* [PATCH] drm/amdgpu: prevent double kfree ttm->sg
@ 2020-09-15 21:52 Philip Yang
2020-09-15 22:34 ` Felix Kuehling
2020-09-16 7:40 ` Christian König
0 siblings, 2 replies; 3+ messages in thread
From: Philip Yang @ 2020-09-15 21:52 UTC (permalink / raw)
To: amd-gfx; +Cc: Philip Yang
Set ttm->sg to NULL after kfree, to avoid memory corruption backtrace:
[ 420.932812] kernel BUG at
/build/linux-do9eLF/linux-4.15.0/mm/slub.c:295!
[ 420.934182] invalid opcode: 0000 [#1] SMP NOPTI
[ 420.935445] Modules linked in: xt_conntrack ipt_MASQUERADE
[ 420.951332] Hardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS
1.5.4 07/09/2020
[ 420.952887] RIP: 0010:__slab_free+0x180/0x2d0
[ 420.954419] RSP: 0018:ffffbe426291fa60 EFLAGS: 00010246
[ 420.955963] RAX: ffff9e29263e9c30 RBX: ffff9e29263e9c30 RCX:
000000018100004b
[ 420.957512] RDX: ffff9e29263e9c30 RSI: fffff3d33e98fa40 RDI:
ffff9e297e407a80
[ 420.959055] RBP: ffffbe426291fb00 R08: 0000000000000001 R09:
ffffffffc0d39ade
[ 420.960587] R10: ffffbe426291fb20 R11: ffff9e49ffdd4000 R12:
ffff9e297e407a80
[ 420.962105] R13: fffff3d33e98fa40 R14: ffff9e29263e9c30 R15:
ffff9e2954464fd8
[ 420.963611] FS: 00007fa2ea097780(0000) GS:ffff9e297e840000(0000)
knlGS:0000000000000000
[ 420.965144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 420.966663] CR2: 00007f16bfffefb8 CR3: 0000001ff0c62000 CR4:
0000000000340ee0
[ 420.968193] Call Trace:
[ 420.969703] ? __page_cache_release+0x3c/0x220
[ 420.971294] ? amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
[ 420.972789] kfree+0x168/0x180
[ 420.974353] ? amdgpu_ttm_tt_set_user_pages+0x64/0xc0 [amdgpu]
[ 420.975850] ? kfree+0x168/0x180
[ 420.977403] amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
[ 420.978888] ttm_tt_unpopulate.part.10+0x53/0x60 [amdttm]
[ 420.980357] ttm_tt_destroy.part.11+0x4f/0x60 [amdttm]
[ 420.981814] ttm_tt_destroy+0x13/0x20 [amdttm]
[ 420.983273] ttm_bo_cleanup_memtype_use+0x36/0x80 [amdttm]
[ 420.984725] ttm_bo_release+0x1c9/0x360 [amdttm]
[ 420.986167] amdttm_bo_put+0x24/0x30 [amdttm]
[ 420.987663] amdgpu_bo_unref+0x1e/0x30 [amdgpu]
[ 420.989165] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x9ca/0xb10
[amdgpu]
[ 420.990666] kfd_ioctl_alloc_memory_of_gpu+0xef/0x2c0 [amdgpu]
Signed-off-by: Philip Yang <Philip.Yang@amd.com>
---
drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
index 8b704451a18c..4b3ab9a25e91 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
@@ -1076,6 +1076,7 @@ static int amdgpu_ttm_tt_pin_userptr(struct ttm_tt *ttm)
release_sg:
kfree(ttm->sg);
+ ttm->sg = NULL;
return r;
}
--
2.17.1
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] drm/amdgpu: prevent double kfree ttm->sg
2020-09-15 21:52 [PATCH] drm/amdgpu: prevent double kfree ttm->sg Philip Yang
@ 2020-09-15 22:34 ` Felix Kuehling
2020-09-16 7:40 ` Christian König
1 sibling, 0 replies; 3+ messages in thread
From: Felix Kuehling @ 2020-09-15 22:34 UTC (permalink / raw)
To: Philip Yang, amd-gfx
Am 2020-09-15 um 5:52 p.m. schrieb Philip Yang:
> Set ttm->sg to NULL after kfree, to avoid memory corruption backtrace:
>
> [ 420.932812] kernel BUG at
> /build/linux-do9eLF/linux-4.15.0/mm/slub.c:295!
> [ 420.934182] invalid opcode: 0000 [#1] SMP NOPTI
> [ 420.935445] Modules linked in: xt_conntrack ipt_MASQUERADE
> [ 420.951332] Hardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS
> 1.5.4 07/09/2020
> [ 420.952887] RIP: 0010:__slab_free+0x180/0x2d0
> [ 420.954419] RSP: 0018:ffffbe426291fa60 EFLAGS: 00010246
> [ 420.955963] RAX: ffff9e29263e9c30 RBX: ffff9e29263e9c30 RCX:
> 000000018100004b
> [ 420.957512] RDX: ffff9e29263e9c30 RSI: fffff3d33e98fa40 RDI:
> ffff9e297e407a80
> [ 420.959055] RBP: ffffbe426291fb00 R08: 0000000000000001 R09:
> ffffffffc0d39ade
> [ 420.960587] R10: ffffbe426291fb20 R11: ffff9e49ffdd4000 R12:
> ffff9e297e407a80
> [ 420.962105] R13: fffff3d33e98fa40 R14: ffff9e29263e9c30 R15:
> ffff9e2954464fd8
> [ 420.963611] FS: 00007fa2ea097780(0000) GS:ffff9e297e840000(0000)
> knlGS:0000000000000000
> [ 420.965144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 420.966663] CR2: 00007f16bfffefb8 CR3: 0000001ff0c62000 CR4:
> 0000000000340ee0
> [ 420.968193] Call Trace:
> [ 420.969703] ? __page_cache_release+0x3c/0x220
> [ 420.971294] ? amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
> [ 420.972789] kfree+0x168/0x180
> [ 420.974353] ? amdgpu_ttm_tt_set_user_pages+0x64/0xc0 [amdgpu]
> [ 420.975850] ? kfree+0x168/0x180
> [ 420.977403] amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
> [ 420.978888] ttm_tt_unpopulate.part.10+0x53/0x60 [amdttm]
> [ 420.980357] ttm_tt_destroy.part.11+0x4f/0x60 [amdttm]
> [ 420.981814] ttm_tt_destroy+0x13/0x20 [amdttm]
> [ 420.983273] ttm_bo_cleanup_memtype_use+0x36/0x80 [amdttm]
> [ 420.984725] ttm_bo_release+0x1c9/0x360 [amdttm]
> [ 420.986167] amdttm_bo_put+0x24/0x30 [amdttm]
> [ 420.987663] amdgpu_bo_unref+0x1e/0x30 [amdgpu]
> [ 420.989165] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x9ca/0xb10
> [amdgpu]
> [ 420.990666] kfd_ioctl_alloc_memory_of_gpu+0xef/0x2c0 [amdgpu]
>
> Signed-off-by: Philip Yang <Philip.Yang@amd.com>
Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> index 8b704451a18c..4b3ab9a25e91 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> @@ -1076,6 +1076,7 @@ static int amdgpu_ttm_tt_pin_userptr(struct ttm_tt *ttm)
>
> release_sg:
> kfree(ttm->sg);
> + ttm->sg = NULL;
> return r;
> }
>
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] drm/amdgpu: prevent double kfree ttm->sg
2020-09-15 21:52 [PATCH] drm/amdgpu: prevent double kfree ttm->sg Philip Yang
2020-09-15 22:34 ` Felix Kuehling
@ 2020-09-16 7:40 ` Christian König
1 sibling, 0 replies; 3+ messages in thread
From: Christian König @ 2020-09-16 7:40 UTC (permalink / raw)
To: Philip Yang, amd-gfx
Am 15.09.20 um 23:52 schrieb Philip Yang:
> Set ttm->sg to NULL after kfree, to avoid memory corruption backtrace:
>
> [ 420.932812] kernel BUG at
> /build/linux-do9eLF/linux-4.15.0/mm/slub.c:295!
> [ 420.934182] invalid opcode: 0000 [#1] SMP NOPTI
> [ 420.935445] Modules linked in: xt_conntrack ipt_MASQUERADE
> [ 420.951332] Hardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS
> 1.5.4 07/09/2020
> [ 420.952887] RIP: 0010:__slab_free+0x180/0x2d0
> [ 420.954419] RSP: 0018:ffffbe426291fa60 EFLAGS: 00010246
> [ 420.955963] RAX: ffff9e29263e9c30 RBX: ffff9e29263e9c30 RCX:
> 000000018100004b
> [ 420.957512] RDX: ffff9e29263e9c30 RSI: fffff3d33e98fa40 RDI:
> ffff9e297e407a80
> [ 420.959055] RBP: ffffbe426291fb00 R08: 0000000000000001 R09:
> ffffffffc0d39ade
> [ 420.960587] R10: ffffbe426291fb20 R11: ffff9e49ffdd4000 R12:
> ffff9e297e407a80
> [ 420.962105] R13: fffff3d33e98fa40 R14: ffff9e29263e9c30 R15:
> ffff9e2954464fd8
> [ 420.963611] FS: 00007fa2ea097780(0000) GS:ffff9e297e840000(0000)
> knlGS:0000000000000000
> [ 420.965144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 420.966663] CR2: 00007f16bfffefb8 CR3: 0000001ff0c62000 CR4:
> 0000000000340ee0
> [ 420.968193] Call Trace:
> [ 420.969703] ? __page_cache_release+0x3c/0x220
> [ 420.971294] ? amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
> [ 420.972789] kfree+0x168/0x180
> [ 420.974353] ? amdgpu_ttm_tt_set_user_pages+0x64/0xc0 [amdgpu]
> [ 420.975850] ? kfree+0x168/0x180
> [ 420.977403] amdgpu_ttm_tt_unpopulate+0x5e/0x80 [amdgpu]
> [ 420.978888] ttm_tt_unpopulate.part.10+0x53/0x60 [amdttm]
> [ 420.980357] ttm_tt_destroy.part.11+0x4f/0x60 [amdttm]
> [ 420.981814] ttm_tt_destroy+0x13/0x20 [amdttm]
> [ 420.983273] ttm_bo_cleanup_memtype_use+0x36/0x80 [amdttm]
> [ 420.984725] ttm_bo_release+0x1c9/0x360 [amdttm]
> [ 420.986167] amdttm_bo_put+0x24/0x30 [amdttm]
> [ 420.987663] amdgpu_bo_unref+0x1e/0x30 [amdgpu]
> [ 420.989165] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x9ca/0xb10
> [amdgpu]
> [ 420.990666] kfd_ioctl_alloc_memory_of_gpu+0xef/0x2c0 [amdgpu]
>
> Signed-off-by: Philip Yang <Philip.Yang@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> index 8b704451a18c..4b3ab9a25e91 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
> @@ -1076,6 +1076,7 @@ static int amdgpu_ttm_tt_pin_userptr(struct ttm_tt *ttm)
>
> release_sg:
> kfree(ttm->sg);
> + ttm->sg = NULL;
> return r;
> }
>
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-09-16 7:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-09-15 21:52 [PATCH] drm/amdgpu: prevent double kfree ttm->sg Philip Yang
2020-09-15 22:34 ` Felix Kuehling
2020-09-16 7:40 ` Christian König
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox