[Intel-gfx] [PATCH] drm/i915: Clean the request structure on alloc
John Harrison
John.C.Harrison at Intel.com
Fri Dec 5 10:02:35 PST 2014
But yes, the reasoning why it crashes without the zero fill is correct.
Dodgy context pointers that used to be ignored now get processed. Doing
the zero fill keeps it all sane.
On 05/12/2014 17:54, John Harrison wrote:
> This is already part of the seqno/request patch series and has been
> right from the start. See email 'drm/i915: Zero fill the request
> structure'.
>
> On 05/12/2014 17:54, Mika Kuoppala wrote:
>> Otherwise we might end up referencing uninitialized fields.
>> This is apparent when we try to cleanup the preallocated request
>> on ring reset, before any request has been submitted to the ring.
>> The request->ctx is foobar and we end up freeing the foobarness.
>>
>> References: https://bugs.freedesktop.org/show_bug.cgi?id=86959
>> References: https://bugs.freedesktop.org/show_bug.cgi?id=86962
>> References: https://bugs.freedesktop.org/show_bug.cgi?id=86992
>> Cc: John Harrison <John.C.Harrison at Intel.com>
>> Signed-off-by: Mika Kuoppala <mika.kuoppala at intel.com>
>> ---
>> drivers/gpu/drm/i915/intel_ringbuffer.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/gpu/drm/i915/intel_ringbuffer.c
>> b/drivers/gpu/drm/i915/intel_ringbuffer.c
>> index 79b4ca5..2c6c6f8 100644
>> --- a/drivers/gpu/drm/i915/intel_ringbuffer.c
>> +++ b/drivers/gpu/drm/i915/intel_ringbuffer.c
>> @@ -2030,7 +2030,7 @@ intel_ring_alloc_request(struct intel_engine_cs
>> *ring)
>> if (ring->outstanding_lazy_request)
>> return 0;
>> - request = kmalloc(sizeof(*request), GFP_KERNEL);
>> + request = kzalloc(sizeof(*request), GFP_KERNEL);
>> if (request == NULL)
>> return -ENOMEM;
>
More information about the Intel-gfx
mailing list