[PATCH] drm/i915/gvt: fix crash at function release_shadow_wa_ctx

changbin.du at intel.com changbin.du at intel.com
Thu Feb 9 08:50:15 UTC 2017


From: Changbin Du <changbin.du at intel.com>

In function dispatch_workload(), if it fail before calling
intel_gvt_scan_and_shadow_wa_ctx(), the indirect ctx will
not be shadowed so no cleaup need. wa_ctx->indirect_ctx.obj
indicate whether indirect_ctx is shadowed. The obj is null
if it is unshadowed.

BUG: unable to handle kernel NULL pointer dereference at
00000000000001a0
IP: complete_execlist_workload+0x2c9/0x3e0 [i915]
Oops: 0002 [#1] SMP
task: ffff939546d2d880 task.stack: ffffbd9b82ac4000
RIP: 0010:complete_execlist_workload+0x2c9/0x3e0 [i915]
RSP: 0018:ffffbd9b82ac7dd8 EFLAGS: 00010202
RAX: 0000000000000000 RBX: ffff9393c725b540 RCX: 0000000000000006
RDX: 0000000000000007 RSI: 0000000000000202 RDI: ffff939559c8dd00
RBP: ffffbd9b82ac7e18 R08: 0000000000000001 R09: 000000000120dd8f
R10: 0000000000000000 R11: 000000000120dd8f R12: ffff9393c725b540
R13: ffff9393c725b618 R14: ffffbd9b81f0d000 R15: ffff939520e0e000
FS:  0000000000000000(0000) GS:ffff939559c80000(0000)
knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000001a0 CR3: 000000043d664000 CR4: 00000000003426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 workload_thread+0x312/0xd70 [i915]
 ? __wake_up_sync+0x20/0x20
 ? wake_atomic_t_function+0x60/0x60
 kthread+0x101/0x140

Signed-off-by: Changbin Du <changbin.du at intel.com>
---
 drivers/gpu/drm/i915/gvt/execlist.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/i915/gvt/execlist.c b/drivers/gpu/drm/i915/gvt/execlist.c
index 3408373..46eb9fd 100644
--- a/drivers/gpu/drm/i915/gvt/execlist.c
+++ b/drivers/gpu/drm/i915/gvt/execlist.c
@@ -487,7 +487,7 @@ static void release_shadow_batch_buffer(struct intel_vgpu_workload *workload)
 
 static void release_shadow_wa_ctx(struct intel_shadow_wa_ctx *wa_ctx)
 {
-	if (wa_ctx->indirect_ctx.size == 0)
+	if (!wa_ctx->indirect_ctx.obj)
 		return;
 
 	i915_gem_object_unpin_map(wa_ctx->indirect_ctx.obj);
-- 
2.7.4



More information about the intel-gvt-dev mailing list