Bug 121831

Summary: Several kmemcheck: Caught 64-bit read from uninitialized memory in radeo
Product: Drivers Reporter: Christian Casteyde (casteyde.christian)
Component: Video(DRI - non Intel)Assignee: drivers_video-dri
Status: CLOSED OBSOLETE    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 4.7-rc6 Subsystem:
Regression: No Bisected commit-id:
Attachments: dmesg output

Description Christian Casteyde 2016-07-10 11:35:27 UTC
Created attachment 222631 [details]
dmesg output

Slackware 64 14.1
With kmemcheck activated, I get the following warnings:
[ 1185.586288] WARNING: kmemcheck: Caught 64-bit read from uninitialized memory (ffff8801c2cd5d08)
[ 1185.586292] 000000000000000060f11c81ffffffff68509ab40188ffff0100010001000000
[ 1185.586314]  i i i i i i i i u u u u u u u u u u u u u u u u u u u u u u u u
[ 1185.586335]                  ^
[ 1185.586337] RIP: 0010:[<ffffffff8158521d>]  [<ffffffff8158521d>] fence_signal+0x1d/0xe0
[ 1185.586343] RSP: 0018:ffff8801b560fa20  EFLAGS: 00010282
[ 1185.586345] RAX: 0000000000000003 RBX: ffff8801c2cd5cc0 RCX: 0000000000000002
[ 1185.586346] RDX: 0000000080000002 RSI: ffff8801b5591fa0 RDI: ffff8801c2cd5cc0
[ 1185.586348] RBP: ffff8801b560fa50 R08: 0000000000000000 R09: 0000000000000001
[ 1185.586349] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000003
[ 1185.586350] R13: ffff8801c2cd5cc0 R14: 00000000021ae410 R15: ffff8800a9490000
[ 1185.586352] FS:  00007fe3e0e408c0(0000) GS:ffff8801c7400000(0000) knlGS:0000000000000000
[ 1185.586353] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1185.586355] CR2: ffff8801c7060c90 CR3: 00000001b558d000 CR4: 00000000000406f0
[ 1185.586356]  [<ffffffff8148cb7a>] radeon_fence_signaled+0x4a/0x80
[ 1185.586360]  [<ffffffff814f5cf7>] radeon_sa_bo_free+0x37/0xb0
[ 1185.586364]  [<ffffffff81547f39>] radeon_ib_free+0x29/0x40
[ 1185.586369]  [<ffffffff814a5105>] radeon_cs_parser_fini+0xc5/0x120
[ 1185.586372]  [<ffffffff814a597b>] radeon_cs_ioctl+0x2fb/0x7d0
[ 1185.586374]  [<ffffffff81449dce>] drm_ioctl+0x13e/0x530
[ 1185.586378]  [<ffffffff81471b17>] radeon_drm_ioctl+0x47/0x80
[ 1185.586381]  [<ffffffff811aebce>] do_vfs_ioctl+0x8e/0x670
[ 1185.586384]  [<ffffffff811af1ec>] SyS_ioctl+0x3c/0x70
[ 1185.586386]  [<ffffffff819434a5>] entry_SYSCALL_64_fastpath+0x18/0xa8
[ 1185.586391]  [<ffffffffffffffff>] 0xffffffffffffffff
[ 1197.075973] WARNING: kmemcheck: Caught 64-bit read from uninitialized memory (ffff8800a2cf4ac8)
[ 1197.075977] 0200000000000000ffffffff3f000000ffffffff3f0000000000000000000000
[ 1197.075999]  i i i i i i i i u u u u u u u u u u u u u u u u u u u u u u u u
[ 1197.076019]                  ^
[ 1197.076021] RIP: 0010:[<ffffffff81584fc6>]  [<ffffffff81584fc6>] fence_signal_locked+0x16/0xc0
[ 1197.076028] RSP: 0018:ffff8801c7403d18  EFLAGS: 00010082
[ 1197.076029] RAX: 000000000000001a RBX: ffff8800a2cf4b10 RCX: 0000000000000000
[ 1197.076031] RDX: ffff8800a9490000 RSI: 0000000000000003 RDI: ffff8800a2cf4a80
[ 1197.076032] RBP: ffff8801c7403d48 R08: 0000000000000000 R09: 0000000000000001
[ 1197.076033] R10: 0000000000000000 R11: ffffffff8200b540 R12: ffff8800a2cf4a80
[ 1197.076034] R13: ffff8800a9491ea8 R14: 0000000000000000 R15: 0000000000000003
[ 1197.076036] FS:  0000000000000000(0000) GS:ffff8801c7400000(0000) knlGS:0000000000000000
[ 1197.076038] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1197.076039] CR2: ffff8801c29c016c CR3: 0000000002006000 CR4: 00000000000406f0
[ 1197.076040]  [<ffffffff8148c571>] radeon_fence_check_signaled+0x41/0x80
[ 1197.076044]  [<ffffffff810da49d>] __wake_up_common+0x4d/0x80
[ 1197.076334]  [<ffffffff810da504>] __wake_up+0x34/0x50
[ 1197.076336]  [<ffffffff8148c6c6>] radeon_fence_process+0x26/0x30
[ 1197.076338]  [<ffffffff814e0caa>] evergreen_irq_process+0x92a/0x17e0
[ 1197.076342]  [<ffffffff814a4309>] radeon_driver_irq_handler_kms+0x19/0x40
[ 1197.076345]  [<ffffffff810f15e4>] handle_irq_event_percpu+0x64/0x100
[ 1197.076349]  [<ffffffff810f16b4>] handle_irq_event+0x34/0x60
[ 1197.076352]  [<ffffffff810f466e>] handle_edge_irq+0xbe/0x150
[ 1197.076356]  [<ffffffff810617f8>] handle_irq+0x68/0x180
[ 1197.076360]  [<ffffffff81060ff8>] do_IRQ+0x68/0x130
[ 1197.076362]  [<ffffffff81943e09>] ret_from_intr+0x0/0x19
[ 1197.076367]  [<ffffffff816fec82>] cpuidle_enter+0x12/0x20
[ 1197.076371]  [<ffffffff810db0f5>] call_cpuidle+0x25/0x40
[ 1197.076373]  [<ffffffff810db3c3>] cpu_startup_entry+0x1b3/0x290
[ 1197.076375]  [<ffffffff8193ad5c>] rest_init+0x12c/0x140
[ 1197.076379]  [<ffffffff82299de5>] start_kernel+0x354/0x361
[ 1197.076384]  [<ffffffff822992ae>] x86_64_start_reservations+0x2f/0x31
[ 1197.076387]  [<ffffffff8229939b>] x86_64_start_kernel+0xeb/0xf0
[ 1197.076390]  [<ffffffffffffffff>] 0xffffffffffffffff
[ 1207.836251] WARNING: kmemcheck: Caught 64-bit read from uninitialized memory (ffff8800a2cf4348)
etc.

In gdb:
(gdb) l *0xffffffff8158521d
0xffffffff8158521d is in fence_signal (drivers/dma-buf/fence.c:114).
109             unsigned long flags;
110
111             if (!fence)
112                     return -EINVAL;
113
114             if (!ktime_to_ns(fence->timestamp)) {
115                     fence->timestamp = ktime_get();
116                     smp_mb__before_atomic();
117             }
Comment 1 Michel Dänzer 2016-07-11 09:39:27 UTC
Shouldn't drivers/dma-buf/fence.c:fence_init() fully initialize the struct fence passed in? If not, using kzalloc instead of kmalloc in radeon_fence_emit should probably fix this.
Comment 2 Christian Casteyde 2022-02-17 18:10:55 UTC
Closing as too old and I do not have the hardware anymore to reproduce.