leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ae0119f5f7
linux/drivers
History
Xie XiuQi ae0119f5f7 drm: fix signed integer overflow 
Use 1UL for unsigned long, or we'll meet a overflow issue with UBSAN.

[   15.589489] UBSAN: Undefined behaviour in drivers/gpu/drm/drm_hashtab.c:145:35
[   15.589500] signed integer overflow:
[   15.589999] -2147483648 - 1 cannot be represented in type 'int'
[   15.590434] CPU: 2 PID: 294 Comm: plymouthd Not tainted 3.10.0-327.28.3.el7.x86_64 #1
[   15.590653] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 01/07/2011
[   15.591001]  1ffff1000670fe83 000000000d6b385e ffff88003387f3e0 ffffffff81ee3140
[   15.591028]  ffff88003387f3f8 ffffffff81ee31fd ffffffffa032f460 ffff88003387f560
[   15.591044]  ffffffff81ee46e2 0000002d00000009 0000000000000001 0000000041b58ab3
[   15.591059] Call Trace:
[   15.591078]  [<ffffffff81ee3140>] dump_stack+0x1e/0x20
[   15.591093]  [<ffffffff81ee31fd>] ubsan_epilogue+0x12/0x55
[   15.591109]  [<ffffffff81ee46e2>] handle_overflow+0x1ba/0x215
[   15.591126]  [<ffffffff81ee4528>] ? __ubsan_handle_negate_overflow+0x162/0x162
[   15.591146]  [<ffffffff8103416c>] ? print_context_stack+0x9c/0x160
[   15.591163]  [<ffffffff81031df2>] ? dump_trace+0x252/0x750
[   15.591181]  [<ffffffff81739023>] ? __list_add+0x93/0x160
[   15.591197]  [<ffffffff81ee4798>] __ubsan_handle_sub_overflow+0x2a/0x31
[   15.591261]  [<ffffffffa0282140>] drm_ht_just_insert_please+0x1e0/0x200 [drm]
[   15.591290]  [<ffffffffa0528c7a>] ttm_base_object_init+0x10a/0x270 [ttm]
[   15.591316]  [<ffffffffa052a34c>] ttm_vt_lock+0x28c/0x3a0 [ttm]
[   15.591343]  [<ffffffffa052a0c0>] ? ttm_write_lock+0x180/0x180 [ttm]
[   15.591362]  [<ffffffff81419526>] ? kasan_unpoison_shadow+0x36/0x50
[   15.591379]  [<ffffffff81419526>] ? kasan_unpoison_shadow+0x36/0x50
[   15.591396]  [<ffffffff81419526>] ? kasan_unpoison_shadow+0x36/0x50
[   15.591413]  [<ffffffff81419526>] ? kasan_unpoison_shadow+0x36/0x50
[   15.591442]  [<ffffffffa061cbe1>] vmw_master_set+0x121/0x470 [vmwgfx]
[   15.591459]  [<ffffffff811773a5>] ? __init_waitqueue_head+0x45/0x70
[   15.591487]  [<ffffffffa061cac0>] ? vmw_master_drop+0x310/0x310 [vmwgfx]
[   15.591535]  [<ffffffffa026946a>] drm_open+0x92a/0xc00 [drm]
[   15.591563]  [<ffffffffa0619ff0>] ? vmw_driver_open+0x170/0x170 [vmwgfx]
[   15.591610]  [<ffffffffa0268b40>] ? drm_poll+0xe0/0xe0 [drm]
[   15.591661]  [<ffffffffa02797b4>] drm_stub_open+0x224/0x330 [drm]
[   15.591711]  [<ffffffffa0279590>] ? drm_minor_acquire+0x240/0x240 [drm]
[   15.591727]  [<ffffffff8145fa8a>] chrdev_open+0x1fa/0x3f0
[   15.591742]  [<ffffffff8145f890>] ? cdev_put+0x50/0x50
[   15.591761]  [<ffffffff814f6dc3>] ? __fsnotify_parent+0x53/0x210
[   15.591778]  [<ffffffff8144fde1>] do_dentry_open+0x351/0x670
[   15.591792]  [<ffffffff8145f890>] ? cdev_put+0x50/0x50
[   15.591807]  [<ffffffff814503c2>] vfs_open+0xa2/0x170
[   15.591824]  [<ffffffff8147b5df>] do_last+0xccf/0x2c80
[   15.591842]  [<ffffffff8147a910>] ? filename_create+0x320/0x320
[   15.591858]  [<ffffffff81472549>] ? path_init+0x1b9/0xa90
[   15.591875]  [<ffffffff81472390>] ? mountpoint_last+0x9a0/0x9a0
[   15.591894]  [<ffffffff815f9ccf>] ? selinux_file_alloc_security+0xcf/0x130
[   15.591911]  [<ffffffff8147d777>] path_openat+0x1e7/0xcc0
[   15.591927]  [<ffffffff81031df2>] ? dump_trace+0x252/0x750
[   15.591943]  [<ffffffff8147d590>] ? do_last+0x2c80/0x2c80
[   15.591959]  [<ffffffff81739023>] ? __list_add+0x93/0x160
[   15.591974]  [<ffffffff8104b48d>] ? save_stack_trace+0x7d/0xb0
[   15.591989]  [<ffffffff81480824>] do_filp_open+0xa4/0x160
[   15.592004]  [<ffffffff81480780>] ? user_path_mountpoint_at+0x50/0x50
[   15.592022]  [<ffffffff8149d755>] ? __alloc_fd+0x175/0x300
[   15.592039]  [<ffffffff81453127>] do_sys_open+0x1b7/0x3f0
[   15.592054]  [<ffffffff81452f70>] ? filp_open+0x80/0x80
[   15.592070]  [<ffffffff81453392>] SyS_open+0x32/0x40
[   15.592088]  [<ffffffff81f08989>] system_call_fastpath+0x16/0x1b

Signed-off-by: Xie XiuQi <xiexiuqi@huawei.com>
[seanpaul tweaked subject to remove "gpu/"]
Signed-off-by: Sean Paul <seanpaul@chromium.org>
Link: http://patchwork.freedesktop.org/patch/msgid/1473152138-25335-1-git-send-email-xiexiuqi@huawei.com
2016-09-06 13:56:41 -04:00
..
accessibility
acpi libnvdimm, nd_blk: mask off reserved status bits 2016-08-08 09:26:13 -07:00
amba
android
ata New LED class driver: 2016-07-27 14:03:52 -07:00
atm drivers: atm: nicstar: Use the correct function to free some resources 2016-07-19 11:30:26 -07:00
auxdisplay
base More power management updates for v4.8-rc1 2016-08-05 23:26:16 -04:00
bcma wireless-drivers-next patches for 4.8 2016-07-25 11:09:19 -07:00
block virtio/vhost: fixes and cleanups for 4.8 2016-08-11 14:10:23 -07:00
bluetooth Bluetooth: btmrvl: reset is_suspending flag in failure path 2016-07-18 10:13:02 +02:00
bus ARM: SoC driver updates for v4.8 2016-08-01 18:36:01 -04:00
cdrom cdrom: support read sub-channel command in LBA format 2016-07-12 08:24:50 -07:00
char agp/intel: Flush chipset writes after updating a single PTE 2016-08-18 22:36:23 +01:00
clk treewide: replace obsolete _refok by __ref 2016-08-02 17:31:41 -04:00
clocksource Merge branch 'linus' into timers/urgent, to pick up fixes 2016-08-10 14:36:23 +02:00
connector connector: make cn_proc explicitly non-modular 2016-07-05 11:40:47 -07:00
cpufreq Merge branches 'pm-sleep' and 'pm-cpufreq' 2016-08-12 22:53:58 +02:00
cpuidle powerpc updates for 4.8 # 1 2016-07-30 21:01:36 -07:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2016-08-01 14:28:42 -04:00
dax dax: use devm_add_action_or_reset() 2016-07-06 15:14:48 -07:00
dca
devfreq PM / devfreq: exynos-bus: add missing of_node_put after calling of_parse_phandle 2016-07-06 13:11:24 +09:00
dio
dma dmaengine updates for 4.8-rc1 2016-07-28 15:45:17 -07:00
dma-buf reservation: fix small comment typo 2016-08-22 09:22:09 +02:00
edac * Altera Arria10 ethernet FIFO buffer support (Thor Thayer) 2016-07-27 13:40:47 -07:00
eisa
extcon
firewire
firmware efi/capsule: Allocate whole capsule into virtual memory 2016-08-11 13:55:36 +02:00
fmc
fpga drivers/fpga/Kconfig: fix build failure 2016-08-04 08:50:07 -04:00
gpio This is the bulk of GPIO changes for the v4.8 kernel cycle. 2016-07-26 19:16:01 -07:00
gpu drm: fix signed integer overflow 2016-09-06 13:56:41 -04:00
hid Merge branch 'for-4.8/hid-led' into for-linus 2016-07-28 10:49:23 +02:00
hsi
hv
hwmon hwmon updates for v4.8 (take 2) 2016-08-01 16:49:13 -04:00
hwspinlock hwspinlock: qcom_hwspinlock: add missing of_node_put after calling of_parse_phandle 2016-07-06 12:20:34 -07:00
hwtracing Merge branch 'smp-hotplug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-07-29 13:55:30 -07:00
i2c powerpc updates for 4.8 # 1 2016-07-30 21:01:36 -07:00
ide Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide 2016-07-29 13:29:06 -07:00
idle Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-07-30 12:56:26 -07:00
iio Third set of IIO new device support, features and cleanups for the 4.8 cycle. 2016-07-14 12:05:29 +09:00
infiniband Second round of merge items for 4.8 2016-08-04 20:26:31 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2016-08-05 23:24:15 -04:00
iommu dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
ipack
irqchip tree-wide: replace config_enabled() with IS_ENABLED() 2016-08-04 08:50:07 -04:00
isdn
leds powerpc updates for 4.8 # 1 2016-07-30 21:01:36 -07:00
lguest
lightnvm block: get rid of bio_rw and READA 2016-07-20 17:37:01 -06:00
macintosh powerpc updates for 4.8 # 1 2016-07-30 21:01:36 -07:00
mailbox mailbox: Fix format and type mismatches in Broadcom PDC driver 2016-07-28 21:27:31 +05:30
mcb
md block: rename bio bi_rw to bi_opf 2016-08-07 14:41:02 -06:00
media media updates for v4.8-rc1 2016-08-04 09:59:37 -04:00
memory MTD updates for v4.8: 2016-08-02 17:05:11 -04:00
memstick memstick: don't allocate unused major for ms_block 2016-08-02 17:31:41 -04:00
message
mfd ARM: SoC driver updates for v4.8 2016-08-01 18:36:01 -04:00
misc powerpc fixes for 4.8 #3 2016-08-12 12:09:44 -07:00
mmc MMC core: 2016-07-31 21:36:58 -04:00
mtd This pull request contains mostly cleanups and minor 2016-08-04 19:51:49 -04:00
net virtio/vhost: new features for 4.8 2016-08-06 09:20:13 -04:00
nfc NFC 4.8 pull request 2016-07-20 23:39:36 -07:00
ntb NTB: ntb_hw_intel: use local variable pdev 2016-08-05 10:34:13 -04:00
nubus
nvdimm nvdimm, btt: add a size attribute for BTTs 2016-08-08 09:26:14 -07:00
nvme nvme: Suspend all queues before deletion 2016-08-11 09:35:57 -06:00
nvmem
of ramoops: use DT reserved-memory bindings 2016-08-05 11:21:36 -07:00
oprofile
parisc dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
parport
pci genirq/msi: Make sure PCI MSIs are activated early 2016-08-09 09:19:32 +02:00
pcmcia
perf drivers/perf: arm-pmu: Fix handling of SPI lacking "interrupt-affinity" property 2016-08-09 17:57:39 +01:00
phy MMC core: 2016-07-31 21:36:58 -04:00
pinctrl This is the bulk of pin control changes for the v4.8 kernel cycle. 2016-07-28 17:06:51 -07:00
platform dell-wmi: Ignore WMI event 0xe00e 2016-08-08 11:00:21 -07:00
pnp PNP: pnpbios: add header file to fix build errors 2016-07-27 18:52:54 +02:00
power ARM: SoC driver updates for v4.8 2016-08-01 18:36:01 -04:00
powercap
pps pps: do not crash when failed to register 2016-07-23 10:25:54 +09:00
ps3
ptp
pwm pwm: Changes for v4.8-rc1 2016-08-06 00:01:33 -04:00
rapidio rapidio: dereferencing an error pointer 2016-08-10 16:40:56 -07:00
ras
regulator pwm: Changes for v4.8-rc1 2016-08-06 00:01:33 -04:00
remoteproc dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
reset
rpmsg
rtc RTC for 4.8 2016-08-05 09:48:22 -04:00
s390 virtio/s390: deprecate old transport 2016-08-09 13:42:41 +03:00
sbus
scsi ipr: Fix sync scsi scan 2016-08-09 10:17:42 -07:00
sfi
sh
sn
soc ARM: SoC driver updates for v4.8 2016-08-01 18:36:01 -04:00
spi ARM: DT updates for v4.8 2016-08-01 18:37:45 -04:00
spmi
ssb SSB: Change bare unsigned to unsigned int to suit coding style 2016-07-06 15:09:36 +02:00
staging dma-buf/sync_file: refactor fence storage in struct sync_file 2016-08-11 15:33:24 +05:30
target target: iblock_execute_sync_cache() should use bio_set_op_attrs() 2016-08-07 14:41:02 -06:00
tc
thermal Merge branches 'thermal-intel' and 'thermal-core' into next 2016-08-08 10:59:35 +08:00
thunderbolt
tty tree-wide: replace config_enabled() with IS_ENABLED() 2016-08-04 08:50:07 -04:00
uio
usb More USB patches for 4.8-rc1 2016-08-05 23:07:43 -04:00
uwb
vfio vfio/pci: Fix NULL pointer oops in error interrupt setup handling 2016-08-08 16:16:23 -06:00
vhost vhost/vsock: fix vhost virtio_vsock_pkt use-after-free 2016-08-09 13:42:37 +03:00
video dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
virt
virtio virtio: fix error handling for debug builds 2016-08-09 13:42:35 +03:00
vlynq
vme
w1 w1:omap_hdq: fix regression 2016-08-02 19:35:40 -04:00
watchdog watchdog: gpio_wdt: Fix missing platform_set_drvdata() in gpio_wdt_probe() 2016-07-27 10:47:43 +02:00
xen dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
zorro
Kconfig
Makefile virtio/vhost: new features for 4.8 2016-08-06 09:20:13 -04:00