mirror of https://github.com/torvalds/linux.git
1a799c4c19
If kfd_process_device_init_vm returns failure after vm is converted to compute vm and vm->pasid set to compute pasid, KFD will not take pdd->drm_file reference. As a result, drm close file handler maybe called to release the compute pasid before KFD process destroy worker to release the same pasid and set vm->pasid to zero, this generates below WARNING backtrace and NULL pointer access. Add helper amdgpu_amdkfd_gpuvm_set_vm_pasid and call it at the last step of kfd_process_device_init_vm, to ensure vm pasid is the original pasid if acquiring vm failed or is the compute pasid with pdd->drm_file reference taken to avoid double release same pasid. amdgpu: Failed to create process VM object ida_free called for id=32770 which is not allocated. WARNING: CPU: 57 PID: 72542 at ../lib/idr.c:522 ida_free+0x96/0x140 RIP: 0010:ida_free+0x96/0x140 Call Trace: amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu] amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu] drm_file_free.part.13+0x216/0x270 [drm] drm_close_helper.isra.14+0x60/0x70 [drm] drm_release+0x6e/0xf0 [drm] __fput+0xcc/0x280 ____fput+0xe/0x20 task_work_run+0x96/0xc0 do_exit+0x3d0/0xc10 BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: 0010:ida_free+0x76/0x140 Call Trace: amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu] amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu] drm_file_free.part.13+0x216/0x270 [drm] drm_close_helper.isra.14+0x60/0x70 [drm] drm_release+0x6e/0xf0 [drm] __fput+0xcc/0x280 ____fput+0xe/0x20 task_work_run+0x96/0xc0 do_exit+0x3d0/0xc10 Signed-off-by: Philip Yang <Philip.Yang@amd.com> Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com> Signed-off-by: Alex Deucher <alexander.deucher@amd.com> |
||
|---|---|---|
| .. | ||
| Kconfig | ||
| Makefile | ||
| cik_event_interrupt.c | ||
| cik_int.h | ||
| cik_regs.h | ||
| cwsr_trap_handler.h | ||
| cwsr_trap_handler_gfx8.asm | ||
| cwsr_trap_handler_gfx9.asm | ||
| cwsr_trap_handler_gfx10.asm | ||
| kfd_chardev.c | ||
| kfd_crat.c | ||
| kfd_crat.h | ||
| kfd_debugfs.c | ||
| kfd_device.c | ||
| kfd_device_queue_manager.c | ||
| kfd_device_queue_manager.h | ||
| kfd_device_queue_manager_cik.c | ||
| kfd_device_queue_manager_v9.c | ||
| kfd_device_queue_manager_v10.c | ||
| kfd_device_queue_manager_v11.c | ||
| kfd_device_queue_manager_vi.c | ||
| kfd_doorbell.c | ||
| kfd_events.c | ||
| kfd_events.h | ||
| kfd_flat_memory.c | ||
| kfd_int_process_v9.c | ||
| kfd_int_process_v11.c | ||
| kfd_interrupt.c | ||
| kfd_iommu.c | ||
| kfd_iommu.h | ||
| kfd_kernel_queue.c | ||
| kfd_kernel_queue.h | ||
| kfd_migrate.c | ||
| kfd_migrate.h | ||
| kfd_module.c | ||
| kfd_mqd_manager.c | ||
| kfd_mqd_manager.h | ||
| kfd_mqd_manager_cik.c | ||
| kfd_mqd_manager_v9.c | ||
| kfd_mqd_manager_v10.c | ||
| kfd_mqd_manager_v11.c | ||
| kfd_mqd_manager_vi.c | ||
| kfd_packet_manager.c | ||
| kfd_packet_manager_v9.c | ||
| kfd_packet_manager_vi.c | ||
| kfd_pasid.c | ||
| kfd_pm4_headers.h | ||
| kfd_pm4_headers_ai.h | ||
| kfd_pm4_headers_aldebaran.h | ||
| kfd_pm4_headers_vi.h | ||
| kfd_pm4_opcodes.h | ||
| kfd_priv.h | ||
| kfd_process.c | ||
| kfd_process_queue_manager.c | ||
| kfd_queue.c | ||
| kfd_smi_events.c | ||
| kfd_smi_events.h | ||
| kfd_svm.c | ||
| kfd_svm.h | ||
| kfd_topology.c | ||
| kfd_topology.h | ||
| soc15_int.h | ||