Replace a BUG_ON with an error code in the event that the inode mapping
changes between calls to drm_open. This may happen for instance if udev
is loaded subsequent to the original opening of the device:
[ 644.291870] kernel BUG at drivers/gpu/drm/drm_fops.c:146!
[ 644.291876] invalid opcode: 0000 [#1] SMP
[ 644.291882] last sysfs file: /sys/kernel/uevent_seqnum
[ 644.291888]
[ 644.291895] Pid: 7276, comm: lt-cairo-test-s Not tainted 2.6.34-rc1 #2 N150/N210/N220 /N150/N210/N220
[ 644.291903] EIP: 0060:[<
c11c70e3>] EFLAGS:
00210283 CPU: 0
[ 644.291912] EIP is at drm_open+0x4b1/0x4e2
[ 644.291918] EAX:
f72d8d18 EBX:
f790a400 ECX:
f73176b8 EDX:
00000000
[ 644.291923] ESI:
f790a414 EDI:
f790a414 EBP:
f647ae20 ESP:
f647adfc
[ 644.291929] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 644.291937] Process lt-cairo-test-s (pid: 7276, ti=
f647a000 task=
f73f5c80 task.ti=
f647a000)
[ 644.291941] Stack:
[ 644.291945]
00000000 f7bb7400 00000080 f6451100 f73176b8 f6479214 f6451100 f73176b8
[ 644.291957] <0>
c1297ce0 f647ae34 c11c6c04 f73176b8 f7949800 00000000 f647ae54 c1080ac5
[ 644.291969] <0>
f7949800 f6451100 00000000 f6451100 f73176b8 f6452780 f647ae70 c107d1e6
[ 644.291982] Call Trace:
[ 644.291991] [<
c11c6c04>] ? drm_stub_open+0x8a/0xb8
[ 644.292000] [<
c1080ac5>] ? chrdev_open+0xef/0x106
[ 644.292008] [<
c107d1e6>] ? __dentry_open+0xd4/0x1a6
[ 644.292015] [<
c107d35b>] ? nameidata_to_filp+0x31/0x45
[ 644.292022] [<
c10809d6>] ? chrdev_open+0x0/0x106
[ 644.292030] [<
c10864e2>] ? do_last+0x346/0x423
[ 644.292037] [<
c108789f>] ? do_filp_open+0x190/0x415
[ 644.292046] [<
c1071eb5>] ? handle_mm_fault+0x214/0x710
[ 644.292053] [<
c107d008>] ? do_sys_open+0x4d/0xe9
[ 644.292061] [<
c1016462>] ? do_page_fault+0x211/0x23f
[ 644.292068] [<
c107d0f0>] ? sys_open+0x23/0x2b
[ 644.292075] [<
c1002650>] ? sysenter_do_call+0x12/0x26
[ 644.292079] Code: 89 f0 89 55 dc e8 8d 96 0a 00 8b 45 e0 8b 55 dc 83 78 04 01 75 28 8b 83 18 02 00 00 85 c0 74 0f 8b 4d ec 3b 81 ac 00 00 00 74 13 <0f> 0b eb fe 8b 4d ec 8b 81 ac 00 00 00 89 83 18 02 00 00 89 f0
[ 644.292143] EIP: [<
c11c70e3>] drm_open+0x4b1/0x4e2 SS:ESP 0068:
f647adfc
[ 644.292175] ---[ end trace
2ddd476af89a60fa ]---
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: stable@kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
spin_unlock(&dev->count_lock);
}
out:
- mutex_lock(&dev->struct_mutex);
- if (minor->type == DRM_MINOR_LEGACY) {
- BUG_ON((dev->dev_mapping != NULL) &&
- (dev->dev_mapping != inode->i_mapping));
- if (dev->dev_mapping == NULL)
- dev->dev_mapping = inode->i_mapping;
+ if (!retcode) {
+ mutex_lock(&dev->struct_mutex);
+ if (minor->type == DRM_MINOR_LEGACY) {
+ if (dev->dev_mapping == NULL)
+ dev->dev_mapping = inode->i_mapping;
+ else if (dev->dev_mapping != inode->i_mapping)
+ retcode = -ENODEV;
+ }
+ mutex_unlock(&dev->struct_mutex);
}
- mutex_unlock(&dev->struct_mutex);
return retcode;
}