From patchwork Sat Sep 19 18:26:22 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Torokhov X-Patchwork-Id: 7224331 Return-Path: X-Original-To: patchwork-linux-input@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id A7AE7BEEC1 for ; Sat, 19 Sep 2015 18:26:34 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id ACCA820721 for ; Sat, 19 Sep 2015 18:26:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id AC3C6206E1 for ; Sat, 19 Sep 2015 18:26:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753481AbbISS0a (ORCPT ); Sat, 19 Sep 2015 14:26:30 -0400 Received: from mail-pa0-f52.google.com ([209.85.220.52]:33013 "EHLO mail-pa0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753234AbbISS00 (ORCPT ); Sat, 19 Sep 2015 14:26:26 -0400 Received: by pacex6 with SMTP id ex6so78894804pac.0 for ; Sat, 19 Sep 2015 11:26:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=4/F56bnot87cISOsR2eAiwk85CtP7M+6d8ILOPKhmUk=; b=oIZVdximPlV0toZzyPSpv4EGYNeeQZH/Vhrtsmd+oYtZUQeIGQkIw30GWWRoHN1Zhb VyfqRWlQJYUdIKKyBKRf5uOSWZv/0dps9zXNEX7LppVqk0oh/SE/KYJqCtzzav4opvnf BUtzUYzhpEv/hnYHyoDfso3cSoENv3CQJ/fTZpEDVv2GtPmtwURkd2cyYOt7cob/6w35 MmutRHHO/SV2cU7qUe4VdoDZmkfjR9bz4BEKGag2ry8v7owR3Zfjpb+FsJqQhIBMO8RF dMcOQS+R+X54oazymJxO9TkSrIGwMvTkVFG+XD7Gsd/y+mu4MEWfG3+ablbf+TUznM82 eoSw== X-Received: by 10.66.218.135 with SMTP id pg7mr14391643pac.141.1442687185965; Sat, 19 Sep 2015 11:26:25 -0700 (PDT) Received: from dtor-ws ([2620:0:1000:1301:49a8:b934:2faf:9e7c]) by smtp.gmail.com with ESMTPSA id fa14sm15718391pac.8.2015.09.19.11.26.24 (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Sat, 19 Sep 2015 11:26:24 -0700 (PDT) Date: Sat, 19 Sep 2015 11:26:22 -0700 From: Dmitry Torokhov To: Stephen Chandler Paul Cc: aksgarg1989@gmail.com, "linux-input@vger.kernel.org" Subject: Re: [PATCH] Input: Use for_each_set_bit where appropriate Message-ID: <20150919182622.GF7081@dtor-ws> References: <1436378929-65748-1-git-send-email-aksgarg1989@gmail.com> <1442520167.3355.13.camel@redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1442520167.3355.13.camel@redhat.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-input-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-input@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Thu, Sep 17, 2015 at 04:02:47PM -0400, Stephen Chandler Paul wrote: > Hi! The currently upstream version of this patch actually breaks > uinput, and causes the kernel to panic when attempting to run it under > qemu using spice. Here's a backtrace from kdb: > > Stack traceback for pid 656 > 0xffff8800babed480 656 1 1 2 R 0xffff8800babefa80 *spice-vdagentd > ffff88013747bd58 0000000000000018 ffff88013747bd80 ffff8800b7977000 > 0000000000000003 0000000000000001 0000000000000001 ffff8800b7977240 > ffff88013747bdc0 ffffffff8163f449 0000000000000286 0000000000000018 > Call Trace: > [] ? input_event+0x59/0x80 > [] ? uinput_write+0x154/0x460 [uinput] > [] ? port_fops_read+0xfd/0x1f0 [virtio_console] > [] ? __vfs_write+0x37/0x100 > [] ? vfs_write+0xa9/0x1a0 > [] ? __fget_light+0x66/0x90 > [] ? SyS_write+0x58/0xd0 > [] ? entry_SYSCALL_64_fastpath+0x12/0x76 > > And the relevant messages from dmesg: > > <1>[ 15.064330] BUG: unable to handle kernel NULL pointer dereference at 0000000000000024 > <1>[ 15.064336] IP: [] input_handle_event+0x232/0x4e0 > <4>[ 15.064343] PGD 0 > <4>[ 15.064345] Oops: 0000 [#1] SMP > > The steps for reproducing this are pretty simple: setup a Fedora 22 VM, > build the latest kernel and install it with make install, and try to > boot the machine and use it over spice with qemu. After moving the > cursor it'll run into a NULL dereference and panic. > > I've tested reverting this commit, and that fixes the NULL dereference > completely. I'm willing to git send-email you the revert if wish. *sigh* Sorry about that, the 2nd chunk of the change was completely bogus. Does the patch below fixes this for you? Thanks. diff --git a/drivers/input/misc/uinput.c b/drivers/input/misc/uinput.c index 345df9b..5adbced 100644 --- a/drivers/input/misc/uinput.c +++ b/drivers/input/misc/uinput.c @@ -414,7 +414,7 @@ static int uinput_setup_device(struct uinput_device *udev, dev->id.product = user_dev->id.product; dev->id.version = user_dev->id.version; - for_each_set_bit(i, dev->absbit, ABS_CNT) { + for (i = 0; i < ABS_CNT; i++) { input_abs_set_max(dev, i, user_dev->absmax[i]); input_abs_set_min(dev, i, user_dev->absmin[i]); input_abs_set_fuzz(dev, i, user_dev->absfuzz[i]);