[Intel-gfx] [PATCH] drm/i915: Use the crtc_state_is_legacy in intel_color_check
Maarten Lankhorst
maarten.lankhorst at linux.intel.com
Fri Oct 6 08:49:36 UTC 2017
Op 05-10-17 om 18:30 schreef Daniel Vetter:
> On Thu, Oct 05, 2017 at 04:15:20PM +0200, Maarten Lankhorst wrote:
>> crtc_state_is_legacy also checks for CTM, which was missing from
>> intel_color_check. By using the same condition for commit and check
>> we reduce the chance of mismatches.
>>
>> This was spotted by KASAN while trying to rework kms_color igt test.
>>
>> [ 72.008660] ==================================================================
>> [ 72.009326] BUG: KASAN: slab-out-of-bounds in bdw_load_gamma_lut.isra.3+0x15c/0x360 [i915]
>> [ 72.009519] Read of size 2 at addr ffff880220216e50 by task kms_color/1158
>> [ 72.009900] CPU: 2 PID: 1158 Comm: kms_color Tainted: G U W 4.14.0-rc3-patser+ #5281
>> [ 72.009921] Hardware name: GIGABYTE GB-BKi3A-7100/MFLP3AP-00, BIOS F1 07/27/2016
>> [ 72.009941] Call Trace:
>> [ 72.009968] dump_stack+0xc5/0x151
>> [ 72.009996] ? _atomic_dec_and_lock+0x10f/0x10f
>> [ 72.010024] ? show_regs_print_info+0x3c/0x3c
>> [ 72.010072] print_address_description+0x7f/0x240
>> [ 72.010108] kasan_report+0x216/0x370
>> [ 72.010308] ? bdw_load_gamma_lut.isra.3+0x15c/0x360 [i915]
>> [ 72.010349] __asan_load2+0x74/0x80
>> [ 72.010552] bdw_load_gamma_lut.isra.3+0x15c/0x360 [i915]
>> [ 72.010772] broadwell_load_luts+0x1f0/0x300 [i915]
>> [ 72.010997] intel_color_load_luts+0x36/0x40 [i915]
>> [ 72.011205] intel_begin_crtc_commit+0xa1/0x310 [i915]
>> [ 72.011283] drm_atomic_helper_commit_planes_on_crtc+0xa6/0x320 [drm_kms_helper]
>> [ 72.011316] ? wait_for_completion_io+0x460/0x460
>> [ 72.011524] intel_update_crtc+0xe3/0x100 [i915]
>> [ 72.011720] skl_update_crtcs+0x360/0x3f0 [i915]
>> [ 72.011945] ? intel_update_crtcs+0xf0/0xf0 [i915]
>> [ 72.012010] ? drm_atomic_helper_wait_for_dependencies+0x3d9/0x400 [drm_kms_helper]
>> [ 72.012231] intel_atomic_commit_tail+0x8db/0x1500 [i915]
>> [ 72.012273] ? __lock_is_held+0x9c/0xc0
>> [ 72.012494] ? skl_update_crtcs+0x3f0/0x3f0 [i915]
>> [ 72.012518] ? find_next_bit+0xb/0x10
>> [ 72.012544] ? cpumask_next+0x1a/0x20
>> [ 72.012745] ? i915_sw_fence_complete+0x9d/0xe0 [i915]
>> [ 72.012938] ? __i915_sw_fence_complete+0x5d0/0x5d0 [i915]
>> [ 72.013176] intel_atomic_commit+0x528/0x570 [i915]
>> [ 72.013280] ? drm_atomic_get_property+0xc00/0xc00 [drm]
>> [ 72.013466] ? intel_atomic_commit_tail+0x1500/0x1500 [i915]
>> [ 72.013496] ? kmem_cache_alloc_trace+0x266/0x280
>> [ 72.013714] ? intel_atomic_commit_tail+0x1500/0x1500 [i915]
>> [ 72.013812] drm_atomic_commit+0x77/0x80 [drm]
>> [ 72.013911] set_property_atomic+0x14a/0x210 [drm]
>> [ 72.014015] ? drm_object_property_get_value+0x70/0x70 [drm]
>> [ 72.014080] ? mutex_unlock+0xd/0x10
>> [ 72.014292] ? intel_atomic_commit_tail+0x1500/0x1500 [i915]
>> [ 72.014379] drm_mode_obj_set_property_ioctl+0x1cf/0x310 [drm]
>> [ 72.014481] ? drm_mode_obj_find_prop_id+0xa0/0xa0 [drm]
>> [ 72.014510] ? lock_release+0x6c0/0x6c0
>> [ 72.014602] ? drm_is_current_master+0x46/0x60 [drm]
>> [ 72.014706] drm_ioctl_kernel+0x148/0x1d0 [drm]
>> [ 72.014799] ? drm_mode_obj_find_prop_id+0xa0/0xa0 [drm]
>> [ 72.014898] ? drm_ioctl_permit+0x100/0x100 [drm]
>> [ 72.014936] ? kasan_check_write+0x14/0x20
>> [ 72.015039] drm_ioctl+0x441/0x660 [drm]
>> [ 72.015129] ? drm_mode_obj_find_prop_id+0xa0/0xa0 [drm]
>> [ 72.015235] ? drm_getstats+0x20/0x20 [drm]
>> [ 72.015287] ? ___might_sleep+0x159/0x340
>> [ 72.015311] ? find_held_lock+0xcf/0xf0
>> [ 72.015341] ? __schedule_bug+0x110/0x110
>> [ 72.015405] do_vfs_ioctl+0xa88/0xb10
>> [ 72.015449] ? ioctl_preallocate+0x1a0/0x1a0
>> [ 72.015487] ? selinux_capable+0x20/0x20
>> [ 72.015525] ? rcu_dynticks_momentary_idle+0x40/0x40
>> [ 72.015607] SyS_ioctl+0x4e/0x80
>> [ 72.015647] entry_SYSCALL_64_fastpath+0x18/0xad
>> [ 72.015670] RIP: 0033:0x7ff74a3d04d7
>> [ 72.015691] RSP: 002b:00007ffc594bec08 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
>> [ 72.015734] RAX: ffffffffffffffda RBX: ffffffff8718f54a RCX: 00007ff74a3d04d7
>> [ 72.015756] RDX: 00007ffc594bec40 RSI: 00000000c01864ba RDI: 0000000000000003
>> [ 72.015777] RBP: ffff880211c0ff98 R08: 0000000000000086 R09: 0000000000000000
>> [ 72.015799] R10: 00007ff74a691b58 R11: 0000000000000246 R12: 0000000000000355
>> [ 72.015821] R13: 00000000ff00eb00 R14: 0000000000000a00 R15: 00007ff746082000
>> [ 72.015857] ? trace_hardirqs_off_caller+0xfa/0x110
>>
>> Signed-off-by: Maarten Lankhorst <maarten.lankhorst at linux.intel.com>
>> ---
>> drivers/gpu/drm/i915/intel_color.c | 6 ++----
>> 1 file changed, 2 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/i915/intel_color.c b/drivers/gpu/drm/i915/intel_color.c
>> index ff9ecd211abb..c53266725eef 100644
>> --- a/drivers/gpu/drm/i915/intel_color.c
>> +++ b/drivers/gpu/drm/i915/intel_color.c
>> @@ -632,12 +632,10 @@ int intel_color_check(struct drm_crtc *crtc,
>> return 0;
>>
>> /*
>> - * We also allow no degamma lut and a gamma lut at the legacy
>> + * We also allow no degamma lut/ctm and a gamma lut at the legacy
>> * size (256 entries).
>> */
>> - if (!crtc_state->degamma_lut &&
>> - crtc_state->gamma_lut &&
>> - crtc_state->gamma_lut->length == LEGACY_LUT_LENGTH)
>> + if (crtc_state_is_legacy(crtc_state))
> crtc_state_is_legacy is a bit a confusing function name imo. I think
> renaming it to crtc_state_is_legacy_gamma would be much clearer. With that
> changed (in the entire file ofc, same patch):
>
> Reviewed-by: Daniel Vetter <daniel.vetter at ffwll.ch>
I've added the appropriate fixes tags too, and pushed. :)
More information about the Intel-gfx
mailing list