KASAN splat in vmwgfx driver
Zack Rusin
zackr at vmware.com
Wed Mar 16 03:24:07 UTC 2022
On Wed, 2022-03-16 at 00:45 +0000, Chuck Lever III wrote:
> For a kernel development project I'm working on, I'm using
> Linux in a VMware guest. After kernel v5.16.2, I noticed
> this KASAN splat:
Ah, yea, thanks. It's because vmw_bo_create_kernel creates a raw
ttm_buffer_object instead of vmw_buffer_object.
With the change to allocate those mob backed objects in VMW_PL_SYSTEM
we have to migrate them from TTM_PL_SYSTEM but vmw_query_move_notify
assumes that kernel objects never migrate and so are always
vmw_buffer_object which is not the case anymore.
KASAN here complains about the container_of(bo, struct
vmw_buffer_object, base); it's in general harmless because the results
are only used if new_mem->mem_type == TTM_PL_SYSTEM && old_mem-
>mem_type == VMW_PL_MOB which is not going to be the case here, but it
is an invalid read and we'll get to it as soon as we can.
z
More information about the dri-devel
mailing list