[Nouveau] [PATCH] fifo/nv04: avoid ramht race against cookie insertion
Ilia Mirkin
imirkin at alum.mit.edu
Wed Sep 28 00:03:53 UTC 2016
On Fri, Sep 9, 2016 at 10:34 PM, Ilia Mirkin <imirkin at alum.mit.edu> wrote:
> Signed-off-by: Ilia Mirkin <imirkin at alum.mit.edu>
> Cc: stable at vger.kernel.org
Ian mentioned that he tested this out on IRC:
#dri-devel: <idr> imirkin: Your patch to the nouveau kernel module
fixes the oops that I encountered. Consider that a Tested-by.
So you can probably throw in a
Tested-by: Ian Romanick <idr at freedesktop.org>
> ---
>
> Ian Romanick reported a kernel crash that implicated this path in a null
> pointer jump, which means that one of the function pointers had been nulled
> out. Not sure if a race there would explain it, but maybe.
>
> There is also questionable ramht usage in channv50 and various disp code. If
> you think this is a good idea, those should probably be fixed up as well.
>
> drm/nouveau/nvkm/engine/fifo/dmanv04.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drm/nouveau/nvkm/engine/fifo/dmanv04.c b/drm/nouveau/nvkm/engine/fifo/dmanv04.c
> index edec30f..0a7b6ed 100644
> --- a/drm/nouveau/nvkm/engine/fifo/dmanv04.c
> +++ b/drm/nouveau/nvkm/engine/fifo/dmanv04.c
> @@ -37,7 +37,10 @@ nv04_fifo_dma_object_dtor(struct nvkm_fifo_chan *base, int cookie)
> {
> struct nv04_fifo_chan *chan = nv04_fifo_chan(base);
> struct nvkm_instmem *imem = chan->fifo->base.engine.subdev.device->imem;
> +
> + mutex_lock(&chan->fifo->base.engine.subdev.mutex);
> nvkm_ramht_remove(imem->ramht, cookie);
> + mutex_unlock(&chan->fifo->base.engine.subdev.mutex);
> }
>
> static int
> --
> 2.7.3
>
More information about the Nouveau
mailing list