radeon_fence_ref To: Luis Henriques , Greg Kroah-Hartman References: <20160307025014.GA9499@mail.codepoet.org> <20160307204654.GB6545@kroah.com> <56DDED67.2030801@amd.com> <20160307225851.GB25867@kroah.com> <20160309135612.GA20283@charon.olymp> Cc: =?UTF-8?Q?Christian_K=c3=b6nig?= , andersen@codepoet.org, linux-kernel , =?UTF-8?Q?Nicolai_H=c3=a4hnle?= , stable@vger.kernel.org, Sasha Levin , Kamal Mostafa From: Jiri Slaby Message-ID: <56E6AF8E.4090001@suse.cz> Date: Mon, 14 Mar 2016 13:33:18 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160309135612.GA20283@charon.olymp> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3448 Lines: 70 On 03/09/2016, 02:56 PM, Luis Henriques wrote: > On Mon, Mar 07, 2016 at 02:58:51PM -0800, Greg Kroah-Hartman wrote: >> On Mon, Mar 07, 2016 at 10:06:47PM +0100, Christian K?nig wrote: >>> Am 07.03.2016 um 21:46 schrieb Greg Kroah-Hartman: >>>> On Sun, Mar 06, 2016 at 07:50:14PM -0700, Erik Andersen wrote: >>>>> The following patch to radeon_sa_bo_new that >>>>> went into 3.10.99 >>>>> >>>>> commit 8d5e1e5af0c667545c202e8f4051f77aa3bf31b7 >>>>> Author: Nicolai Hähnle >>>>> Date: Fri Feb 5 14:35:53 2016 -0500 >>>>> drm/radeon: hold reference to fences in radeon_sa_bo_new >>>>> commit f6ff4f67cdf8455d0a4226eeeaf5af17c37d05eb upstream. >>>>> >>>>> is triggering an Oops for me right when xscreensaver >>>>> first began doing 3D stuff. After reverting this >>>>> patch, xscreensaver has been happily running 3D stuff. >>>>> >>>>> Mar 6 18:00:43 sage kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 >>>>> Mar 6 18:00:43 sage kernel: IP: [] radeon_fence_ref+0xd/0x50 [radeon] >>>>> Mar 6 18:00:43 sage kernel: PGD 799e1d067 PUD 819186067 PMD 0 >>>>> Mar 6 18:00:43 sage kernel: Oops: 0002 [#1] SMP >>>>> >>>>> Mar 6 18:00:43 sage kernel: Stack: >>>>> Mar 6 18:00:43 sage kernel: ffffffffa01607ec ffff88108a4e8000 ffff88108a4e8000 ffff880888fbc000 >>>>> Mar 6 18:00:43 sage kernel: ffff880ecbf11c78 0000fe2001000006 0000000000000000 0020000000000100 >>>>> Mar 6 18:00:43 sage kernel: 00000000000d1200 ffff880ecbf11c14 0000000000000000 0000000000000000 >>>>> Mar 6 18:00:43 sage kernel: Call Trace: >>>>> Mar 6 18:00:43 sage kernel: [] ? radeon_sa_bo_new+0x2ac/0x4f0 [radeon] >>>>> Mar 6 18:00:43 sage kernel: [] ? ttm_eu_list_ref_sub+0x3d/0x60 [ttm] >>>>> Mar 6 18:00:43 sage kernel: [] radeon_ib_get+0x39/0x110 [radeon] >>>>> Mar 6 18:00:43 sage kernel: [] radeon_cs_ioctl+0x69a/0xa70 [radeon] >>>>> Mar 6 18:00:43 sage kernel: [] drm_ioctl+0x512/0x650 [drm] >>>>> Mar 6 18:00:43 sage kernel: [] ? do_futex+0x111/0xc30 >>>>> Mar 6 18:00:43 sage kernel: [] do_vfs_ioctl+0x305/0x520 >>>>> Mar 6 18:00:43 sage kernel: [] ? vtime_account_user+0x69/0x80 >>>>> Mar 6 18:00:43 sage kernel: [] SyS_ioctl+0x81/0xa0 >>>>> Mar 6 18:00:43 sage kernel: [] tracesys+0xe1/0xe6 >>>>> >>>>> $ lspci | grep VGA >>>>> 03:00.0 VGA compatible controller: Advanced Micro Devices, Inc. >>>>> [AMD/ATI] Redwood XT [Radeon HD 5670/5690/5730] >>>> Next time, please cc: the people responsible for that patch as well... >>>> >>>> I can revert it, but maybe something else is going on here? Do you have >>>> this same problem on 3.14, and 4.5-rc7? >>> >>> Hi Greg, >>> >>> yes that's an already known issue. Feel free to revert that one for now. >>> >>> I got it on my TODO list to provide a fixed patch for older kernel, but that >>> can take a while. >>> >>> For the background Nicolais patch is correct, but assumes that >>> radeon_fence_unref() can safely take NULL as the fence which is not the case >>> for older kernels. >> >> Ok, thanks, now reverted. >> > > And looks like a few more kernels may be affected as well. I'll > revert it from 3.16 kernel, and I'm adding Kamal, Sasha and Jiri to > the CC list. Reverted from 3.12. Thanks! -- js suse labs