[Intel-gfx] [PATCH 1/4] Klock work Fix for NULL dereferencing in i915_gem_ttm.c
Matthew Auld
matthew.william.auld at gmail.com
Thu Jul 1 09:39:50 UTC 2021
On Mon, 28 Jun 2021 at 15:49, Bommu Krishnaiah
<krishnaiah.bommu at intel.com> wrote:
>
> Signed-off-by: Bommu Krishnaiah <krishnaiah.bommu at intel.com>
> Cc: Maarten Lankhorst <maarten.lankhorst at linux.intel.com>
> ---
> drivers/gpu/drm/i915/gem/i915_gem_ttm.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_ttm.c b/drivers/gpu/drm/i915/gem/i915_gem_ttm.c
> index c39d982c4fa66..97093a9bfccc2 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_ttm.c
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_ttm.c
> @@ -590,6 +590,7 @@ static unsigned long i915_ttm_io_mem_pfn(struct ttm_buffer_object *bo,
> GEM_WARN_ON(bo->ttm);
>
> sg = __i915_gem_object_get_sg(obj, &obj->ttm.get_io_page, page_offset, &ofs, true, true);
> + GEM_BUG_ON(!sg);
Is there some analysis for how this could happen? The commit message
should ideally have something like that. It looks like we already have
a GEM_BUG_ON(!sg) for the lookup case, and in the event of doing the
manual walk we already dereference the sg, so not seeing it.
>
> return ((base + sg_dma_address(sg)) >> PAGE_SHIFT) + ofs;
> }
> --
> 2.25.1
>
> _______________________________________________
> Intel-gfx mailing list
> Intel-gfx at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/intel-gfx
More information about the Intel-gfx
mailing list