UBSAN: member access within null pointer of type 'struct radeon_fpriv'
Submitted by Paul Menzel
Assigned to Default DRI bug account
Link to original bug (#107302)
Description
Enabling the undefined behavior sanitizer and building GNU/Linux 4.18-rc5+ (with some unrelated commits) with GCC 8.1.0 from Debian Sid/unstable, the three warnings below are shown.
[ 20.554998] ================================================================================
[ 20.555019] UBSAN: Undefined behaviour in drivers/gpu/drm/radeon/radeon_gem.c:148:20
[ 20.555024] member access within null pointer of type 'struct radeon_fpriv'
[ 20.555035] CPU: 1 PID: 284 Comm: Xorg Not tainted 4.18.0-rc5-00316-g4864b68cedf2 #104 (closed)
[ 20.555038] Hardware name: ASROCK E350M1/E350M1, BIOS TIMELESS 01/01/1970
[ 20.555040] Call Trace:
[ 20.555055] dump_stack+0x55/0x89
[ 20.555063] ubsan_epilogue+0xb/0x33
[ 20.555068] handle_null_ptr_deref+0x7f/0x90
[ 20.555075] __ubsan_handle_type_mismatch_v1+0x55/0x60
[ 20.555145] radeon_gem_object_open+0x211/0x2f0 [radeon]
[ 20.555172] ? drm_vma_node_allow+0xcd/0x140 [drm]
[ 20.555232] ? radeon_gem_fini+0x10/0x10 [radeon]
[ 20.555252] drm_gem_handle_create_tail+0xff/0x230 [drm]
[ 20.555274] drm_gem_handle_create+0x3d/0x80 [drm]
[ 20.555332] radeon_gem_create_ioctl+0x99/0x120 [radeon]
[ 20.555390] ? radeon_gem_pwrite_ioctl+0x30/0x30 [radeon]
[ 20.555410] drm_ioctl_kernel+0xb8/0x150 [drm]
[ 20.555431] drm_ioctl+0x299/0x640 [drm]
[ 20.555490] ? radeon_gem_pwrite_ioctl+0x30/0x30 [radeon]
[ 20.555498] ? __pagevec_lru_add_fn+0x15d/0x5d0
[ 20.555503] ? __lru_cache_add+0x100/0x100
[ 20.555510] ? __pm_runtime_resume+0x7d/0xe0
[ 20.555560] radeon_drm_ioctl+0x73/0x160 [radeon]
[ 20.555612] ? radeon_pci_shutdown+0x60/0x60 [radeon]
[ 20.555617] do_vfs_ioctl+0xaf/0x9f0
[ 20.555625] ? __fget_light+0x99/0x110
[ 20.555629] ksys_ioctl+0x60/0x90
[ 20.555633] sys_ioctl+0x16/0x18
[ 20.555639] do_fast_syscall_32+0xce/0x3e0
[ 20.555645] entry_SYSENTER_32+0x4e/0x7c
[ 20.555650] EIP: 0xb7fb4bb5
[ 20.555651] Code: 89 e5 8b 55 08 85 d2 8b 80 5c cd ff ff 74 02 89 02 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 51 52 55 89 e5 0f 34 cd 80 <5d>
5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
[ 20.555722] EAX: ffffffda EBX: 0000000d ECX: c01c645d EDX: bfe8d850
[ 20.555726] ESI: 00000004 EDI: c01c645d EBP: 0000000d ESP: bfe8d798
[ 20.555729] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00200292
[ 20.555734] ================================================================================
[ 20.559092] ================================================================================
[ 20.559112] UBSAN: Undefined behaviour in drivers/gpu/drm/radeon/radeon_cs.c:540:20
[ 20.559117] member access within null pointer of type 'struct radeon_fpriv'
[ 20.559127] CPU: 1 PID: 285 Comm: radeon_cs:0 Not tainted 4.18.0-rc5-00316-g4864b68cedf2 #104 (closed)
[ 20.559129] Hardware name: ASROCK E350M1/E350M1, BIOS TIMELESS 01/01/1970
[ 20.559132] Call Trace:
[ 20.559145] dump_stack+0x55/0x89
[ 20.559152] ubsan_epilogue+0xb/0x33
[ 20.559157] handle_null_ptr_deref+0x7f/0x90
[ 20.559163] __ubsan_handle_type_mismatch_v1+0x55/0x60
[ 20.559236] radeon_cs_ioctl+0xb97/0xbe0 [radeon]
[ 20.559244] ? __cgroup_account_cputime+0x47/0x90
[ 20.559311] ? radeon_cs_parser_init+0x7f0/0x7f0 [radeon]
[ 20.559334] drm_ioctl_kernel+0xb8/0x150 [drm]
[ 20.559355] drm_ioctl+0x299/0x640 [drm]
[ 20.559414] ? radeon_cs_parser_init+0x7f0/0x7f0 [radeon]
[ 20.559426] ? __pm_runtime_resume+0x7d/0xe0
[ 20.559475] radeon_drm_ioctl+0x73/0x160 [radeon]
[ 20.559526] ? radeon_pci_shutdown+0x60/0x60 [radeon]
[ 20.559531] do_vfs_ioctl+0xaf/0x9f0
[ 20.559538] ? strlcpy+0x1d/0xc0
[ 20.559544] ? __fget_light+0x99/0x110
[ 20.559547] ksys_ioctl+0x60/0x90
[ 20.559552] sys_ioctl+0x16/0x18
[ 20.559557] do_fast_syscall_32+0xce/0x3e0
[ 20.559563] entry_SYSENTER_32+0x4e/0x7c
[ 20.559568] EIP: 0xb7fb4bb5
[ 20.559569] Code: 89 e5 8b 55 08 85 d2 8b 80 5c cd ff ff 74 02 89 02 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 51 52 55 89 e5 0f 34 cd 80 <5d>
5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
[ 20.559641] EAX: ffffffda EBX: 0000000d ECX: c0206466 EDX: b174a044
[ 20.559644] ESI: b173a040 EDI: c0206466 EBP: 0000000d ESP: b1fd3008
[ 20.559648] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00200292
[ 20.559652] ================================================================================
[ 21.842145] ================================================================================
[ 21.842171] UBSAN: Undefined behaviour in drivers/gpu/drm/radeon/radeon_gem.c:179:20
[ 21.842179] member access within null pointer of type 'struct radeon_fpriv'
[ 21.842196] CPU: 1 PID: 284 Comm: Xorg Not tainted 4.18.0-rc5-00316-g4864b68cedf2 #104 (closed)
[ 21.842200] Hardware name: ASROCK E350M1/E350M1, BIOS TIMELESS 01/01/1970
[ 21.842204] Call Trace:
[ 21.842231] dump_stack+0x55/0x89
[ 21.842242] ubsan_epilogue+0xb/0x33
[ 21.842250] handle_null_ptr_deref+0x7f/0x90
[ 21.842262] __ubsan_handle_type_mismatch_v1+0x55/0x60
[ 21.842367] radeon_gem_object_close+0x232/0x310 [radeon]
[ 21.842406] drm_gem_object_release_handle+0x48/0x110 [drm]
[ 21.842439] drm_gem_handle_delete+0x5f/0xc0 [drm]
[ 21.842472] ? drm_gem_handle_create+0x80/0x80 [drm]
[ 21.842503] drm_gem_close_ioctl+0x36/0x90 [drm]
[ 21.842536] drm_ioctl_kernel+0xb8/0x150 [drm]
[ 21.842570] drm_ioctl+0x299/0x640 [drm]
[ 21.842604] ? drm_gem_handle_create+0x80/0x80 [drm]
[ 21.842615] ? __switch_to_asm+0x33/0x4c
[ 21.842620] ? __switch_to_asm+0x27/0x4c
[ 21.842625] ? __switch_to_asm+0x33/0x4c
[ 21.842630] ? __switch_to_asm+0x27/0x4c
[ 21.842635] ? __switch_to_asm+0x33/0x4c
[ 21.842640] ? __switch_to_asm+0x27/0x4c
[ 21.842652] ? __pm_runtime_resume+0x7d/0xe0
[ 21.842733] radeon_drm_ioctl+0x73/0x160 [radeon]
[ 21.842815] ? radeon_pci_shutdown+0x60/0x60 [radeon]
[ 21.842823] do_vfs_ioctl+0xaf/0x9f0
[ 21.842831] ? remove_vma+0x45/0x60
[ 21.842836] ? remove_vma+0x45/0x60
[ 21.842844] ? do_munmap+0x18b/0x4d0
[ 21.842852] ? __fget_light+0x99/0x110
[ 21.842859] ksys_ioctl+0x60/0x90
[ 21.842866] sys_ioctl+0x16/0x18
[ 21.842874] do_fast_syscall_32+0xce/0x3e0
[ 21.842881] entry_SYSENTER_32+0x4e/0x7c
[ 21.842888] EIP: 0xb7fb4bb5
[ 21.842891] Code: 89 e5 8b 55 08 85 d2 8b 80 5c cd ff ff 74 02 89 02 5d c3 8b 04 24 c3 8b 1c 24 c3 8b 3c 24 c3 90 90 51 52 55 89 e5 0f 34 cd 80 <5d>
5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76
[ 21.843006] EAX: ffffffda EBX: 0000000d ECX: 40086409 EDX: bfe8dfbc
[ 21.843011] ESI: 01004300 EDI: 40086409 EBP: 0000000d ESP: bfe8df28
[ 21.843017] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000292
[ 21.843024] ================================================================================