• Matthew Brost's avatar
    drm/xe: Ensure VMA not userptr before calling xe_bo_is_stolen · 60694edf
    Matthew Brost authored
    Fix the below splat:
    
    [  142.510525] [IGT] xe_exec_basic: starting subtest once-userptr
    [  142.511339] BUG: kernel NULL pointer dereference, address: 0000000000000228
    [  142.518311] #PF: supervisor read access in kernel mode
    [  142.523458] #PF: error_code(0x0000) - not-present page
    [  142.528604] PGD 0 P4D 0
    [  142.531153] Oops: 0000 [#1] PREEMPT SMP NOPTI
    [  142.535518] CPU: 4 PID: 1199 Comm: kworker/u16:8 Not tainted 6.1.0-rc1-xe+ #1
    [  142.542656] Hardware name: Intel Corporation Tiger Lake Client Platform/TigerLake U DDR4 SODIMM RVP, BIOS TGLSFWI1.R00.3243.A01.2006102133 06/10/2020
    [  142.556033] Workqueue: events_unbound async_op_work_func [xe]
    [  142.561810] RIP: 0010:xe_bo_is_stolen+0x0/0x20 [xe]
    [  142.566709] Code: 20 c8 75 05 83 fa 07 74 05 c3 cc cc cc cc 48 8b 87 08 02 00 00 0f b6 80 2c ff ff ff c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 87 28 02 00 00 83 78 10 07 0f 94 c0 c3 cc cc cc cc 66 66 2e
    [  142.585447] RSP: 0018:ffffc900019eb888 EFLAGS: 00010246
    [  142.590678] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff88813f6a2108
    [  142.597821] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
    [  142.604962] RBP: ffffc900019ebbc0 R08: 0000000000000001 R09: 0000000000000000
    [  142.612101] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88814107d600
    [  142.619242] R13: ffffc900019eba20 R14: ffff888140442000 R15: 0000000000000000
    [  142.626378] FS:  0000000000000000(0000) GS:ffff88849fa00000(0000) knlGS:0000000000000000
    [  142.634468] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    [  142.640219] CR2: 0000000000000228 CR3: 000000010a4c0006 CR4: 0000000000770ee0
    [  142.647361] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    [  142.654505] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
    [  142.661639] PKRU: 55555554
    [  142.664367] Call Trace:
    [  142.666830]  <TASK>
    [  142.668947]  __xe_pt_bind_vma+0x1a1/0xa50 [xe]
    [  142.673417]  ? unwind_next_frame+0x187/0x770
    [  142.677699]  ? __thaw_task+0xc0/0xc0
    [  142.681293]  ? __lock_acquire+0x5e4/0x26e0
    [  142.685409]  ? lockdep_hardirqs_on+0xbf/0x140
    [  142.689779]  ? lock_acquire+0xd2/0x310
    [  142.693548]  ? mark_held_locks+0x49/0x80
    [  142.697485]  ? xe_vm_bind_vma+0xf1/0x3d0 [xe]
    [  142.701866]  xe_vm_bind_vma+0xf1/0x3d0 [xe]
    [  142.706082]  xe_vm_bind+0x76/0x140 [xe]
    [  142.709944]  vm_bind_ioctl+0x26f/0xb40 [xe]
    [  142.714161]  ? async_op_work_func+0x20c/0x450 [xe]
    [  142.718974]  async_op_work_func+0x20c/0x450 [xe]
    [  142.723620]  process_one_work+0x263/0x580
    [  142.727645]  ? process_one_work+0x580/0x580
    [  142.731839]  worker_thread+0x4d/0x3b0
    [  142.735518]  ? process_one_work+0x580/0x580
    [  142.739714]  kthread+0xeb/0x120
    [  142.742872]  ? kthread_complete_and_exit+0x20/0x20
    [  142.747671]  ret_from_fork+0x1f/0x30
    [  142.751264]  </TASK>
    Signed-off-by: default avatarMatthew Brost <matthew.brost@intel.com>
    Signed-off-by: default avatarRodrigo Vivi <rodrigo.vivi@intel.com>
    Reviewed-by: default avatarRodrigo Vivi <rodrigo.vivi@intel.com>
    60694edf
xe_pt.c 43.1 KB