Mhm, looks like that somehow got dropped during rebase. Going to dig up where that actually ended up tomorrow.
Christian. Am 05.06.19 um 16:44 schrieb Liu, Monk: > Strange, I get the latest "drm-next" branch and didn't see the change landed > .... > > /Monk > > -----Original Message----- > From: Koenig, Christian > Sent: Wednesday, June 5, 2019 7:11 PM > To: Liu, Monk <[email protected]>; [email protected] > Subject: Re: FW: [PATCH] drm/ttm: fix ttm client driver (e.g. amdgpu) reload > issue > > This should already be fixed by patch "drm/ttm: fix re-init of global > structures". > > Christian. > > Am 05.06.19 um 09:29 schrieb Liu, Monk: >> -----Original Message----- >> From: Monk Liu <[email protected]> >> Sent: Wednesday, June 5, 2019 2:45 PM >> To: [email protected] >> Cc: Liu, Monk <[email protected]> >> Subject: [PATCH] drm/ttm: fix ttm client driver (e.g. amdgpu) reload >> issue >> >> need to clear bo glob and mem glob during their release otherwise their >> member value would be wrongly used in the next glob init stage and lead to >> wild pointer access problems: >> >> 1) kobj.state_initialized is 1 >> 2) ttm_bo_glob.bo_count isn't cleared and referenced via it >> on member "swap_lru" would hit out of bound array accessing >> bug >> >> Signed-off-by: Monk Liu <[email protected]> >> --- >> drivers/gpu/drm/ttm/ttm_bo.c | 2 ++ >> drivers/gpu/drm/ttm/ttm_memory.c | 8 ++++++++ >> 2 files changed, 10 insertions(+) >> >> diff --git a/drivers/gpu/drm/ttm/ttm_bo.c >> b/drivers/gpu/drm/ttm/ttm_bo.c index c7de667..6434eac 100644 >> --- a/drivers/gpu/drm/ttm/ttm_bo.c >> +++ b/drivers/gpu/drm/ttm/ttm_bo.c >> @@ -1604,6 +1604,8 @@ static void ttm_bo_global_kobj_release(struct kobject >> *kobj) >> container_of(kobj, struct ttm_bo_global, kobj); >> >> __free_page(glob->dummy_read_page); >> + >> + memset(glob, 0, sizeof(*glob)); >> } >> >> static void ttm_bo_global_release(void) diff --git >> a/drivers/gpu/drm/ttm/ttm_memory.c b/drivers/gpu/drm/ttm/ttm_memory.c >> index 8617958..7128bbf 100644 >> --- a/drivers/gpu/drm/ttm/ttm_memory.c >> +++ b/drivers/gpu/drm/ttm/ttm_memory.c >> @@ -229,9 +229,17 @@ static const struct sysfs_ops ttm_mem_global_ops = { >> .store = &ttm_mem_global_store, >> }; >> >> +void ttm_mem_glob_kobj_release(struct kobject *kobj) { >> + struct ttm_mem_global *glob = container_of(kobj, struct >> +ttm_mem_global, kobj); >> + >> + memset(glob, 0, sizeof(*glob)); >> +} >> + >> static struct kobj_type ttm_mem_glob_kobj_type = { >> .sysfs_ops = &ttm_mem_global_ops, >> .default_attrs = ttm_mem_global_attrs, >> + .release = ttm_mem_glob_kobj_release, >> }; >> >> static bool ttm_zones_above_swap_target(struct ttm_mem_global *glob, >> -- >> 2.7.4 >> _______________________________________________ amd-gfx mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/amd-gfx
