Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

drm/amdgpu: add job->pasid in check as amdgpu_job could be NULL

In below stack job->pasid is accessed while job is NULL. Access it
within the check when job is non NULL.

Failure call stack.
[ 222.653622] BUG: kernel NULL pointer dereference, address: 000000000000014c
[ 222.653625] #PF: supervisor read access in kernel mode
[ 222.653628] #PF: error_code(0x0000) - not-present page
[ 222.653630] PGD 0 P4D 0
[ 222.653635] Oops: Oops: 0000 [#1] SMP NOPTI
[ 222.653639] CPU: 1 UID: 0 PID: 12 Comm: kworker/u96:0 Not tainted 6.19.0-amd-staging-drm-next #271 PREEMPT(voluntary)
[ 222.653644] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS ELITE/X570 AORUS ELITE, BIOS F37c 05/12/2022
[ 222.653646] Workqueue: amdgpu-reset-dev amdgpu_userq_reset_work [amdgpu]
[ 222.653961] RIP: 0010:amdgpu_coredump+0x8b/0x470 [amdgpu]
[ 222.654158] Code: 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 c9 31 ff 31 d2 31 f6 45 31 c0 45 31 db e9 8c a9 1a e2 88 58 48 44 88 68 49 <41> 8b b7 4c 01 00 00 89 b0 80 00 00 00 4d 85 ff 48 89 45 d0 0f 84
[ 222.654161] RSP: 0018:ffffce68c0147c00 EFLAGS: 00010282
[ 222.654165] RAX: ffff8bc337407740 RBX: 0000000000000000 RCX: 0000000000000000
[ 222.654167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 222.654170] RBP: ffffce68c0147c48 R08: 0000000000000000 R09: 0000000000000000
[ 222.654172] R10: ffff8bc337407740 R11: ffffffffc10dda10 R12: ffff8bc2d2e00000
[ 222.654174] R13: 0000000000000001 R14: ffff8bc2d2e5b368 R15: 0000000000000000
[ 222.654176] FS: 0000000000000000(0000) GS:ffff8bc64a5fe000(0000) knlGS:0000000000000000
[ 222.654179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 222.654182] CR2: 000000000000014c CR3: 0000000135eca000 CR4: 0000000000350ef0
[ 222.654184] Call Trace:
[ 222.654187] <TASK>
[ 222.654190] ? amdgpu_ip_block_resume+0x28/0x70 [amdgpu]
[ 222.654376] ? srso_return_thunk+0x5/0x5f
[ 222.654382] amdgpu_device_reinit_after_reset+0x184/0x320 [amdgpu]
[ 222.654552] amdgpu_do_asic_reset+0x129/0x160 [amdgpu]
[ 222.654720] amdgpu_device_asic_reset+0x92/0x710 [amdgpu]
[ 222.654890] amdgpu_device_gpu_recover+0x2ae/0x3d0 [amdgpu]
[ 222.655060] amdgpu_userq_reset_work+0x76/0xa0 [amdgpu]
[ 222.655229] process_scheduled_works+0x1f0/0x450
[ 222.655235] worker_thread+0x27f/0x370

Fixes: 32ab301b89b3 ("drm/amdgpu: store ib info for devcoredump")
Signed-off-by: Sunil Khatri <sunil.khatri@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>

authored by

Sunil Khatri and committed by
Alex Deucher
97284621 ad52d61d

+1 -1
+1 -1
drivers/gpu/drm/amd/amdgpu/amdgpu_dev_coredump.c
··· 511 511 512 512 coredump->skip_vram_check = skip_vram_check; 513 513 coredump->reset_vram_lost = vram_lost; 514 - coredump->pasid = job->pasid; 515 514 516 515 if (job && job->pasid) { 517 516 struct amdgpu_task_info *ti; ··· 520 521 coredump->reset_task_info = *ti; 521 522 amdgpu_vm_put_task_info(ti); 522 523 } 524 + coredump->pasid = job->pasid; 523 525 coredump->num_ibs = job->num_ibs; 524 526 for (i = 0; i < job->num_ibs; ++i) { 525 527 coredump->ibs[i].gpu_addr = job->ibs[i].gpu_addr;