* [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction
@ 2022-05-12 9:40 Thomas Hellström
2022-05-12 16:27 ` [Intel-gfx] ✓ Fi.CI.BAT: success for " Patchwork
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Thomas Hellström @ 2022-05-12 9:40 UTC (permalink / raw)
To: dri-devel, intel-gfx; +Cc: Thomas Hellström, Matthew Auld
In vma destruction, the following race may occur:
Thread 1: Thread 2:
i915_vma_destroy();
...
list_del_init(vma->vm_link);
...
mutex_unlock(vma->vm->mutex);
__i915_vm_release();
release_references();
And in release_reference() we dereference vma->vm to get to the
vm gt pointer, leadin go a use-after free.
However, __i915_vm_release() grabs the vm->mutex so the vm won't be
destroyed before vma->vm->mutex is released, so extract the gt pointer
under the vm->mutex to avoid the vma->vm dereference in
release_references().
Closes: https://gitlab.freedesktop.org/drm/intel/-/issues/5944
Fixes: e1a7ab4fca ("drm/i915: Remove the vm open count")
Cc: Niranjana Vishwanathapura <niranjana.vishwanathapura@intel.com>
Cc: Matthew Auld <matthew.auld@intel.com>
Signed-off-by: Thomas Hellström <thomas.hellstrom@linux.intel.com>
---
drivers/gpu/drm/i915/i915_vma.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/drivers/gpu/drm/i915/i915_vma.c b/drivers/gpu/drm/i915/i915_vma.c
index 4f6db539571a..5d6850a91a69 100644
--- a/drivers/gpu/drm/i915/i915_vma.c
+++ b/drivers/gpu/drm/i915/i915_vma.c
@@ -1636,10 +1636,10 @@ static void force_unbind(struct i915_vma *vma)
GEM_BUG_ON(drm_mm_node_allocated(&vma->node));
}
-static void release_references(struct i915_vma *vma, bool vm_ddestroy)
+static void release_references(struct i915_vma *vma, struct intel_gt *gt,
+ bool vm_ddestroy)
{
struct drm_i915_gem_object *obj = vma->obj;
- struct intel_gt *gt = vma->vm->gt;
GEM_BUG_ON(i915_vma_is_active(vma));
@@ -1694,11 +1694,12 @@ void i915_vma_destroy_locked(struct i915_vma *vma)
force_unbind(vma);
list_del_init(&vma->vm_link);
- release_references(vma, false);
+ release_references(vma, vma->vm->gt, false);
}
void i915_vma_destroy(struct i915_vma *vma)
{
+ struct intel_gt *gt;
bool vm_ddestroy;
mutex_lock(&vma->vm->mutex);
@@ -1706,8 +1707,11 @@ void i915_vma_destroy(struct i915_vma *vma)
list_del_init(&vma->vm_link);
vm_ddestroy = vma->vm_ddestroy;
vma->vm_ddestroy = false;
+
+ /* vma->vm may be freed when releasing vma->vm->mutex. */
+ gt = vma->vm->gt;
mutex_unlock(&vma->vm->mutex);
- release_references(vma, vm_ddestroy);
+ release_references(vma, gt, vm_ddestroy);
}
void i915_vma_parked(struct intel_gt *gt)
--
2.34.1
^ permalink raw reply related [flat|nested] 5+ messages in thread* [Intel-gfx] ✓ Fi.CI.BAT: success for drm/i915: Fix vm use-after-free in vma destruction 2022-05-12 9:40 [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction Thomas Hellström @ 2022-05-12 16:27 ` Patchwork 2022-05-12 19:23 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork 2022-05-19 21:46 ` [Intel-gfx] [PATCH] " Andi Shyti 2 siblings, 0 replies; 5+ messages in thread From: Patchwork @ 2022-05-12 16:27 UTC (permalink / raw) To: Thomas Hellström; +Cc: intel-gfx [-- Attachment #1: Type: text/plain, Size: 6928 bytes --] == Series Details == Series: drm/i915: Fix vm use-after-free in vma destruction URL : https://patchwork.freedesktop.org/series/103922/ State : success == Summary == CI Bug Log - changes from CI_DRM_11642 -> Patchwork_103922v1 ==================================================== Summary ------- **SUCCESS** No regressions found. External URL: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/index.html Participating hosts (42 -> 40) ------------------------------ Additional (1): bat-dg2-8 Missing (3): bat-rpls-1 fi-bsw-cyan fi-bdw-samus Possible new issues ------------------- Here are the unknown changes that may have been introduced in Patchwork_103922v1: ### IGT changes ### #### Suppressed #### The following results come from untrusted machines, tests, or statuses. They do not affect the overall result. * igt@i915_pm_rpm@basic-pci-d3-state: - {bat-dg2-8}: NOTRUN -> [SKIP][1] +1 similar issue [1]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/bat-dg2-8/igt@i915_pm_rpm@basic-pci-d3-state.html Known issues ------------ Here are the changes found in Patchwork_103922v1 that come from known issues: ### IGT changes ### #### Issues hit #### * igt@i915_selftest@live@gtt: - fi-bdw-5557u: [PASS][2] -> [DMESG-FAIL][3] ([i915#3674]) [2]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/fi-bdw-5557u/igt@i915_selftest@live@gtt.html [3]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-bdw-5557u/igt@i915_selftest@live@gtt.html * igt@i915_selftest@live@requests: - fi-blb-e6850: [PASS][4] -> [DMESG-FAIL][5] ([i915#4528]) [4]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/fi-blb-e6850/igt@i915_selftest@live@requests.html [5]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-blb-e6850/igt@i915_selftest@live@requests.html * igt@kms_chamelium@common-hpd-after-suspend: - fi-hsw-4770: NOTRUN -> [SKIP][6] ([fdo#109271] / [fdo#111827]) [6]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-hsw-4770/igt@kms_chamelium@common-hpd-after-suspend.html - fi-hsw-g3258: NOTRUN -> [SKIP][7] ([fdo#109271] / [fdo#111827]) [7]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-hsw-g3258/igt@kms_chamelium@common-hpd-after-suspend.html #### Possible fixes #### * igt@i915_pm_rpm@module-reload: - fi-cfl-8109u: [DMESG-WARN][8] ([i915#62]) -> [PASS][9] +16 similar issues [8]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/fi-cfl-8109u/igt@i915_pm_rpm@module-reload.html [9]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-cfl-8109u/igt@i915_pm_rpm@module-reload.html * igt@i915_selftest@live@hangcheck: - fi-hsw-4770: [INCOMPLETE][10] ([i915#4785]) -> [PASS][11] [10]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/fi-hsw-4770/igt@i915_selftest@live@hangcheck.html [11]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-hsw-4770/igt@i915_selftest@live@hangcheck.html - fi-hsw-g3258: [INCOMPLETE][12] ([i915#4785]) -> [PASS][13] [12]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/fi-hsw-g3258/igt@i915_selftest@live@hangcheck.html [13]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/fi-hsw-g3258/igt@i915_selftest@live@hangcheck.html * igt@kms_busy@basic@flip: - bat-adlp-4: [DMESG-WARN][14] ([i915#3576]) -> [PASS][15] [14]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/bat-adlp-4/igt@kms_busy@basic@flip.html [15]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/bat-adlp-4/igt@kms_busy@basic@flip.html * igt@kms_flip@basic-flip-vs-modeset@b-edp1: - {bat-adlp-6}: [DMESG-WARN][16] ([i915#3576]) -> [PASS][17] [16]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/bat-adlp-6/igt@kms_flip@basic-flip-vs-modeset@b-edp1.html [17]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/bat-adlp-6/igt@kms_flip@basic-flip-vs-modeset@b-edp1.html {name}: This element is suppressed. This means it is ignored when computing the status of the difference (SUCCESS, WARNING, or FAILURE). [fdo#109271]: https://bugs.freedesktop.org/show_bug.cgi?id=109271 [fdo#109285]: https://bugs.freedesktop.org/show_bug.cgi?id=109285 [fdo#111827]: https://bugs.freedesktop.org/show_bug.cgi?id=111827 [i915#1072]: https://gitlab.freedesktop.org/drm/intel/issues/1072 [i915#1155]: https://gitlab.freedesktop.org/drm/intel/issues/1155 [i915#2582]: https://gitlab.freedesktop.org/drm/intel/issues/2582 [i915#3291]: https://gitlab.freedesktop.org/drm/intel/issues/3291 [i915#3555]: https://gitlab.freedesktop.org/drm/intel/issues/3555 [i915#3576]: https://gitlab.freedesktop.org/drm/intel/issues/3576 [i915#3595]: https://gitlab.freedesktop.org/drm/intel/issues/3595 [i915#3674]: https://gitlab.freedesktop.org/drm/intel/issues/3674 [i915#3708]: https://gitlab.freedesktop.org/drm/intel/issues/3708 [i915#4077]: https://gitlab.freedesktop.org/drm/intel/issues/4077 [i915#4079]: https://gitlab.freedesktop.org/drm/intel/issues/4079 [i915#4083]: https://gitlab.freedesktop.org/drm/intel/issues/4083 [i915#4103]: https://gitlab.freedesktop.org/drm/intel/issues/4103 [i915#4212]: https://gitlab.freedesktop.org/drm/intel/issues/4212 [i915#4213]: https://gitlab.freedesktop.org/drm/intel/issues/4213 [i915#4215]: https://gitlab.freedesktop.org/drm/intel/issues/4215 [i915#4312]: https://gitlab.freedesktop.org/drm/intel/issues/4312 [i915#4528]: https://gitlab.freedesktop.org/drm/intel/issues/4528 [i915#4785]: https://gitlab.freedesktop.org/drm/intel/issues/4785 [i915#4873]: https://gitlab.freedesktop.org/drm/intel/issues/4873 [i915#5122]: https://gitlab.freedesktop.org/drm/intel/issues/5122 [i915#5190]: https://gitlab.freedesktop.org/drm/intel/issues/5190 [i915#5274]: https://gitlab.freedesktop.org/drm/intel/issues/5274 [i915#5354]: https://gitlab.freedesktop.org/drm/intel/issues/5354 [i915#5763]: https://gitlab.freedesktop.org/drm/intel/issues/5763 [i915#5879]: https://gitlab.freedesktop.org/drm/intel/issues/5879 [i915#5885]: https://gitlab.freedesktop.org/drm/intel/issues/5885 [i915#62]: https://gitlab.freedesktop.org/drm/intel/issues/62 Build changes ------------- * Linux: CI_DRM_11642 -> Patchwork_103922v1 CI-20190529: 20190529 CI_DRM_11642: 6631d616a752f13f9056e71aca4af6e36f698aac @ git://anongit.freedesktop.org/gfx-ci/linux IGT_6471: 1d6816f1200520f936a799b7b0ef2e6f396abb16 @ https://gitlab.freedesktop.org/drm/igt-gpu-tools.git Patchwork_103922v1: 6631d616a752f13f9056e71aca4af6e36f698aac @ git://anongit.freedesktop.org/gfx-ci/linux ### Linux commits d72b6cb4cf47 drm/i915: Fix vm use-after-free in vma destruction == Logs == For more details see: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/index.html [-- Attachment #2: Type: text/html, Size: 6418 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Intel-gfx] ✓ Fi.CI.IGT: success for drm/i915: Fix vm use-after-free in vma destruction 2022-05-12 9:40 [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction Thomas Hellström 2022-05-12 16:27 ` [Intel-gfx] ✓ Fi.CI.BAT: success for " Patchwork @ 2022-05-12 19:23 ` Patchwork 2022-05-19 21:46 ` [Intel-gfx] [PATCH] " Andi Shyti 2 siblings, 0 replies; 5+ messages in thread From: Patchwork @ 2022-05-12 19:23 UTC (permalink / raw) To: Thomas Hellström; +Cc: intel-gfx [-- Attachment #1: Type: text/plain, Size: 32842 bytes --] == Series Details == Series: drm/i915: Fix vm use-after-free in vma destruction URL : https://patchwork.freedesktop.org/series/103922/ State : success == Summary == CI Bug Log - changes from CI_DRM_11642_full -> Patchwork_103922v1_full ==================================================== Summary ------- **SUCCESS** No regressions found. Participating hosts (11 -> 11) ------------------------------ No changes in participating hosts Known issues ------------ Here are the changes found in Patchwork_103922v1_full that come from known issues: ### IGT changes ### #### Issues hit #### * igt@gem_busy@close-race: - shard-snb: [PASS][1] -> [TIMEOUT][2] ([i915#5748]) [1]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-snb7/igt@gem_busy@close-race.html [2]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-snb4/igt@gem_busy@close-race.html * igt@gem_busy@parallel@vecs0: - shard-skl: [PASS][3] -> [DMESG-WARN][4] ([i915#1982]) [3]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl9/igt@gem_busy@parallel@vecs0.html [4]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl7/igt@gem_busy@parallel@vecs0.html * igt@gem_create@create-massive: - shard-kbl: NOTRUN -> [DMESG-WARN][5] ([i915#4991]) [5]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl1/igt@gem_create@create-massive.html * igt@gem_exec_fair@basic-none@vcs0: - shard-apl: [PASS][6] -> [FAIL][7] ([i915#2842]) [6]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-apl8/igt@gem_exec_fair@basic-none@vcs0.html [7]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl3/igt@gem_exec_fair@basic-none@vcs0.html * igt@gem_exec_fair@basic-pace@vcs1: - shard-iclb: NOTRUN -> [FAIL][8] ([i915#2842]) [8]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb1/igt@gem_exec_fair@basic-pace@vcs1.html * igt@gem_exec_fair@basic-pace@vecs0: - shard-glk: [PASS][9] -> [FAIL][10] ([i915#2842]) +2 similar issues [9]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-glk2/igt@gem_exec_fair@basic-pace@vecs0.html [10]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-glk9/igt@gem_exec_fair@basic-pace@vecs0.html - shard-iclb: [PASS][11] -> [FAIL][12] ([i915#2842]) [11]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb7/igt@gem_exec_fair@basic-pace@vecs0.html [12]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb1/igt@gem_exec_fair@basic-pace@vecs0.html * igt@gem_exec_flush@basic-wb-rw-default: - shard-snb: [PASS][13] -> [SKIP][14] ([fdo#109271]) +3 similar issues [13]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-snb4/igt@gem_exec_flush@basic-wb-rw-default.html [14]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-snb6/igt@gem_exec_flush@basic-wb-rw-default.html * igt@gem_exec_params@no-vebox: - shard-iclb: NOTRUN -> [SKIP][15] ([fdo#109283]) [15]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gem_exec_params@no-vebox.html * igt@gem_exec_whisper@basic-contexts-forked-all: - shard-glk: [PASS][16] -> [DMESG-WARN][17] ([i915#118]) [16]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-glk5/igt@gem_exec_whisper@basic-contexts-forked-all.html [17]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-glk2/igt@gem_exec_whisper@basic-contexts-forked-all.html * igt@gem_huc_copy@huc-copy: - shard-iclb: NOTRUN -> [SKIP][18] ([i915#2190]) [18]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gem_huc_copy@huc-copy.html * igt@gem_lmem_swapping@heavy-multi: - shard-skl: NOTRUN -> [SKIP][19] ([fdo#109271] / [i915#4613]) +1 similar issue [19]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl4/igt@gem_lmem_swapping@heavy-multi.html * igt@gem_pxp@reject-modify-context-protection-off-3: - shard-iclb: NOTRUN -> [SKIP][20] ([i915#4270]) [20]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gem_pxp@reject-modify-context-protection-off-3.html * igt@gem_render_copy@y-tiled-mc-ccs-to-yf-tiled-ccs: - shard-iclb: NOTRUN -> [SKIP][21] ([i915#768]) [21]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gem_render_copy@y-tiled-mc-ccs-to-yf-tiled-ccs.html * igt@gem_workarounds@reset: - shard-snb: [PASS][22] -> [TIMEOUT][23] ([i915#4995]) [22]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-snb4/igt@gem_workarounds@reset.html [23]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-snb7/igt@gem_workarounds@reset.html * igt@gen3_render_linear_blits: - shard-iclb: NOTRUN -> [SKIP][24] ([fdo#109289]) [24]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gen3_render_linear_blits.html * igt@gen9_exec_parse@allowed-single: - shard-skl: [PASS][25] -> [DMESG-WARN][26] ([i915#5566] / [i915#716]) [25]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl4/igt@gen9_exec_parse@allowed-single.html [26]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl10/igt@gen9_exec_parse@allowed-single.html * igt@gen9_exec_parse@cmd-crossing-page: - shard-iclb: NOTRUN -> [SKIP][27] ([i915#2856]) [27]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gen9_exec_parse@cmd-crossing-page.html * igt@i915_pm_dc@dc6-dpms: - shard-iclb: [PASS][28] -> [FAIL][29] ([i915#454]) [28]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb2/igt@i915_pm_dc@dc6-dpms.html [29]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@i915_pm_dc@dc6-dpms.html * igt@i915_pm_rpm@dpms-lpsp: - shard-kbl: NOTRUN -> [SKIP][30] ([fdo#109271]) +18 similar issues [30]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl1/igt@i915_pm_rpm@dpms-lpsp.html * igt@i915_pm_rpm@dpms-mode-unset-non-lpsp: - shard-iclb: NOTRUN -> [SKIP][31] ([fdo#110892]) [31]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@i915_pm_rpm@dpms-mode-unset-non-lpsp.html * igt@i915_selftest@live@hangcheck: - shard-snb: [PASS][32] -> [INCOMPLETE][33] ([i915#3921]) [32]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-snb7/igt@i915_selftest@live@hangcheck.html [33]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-snb5/igt@i915_selftest@live@hangcheck.html * igt@i915_suspend@fence-restore-tiled2untiled: - shard-apl: [PASS][34] -> [DMESG-WARN][35] ([i915#180]) +3 similar issues [34]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-apl4/igt@i915_suspend@fence-restore-tiled2untiled.html [35]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl6/igt@i915_suspend@fence-restore-tiled2untiled.html * igt@kms_atomic_transition@plane-all-modeset-transition-fencing: - shard-iclb: NOTRUN -> [SKIP][36] ([i915#1769]) [36]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_atomic_transition@plane-all-modeset-transition-fencing.html * igt@kms_big_fb@4-tiled-8bpp-rotate-90: - shard-iclb: NOTRUN -> [SKIP][37] ([i915#5286]) +1 similar issue [37]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_big_fb@4-tiled-8bpp-rotate-90.html * igt@kms_big_fb@y-tiled-64bpp-rotate-90: - shard-iclb: NOTRUN -> [SKIP][38] ([fdo#110725] / [fdo#111614]) +1 similar issue [38]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_big_fb@y-tiled-64bpp-rotate-90.html * igt@kms_big_fb@yf-tiled-64bpp-rotate-270: - shard-iclb: NOTRUN -> [SKIP][39] ([fdo#110723]) [39]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_big_fb@yf-tiled-64bpp-rotate-270.html * igt@kms_big_joiner@invalid-modeset: - shard-iclb: NOTRUN -> [SKIP][40] ([i915#2705]) [40]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_big_joiner@invalid-modeset.html * igt@kms_ccs@pipe-a-bad-rotation-90-y_tiled_gen12_mc_ccs: - shard-apl: NOTRUN -> [SKIP][41] ([fdo#109271] / [i915#3886]) +1 similar issue [41]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_ccs@pipe-a-bad-rotation-90-y_tiled_gen12_mc_ccs.html * igt@kms_ccs@pipe-b-ccs-on-another-bo-y_tiled_gen12_rc_ccs_cc: - shard-skl: NOTRUN -> [SKIP][42] ([fdo#109271] / [i915#3886]) +4 similar issues [42]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl4/igt@kms_ccs@pipe-b-ccs-on-another-bo-y_tiled_gen12_rc_ccs_cc.html * igt@kms_ccs@pipe-b-missing-ccs-buffer-y_tiled_gen12_mc_ccs: - shard-iclb: NOTRUN -> [SKIP][43] ([fdo#109278] / [i915#3886]) [43]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_ccs@pipe-b-missing-ccs-buffer-y_tiled_gen12_mc_ccs.html * igt@kms_chamelium@dp-hpd-storm-disable: - shard-skl: NOTRUN -> [SKIP][44] ([fdo#109271] / [fdo#111827]) +5 similar issues [44]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl1/igt@kms_chamelium@dp-hpd-storm-disable.html * igt@kms_color_chamelium@pipe-c-ctm-red-to-blue: - shard-iclb: NOTRUN -> [SKIP][45] ([fdo#109284] / [fdo#111827]) [45]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_color_chamelium@pipe-c-ctm-red-to-blue.html * igt@kms_color_chamelium@pipe-c-degamma: - shard-apl: NOTRUN -> [SKIP][46] ([fdo#109271] / [fdo#111827]) +3 similar issues [46]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_color_chamelium@pipe-c-degamma.html - shard-kbl: NOTRUN -> [SKIP][47] ([fdo#109271] / [fdo#111827]) [47]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl3/igt@kms_color_chamelium@pipe-c-degamma.html * igt@kms_content_protection@legacy: - shard-kbl: NOTRUN -> [TIMEOUT][48] ([i915#1319]) [48]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl3/igt@kms_content_protection@legacy.html - shard-apl: NOTRUN -> [TIMEOUT][49] ([i915#1319]) [49]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_content_protection@legacy.html * igt@kms_content_protection@uevent: - shard-iclb: NOTRUN -> [SKIP][50] ([fdo#109300] / [fdo#111066]) [50]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_content_protection@uevent.html * igt@kms_cursor_crc@pipe-b-cursor-32x32-onscreen: - shard-skl: NOTRUN -> [SKIP][51] ([fdo#109271]) +66 similar issues [51]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl4/igt@kms_cursor_crc@pipe-b-cursor-32x32-onscreen.html * igt@kms_cursor_crc@pipe-b-cursor-512x512-sliding: - shard-iclb: NOTRUN -> [SKIP][52] ([fdo#109278] / [fdo#109279]) [52]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_cursor_crc@pipe-b-cursor-512x512-sliding.html * igt@kms_cursor_legacy@pipe-d-single-move: - shard-iclb: NOTRUN -> [SKIP][53] ([fdo#109278]) +9 similar issues [53]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_cursor_legacy@pipe-d-single-move.html * igt@kms_flip@2x-plain-flip-fb-recreate-interruptible: - shard-iclb: NOTRUN -> [SKIP][54] ([fdo#109274]) +1 similar issue [54]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_flip@2x-plain-flip-fb-recreate-interruptible.html * igt@kms_flip@flip-vs-expired-vblank-interruptible@b-hdmi-a2: - shard-glk: [PASS][55] -> [FAIL][56] ([i915#79]) +1 similar issue [55]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-glk6/igt@kms_flip@flip-vs-expired-vblank-interruptible@b-hdmi-a2.html [56]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-glk5/igt@kms_flip@flip-vs-expired-vblank-interruptible@b-hdmi-a2.html * igt@kms_flip@flip-vs-suspend-interruptible@c-edp1: - shard-skl: [PASS][57] -> [INCOMPLETE][58] ([i915#4939]) [57]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl7/igt@kms_flip@flip-vs-suspend-interruptible@c-edp1.html [58]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl1/igt@kms_flip@flip-vs-suspend-interruptible@c-edp1.html * igt@kms_frontbuffer_tracking@fbc-2p-scndscrn-cur-indfb-draw-blt: - shard-iclb: NOTRUN -> [SKIP][59] ([fdo#109280]) +7 similar issues [59]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_frontbuffer_tracking@fbc-2p-scndscrn-cur-indfb-draw-blt.html * igt@kms_frontbuffer_tracking@fbcpsr-1p-primscrn-spr-indfb-draw-blt: - shard-apl: NOTRUN -> [SKIP][60] ([fdo#109271]) +67 similar issues [60]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_frontbuffer_tracking@fbcpsr-1p-primscrn-spr-indfb-draw-blt.html * igt@kms_hdr@bpc-switch@bpc-switch-edp-1-pipe-a: - shard-skl: [PASS][61] -> [FAIL][62] ([i915#1188]) [61]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl8/igt@kms_hdr@bpc-switch@bpc-switch-edp-1-pipe-a.html [62]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl2/igt@kms_hdr@bpc-switch@bpc-switch-edp-1-pipe-a.html * igt@kms_pipe_crc_basic@compare-crc-sanitycheck-pipe-d: - shard-apl: NOTRUN -> [SKIP][63] ([fdo#109271] / [i915#533]) [63]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl1/igt@kms_pipe_crc_basic@compare-crc-sanitycheck-pipe-d.html * igt@kms_plane@plane-panning-bottom-right-suspend@pipe-a-planes: - shard-kbl: [PASS][64] -> [INCOMPLETE][65] ([i915#3614]) [64]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-kbl1/igt@kms_plane@plane-panning-bottom-right-suspend@pipe-a-planes.html [65]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl4/igt@kms_plane@plane-panning-bottom-right-suspend@pipe-a-planes.html * igt@kms_plane@plane-panning-bottom-right-suspend@pipe-b-planes: - shard-tglb: [PASS][66] -> [DMESG-WARN][67] ([i915#2411]) [66]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-tglb2/igt@kms_plane@plane-panning-bottom-right-suspend@pipe-b-planes.html [67]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-tglb6/igt@kms_plane@plane-panning-bottom-right-suspend@pipe-b-planes.html * igt@kms_plane_alpha_blend@pipe-c-alpha-transparent-fb: - shard-apl: NOTRUN -> [FAIL][68] ([i915#265]) [68]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl1/igt@kms_plane_alpha_blend@pipe-c-alpha-transparent-fb.html * igt@kms_plane_alpha_blend@pipe-c-constant-alpha-max: - shard-kbl: NOTRUN -> [FAIL][69] ([fdo#108145] / [i915#265]) [69]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl3/igt@kms_plane_alpha_blend@pipe-c-constant-alpha-max.html - shard-apl: NOTRUN -> [FAIL][70] ([fdo#108145] / [i915#265]) [70]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_plane_alpha_blend@pipe-c-constant-alpha-max.html * igt@kms_plane_alpha_blend@pipe-c-constant-alpha-min: - shard-skl: [PASS][71] -> [FAIL][72] ([fdo#108145] / [i915#265]) [71]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl7/igt@kms_plane_alpha_blend@pipe-c-constant-alpha-min.html [72]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl6/igt@kms_plane_alpha_blend@pipe-c-constant-alpha-min.html * igt@kms_plane_lowres@pipe-b-tiling-4: - shard-iclb: NOTRUN -> [SKIP][73] ([i915#5288]) [73]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_plane_lowres@pipe-b-tiling-4.html * igt@kms_psr2_sf@overlay-plane-update-sf-dmg-area: - shard-iclb: NOTRUN -> [SKIP][74] ([fdo#111068] / [i915#658]) [74]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_psr2_sf@overlay-plane-update-sf-dmg-area.html * igt@kms_psr@psr2_cursor_render: - shard-iclb: [PASS][75] -> [SKIP][76] ([fdo#109441]) [75]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb2/igt@kms_psr@psr2_cursor_render.html [76]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_psr@psr2_cursor_render.html * igt@kms_psr@psr2_primary_mmap_gtt: - shard-iclb: NOTRUN -> [SKIP][77] ([fdo#109441]) [77]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_psr@psr2_primary_mmap_gtt.html * igt@kms_psr_stress_test@flip-primary-invalidate-overlay: - shard-tglb: [PASS][78] -> [SKIP][79] ([i915#5519]) [78]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-tglb8/igt@kms_psr_stress_test@flip-primary-invalidate-overlay.html [79]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-tglb3/igt@kms_psr_stress_test@flip-primary-invalidate-overlay.html * igt@nouveau_crc@pipe-b-source-outp-inactive: - shard-iclb: NOTRUN -> [SKIP][80] ([i915#2530]) [80]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@nouveau_crc@pipe-b-source-outp-inactive.html * igt@prime_nv_pcopy@test1_macro: - shard-iclb: NOTRUN -> [SKIP][81] ([fdo#109291]) [81]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@prime_nv_pcopy@test1_macro.html * igt@sysfs_clients@recycle: - shard-iclb: NOTRUN -> [SKIP][82] ([i915#2994]) [82]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@sysfs_clients@recycle.html * igt@sysfs_clients@sema-25: - shard-skl: NOTRUN -> [SKIP][83] ([fdo#109271] / [i915#2994]) [83]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl4/igt@sysfs_clients@sema-25.html * igt@tools_test@sysfs_l3_parity: - shard-iclb: NOTRUN -> [SKIP][84] ([fdo#109307]) [84]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@tools_test@sysfs_l3_parity.html #### Possible fixes #### * igt@gem_ctx_persistence@many-contexts: - {shard-tglu}: [FAIL][85] ([i915#2410]) -> [PASS][86] [85]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-tglu-1/igt@gem_ctx_persistence@many-contexts.html [86]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-tglu-4/igt@gem_ctx_persistence@many-contexts.html * igt@gem_exec_fair@basic-none@rcs0: - shard-kbl: [FAIL][87] ([i915#2842]) -> [PASS][88] +3 similar issues [87]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-kbl4/igt@gem_exec_fair@basic-none@rcs0.html [88]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl4/igt@gem_exec_fair@basic-none@rcs0.html * igt@gem_exec_fair@basic-throttle@rcs0: - shard-glk: [FAIL][89] ([i915#2842]) -> [PASS][90] [89]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-glk6/igt@gem_exec_fair@basic-throttle@rcs0.html [90]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-glk5/igt@gem_exec_fair@basic-throttle@rcs0.html - shard-iclb: [FAIL][91] ([i915#2849]) -> [PASS][92] [91]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb3/igt@gem_exec_fair@basic-throttle@rcs0.html [92]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb1/igt@gem_exec_fair@basic-throttle@rcs0.html * igt@gem_exec_flush@basic-wb-pro-default: - shard-snb: [SKIP][93] ([fdo#109271]) -> [PASS][94] +1 similar issue [93]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-snb6/igt@gem_exec_flush@basic-wb-pro-default.html [94]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-snb7/igt@gem_exec_flush@basic-wb-pro-default.html * igt@gen9_exec_parse@allowed-single: - shard-apl: [DMESG-WARN][95] ([i915#5566] / [i915#716]) -> [PASS][96] [95]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-apl1/igt@gen9_exec_parse@allowed-single.html [96]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@gen9_exec_parse@allowed-single.html * igt@kms_cursor_crc@pipe-c-cursor-suspend: - shard-kbl: [DMESG-WARN][97] ([i915#180]) -> [PASS][98] +1 similar issue [97]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-kbl1/igt@kms_cursor_crc@pipe-c-cursor-suspend.html [98]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-kbl3/igt@kms_cursor_crc@pipe-c-cursor-suspend.html - shard-apl: [DMESG-WARN][99] ([i915#180]) -> [PASS][100] +2 similar issues [99]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-apl3/igt@kms_cursor_crc@pipe-c-cursor-suspend.html [100]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-apl4/igt@kms_cursor_crc@pipe-c-cursor-suspend.html * igt@kms_flip@flip-vs-expired-vblank-interruptible@b-edp1: - shard-skl: [FAIL][101] ([i915#79]) -> [PASS][102] [101]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl9/igt@kms_flip@flip-vs-expired-vblank-interruptible@b-edp1.html [102]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl7/igt@kms_flip@flip-vs-expired-vblank-interruptible@b-edp1.html * igt@kms_flip@plain-flip-ts-check-interruptible@c-edp1: - shard-skl: [FAIL][103] ([i915#2122]) -> [PASS][104] [103]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl9/igt@kms_flip@plain-flip-ts-check-interruptible@c-edp1.html [104]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl7/igt@kms_flip@plain-flip-ts-check-interruptible@c-edp1.html * igt@kms_flip_scaled_crc@flip-64bpp-ytile-to-16bpp-ytile-downscaling: - shard-iclb: [SKIP][105] ([i915#3701]) -> [PASS][106] +1 similar issue [105]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb2/igt@kms_flip_scaled_crc@flip-64bpp-ytile-to-16bpp-ytile-downscaling.html [106]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb6/igt@kms_flip_scaled_crc@flip-64bpp-ytile-to-16bpp-ytile-downscaling.html * igt@kms_hdr@bpc-switch-suspend@bpc-switch-suspend-edp-1-pipe-a: - shard-skl: [FAIL][107] ([i915#1188]) -> [PASS][108] [107]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl1/igt@kms_hdr@bpc-switch-suspend@bpc-switch-suspend-edp-1-pipe-a.html [108]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl7/igt@kms_hdr@bpc-switch-suspend@bpc-switch-suspend-edp-1-pipe-a.html * igt@kms_plane_alpha_blend@pipe-a-coverage-7efc: - shard-skl: [FAIL][109] ([fdo#108145] / [i915#265]) -> [PASS][110] [109]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl8/igt@kms_plane_alpha_blend@pipe-a-coverage-7efc.html [110]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl2/igt@kms_plane_alpha_blend@pipe-a-coverage-7efc.html * igt@kms_plane_scaling@planes-downscale-factor-0-5@pipe-a-edp-1-planes-downscale: - shard-iclb: [SKIP][111] ([i915#5235]) -> [PASS][112] +2 similar issues [111]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb2/igt@kms_plane_scaling@planes-downscale-factor-0-5@pipe-a-edp-1-planes-downscale.html [112]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_plane_scaling@planes-downscale-factor-0-5@pipe-a-edp-1-planes-downscale.html * igt@kms_psr2_su@frontbuffer-xrgb8888: - shard-iclb: [SKIP][113] ([fdo#109642] / [fdo#111068] / [i915#658]) -> [PASS][114] [113]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb3/igt@kms_psr2_su@frontbuffer-xrgb8888.html [114]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb2/igt@kms_psr2_su@frontbuffer-xrgb8888.html * igt@kms_psr@psr2_sprite_render: - shard-iclb: [SKIP][115] ([fdo#109441]) -> [PASS][116] +1 similar issue [115]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb3/igt@kms_psr@psr2_sprite_render.html [116]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb2/igt@kms_psr@psr2_sprite_render.html * igt@perf@polling-parameterized: - shard-skl: [FAIL][117] ([i915#5639]) -> [PASS][118] [117]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl1/igt@perf@polling-parameterized.html [118]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl8/igt@perf@polling-parameterized.html * igt@testdisplay: - {shard-tglu}: [DMESG-WARN][119] ([i915#4941]) -> [PASS][120] [119]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-tglu-5/igt@testdisplay.html [120]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-tglu-1/igt@testdisplay.html #### Warnings #### * igt@gem_exec_balancer@parallel-ordering: - shard-iclb: [DMESG-FAIL][121] ([i915#5614]) -> [SKIP][122] ([i915#4525]) [121]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb4/igt@gem_exec_balancer@parallel-ordering.html [122]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@gem_exec_balancer@parallel-ordering.html * igt@gem_exec_balancer@parallel-out-fence: - shard-iclb: [SKIP][123] ([i915#4525]) -> [DMESG-WARN][124] ([i915#5614]) +3 similar issues [123]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb7/igt@gem_exec_balancer@parallel-out-fence.html [124]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb1/igt@gem_exec_balancer@parallel-out-fence.html * igt@kms_cursor_crc@pipe-a-cursor-512x512-onscreen: - shard-skl: [SKIP][125] ([fdo#109271]) -> [SKIP][126] ([fdo#109271] / [i915#1888]) [125]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-skl9/igt@kms_cursor_crc@pipe-a-cursor-512x512-onscreen.html [126]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-skl7/igt@kms_cursor_crc@pipe-a-cursor-512x512-onscreen.html * igt@kms_psr2_sf@overlay-primary-update-sf-dmg-area: - shard-iclb: [SKIP][127] ([i915#2920]) -> [SKIP][128] ([fdo#111068] / [i915#658]) [127]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_11642/shard-iclb2/igt@kms_psr2_sf@overlay-primary-update-sf-dmg-area.html [128]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/shard-iclb3/igt@kms_psr2_sf@overlay-primary-update-sf-dmg-area.html {name}: This element is suppressed. This means it is ignored when computing the status of the difference (SUCCESS, WARNING, or FAILURE). [fdo#108145]: https://bugs.freedesktop.org/show_bug.cgi?id=108145 [fdo#109271]: https://bugs.freedesktop.org/show_bug.cgi?id=109271 [fdo#109274]: https://bugs.freedesktop.org/show_bug.cgi?id=109274 [fdo#109278]: https://bugs.freedesktop.org/show_bug.cgi?id=109278 [fdo#109279]: https://bugs.freedesktop.org/show_bug.cgi?id=109279 [fdo#109280]: https://bugs.freedesktop.org/show_bug.cgi?id=109280 [fdo#109283]: https://bugs.freedesktop.org/show_bug.cgi?id=109283 [fdo#109284]: https://bugs.freedesktop.org/show_bug.cgi?id=109284 [fdo#109289]: https://bugs.freedesktop.org/show_bug.cgi?id=109289 [fdo#109291]: https://bugs.freedesktop.org/show_bug.cgi?id=109291 [fdo#109300]: https://bugs.freedesktop.org/show_bug.cgi?id=109300 [fdo#109307]: https://bugs.freedesktop.org/show_bug.cgi?id=109307 [fdo#109314]: https://bugs.freedesktop.org/show_bug.cgi?id=109314 [fdo#109441]: https://bugs.freedesktop.org/show_bug.cgi?id=109441 [fdo#109642]: https://bugs.freedesktop.org/show_bug.cgi?id=109642 [fdo#110189]: https://bugs.freedesktop.org/show_bug.cgi?id=110189 [fdo#110723]: https://bugs.freedesktop.org/show_bug.cgi?id=110723 [fdo#110725]: https://bugs.freedesktop.org/show_bug.cgi?id=110725 [fdo#110892]: https://bugs.freedesktop.org/show_bug.cgi?id=110892 [fdo#111066]: https://bugs.freedesktop.org/show_bug.cgi?id=111066 [fdo#111068]: https://bugs.freedesktop.org/show_bug.cgi?id=111068 [fdo#111614]: https://bugs.freedesktop.org/show_bug.cgi?id=111614 [fdo#111615]: https://bugs.freedesktop.org/show_bug.cgi?id=111615 [fdo#111827]: https://bugs.freedesktop.org/show_bug.cgi?id=111827 [i915#118]: https://gitlab.freedesktop.org/drm/intel/issues/118 [i915#1188]: https://gitlab.freedesktop.org/drm/intel/issues/1188 [i915#1319]: https://gitlab.freedesktop.org/drm/intel/issues/1319 [i915#1769]: https://gitlab.freedesktop.org/drm/intel/issues/1769 [i915#180]: https://gitlab.freedesktop.org/drm/intel/issues/180 [i915#1888]: https://gitlab.freedesktop.org/drm/intel/issues/1888 [i915#1982]: https://gitlab.freedesktop.org/drm/intel/issues/1982 [i915#2122]: https://gitlab.freedesktop.org/drm/intel/issues/2122 [i915#2190]: https://gitlab.freedesktop.org/drm/intel/issues/2190 [i915#2410]: https://gitlab.freedesktop.org/drm/intel/issues/2410 [i915#2411]: https://gitlab.freedesktop.org/drm/intel/issues/2411 [i915#2530]: https://gitlab.freedesktop.org/drm/intel/issues/2530 [i915#265]: https://gitlab.freedesktop.org/drm/intel/issues/265 [i915#2705]: https://gitlab.freedesktop.org/drm/intel/issues/2705 [i915#2842]: https://gitlab.freedesktop.org/drm/intel/issues/2842 [i915#2849]: https://gitlab.freedesktop.org/drm/intel/issues/2849 [i915#2856]: https://gitlab.freedesktop.org/drm/intel/issues/2856 [i915#2920]: https://gitlab.freedesktop.org/drm/intel/issues/2920 [i915#2994]: https://gitlab.freedesktop.org/drm/intel/issues/2994 [i915#3319]: https://gitlab.freedesktop.org/drm/intel/issues/3319 [i915#3359]: https://gitlab.freedesktop.org/drm/intel/issues/3359 [i915#3614]: https://gitlab.freedesktop.org/drm/intel/issues/3614 [i915#3689]: https://gitlab.freedesktop.org/drm/intel/issues/3689 [i915#3701]: https://gitlab.freedesktop.org/drm/intel/issues/3701 [i915#3886]: https://gitlab.freedesktop.org/drm/intel/issues/3886 [i915#3921]: https://gitlab.freedesktop.org/drm/intel/issues/3921 [i915#4270]: https://gitlab.freedesktop.org/drm/intel/issues/4270 [i915#4525]: https://gitlab.freedesktop.org/drm/intel/issues/4525 [i915#454]: https://gitlab.freedesktop.org/drm/intel/issues/454 [i915#4613]: https://gitlab.freedesktop.org/drm/intel/issues/4613 [i915#4939]: https://gitlab.freedesktop.org/drm/intel/issues/4939 [i915#4941]: https://gitlab.freedesktop.org/drm/intel/issues/4941 [i915#4991]: https://gitlab.freedesktop.org/drm/intel/issues/4991 [i915#4995]: https://gitlab.freedesktop.org/drm/intel/issues/4995 [i915#5076]: https://gitlab.freedesktop.org/drm/intel/issues/5076 [i915#5235]: https://gitlab.freedesktop.org/drm/intel/issues/5235 [i915#5286]: https://gitlab.freedesktop.org/drm/intel/issues/5286 [i915#5288]: https://gitlab.freedesktop.org/drm/intel/issues/5288 [i915#5289]: https://gitlab.freedesktop.org/drm/intel/issues/5289 [i915#533]: https://gitlab.freedesktop.org/drm/intel/issues/533 [i915#5519]: https://gitlab.freedesktop.org/drm/intel/issues/5519 [i915#5566]: https://gitlab.freedesktop.org/drm/intel/issues/5566 [i915#5614]: https://gitlab.freedesktop.org/drm/intel/issues/5614 [i915#5639]: https://gitlab.freedesktop.org/drm/intel/issues/5639 [i915#5748]: https://gitlab.freedesktop.org/drm/intel/issues/5748 [i915#658]: https://gitlab.freedesktop.org/drm/intel/issues/658 [i915#716]: https://gitlab.freedesktop.org/drm/intel/issues/716 [i915#768]: https://gitlab.freedesktop.org/drm/intel/issues/768 [i915#79]: https://gitlab.freedesktop.org/drm/intel/issues/79 Build changes ------------- * Linux: CI_DRM_11642 -> Patchwork_103922v1 CI-20190529: 20190529 CI_DRM_11642: 6631d616a752f13f9056e71aca4af6e36f698aac @ git://anongit.freedesktop.org/gfx-ci/linux IGT_6471: 1d6816f1200520f936a799b7b0ef2e6f396abb16 @ https://gitlab.freedesktop.org/drm/igt-gpu-tools.git Patchwork_103922v1: 6631d616a752f13f9056e71aca4af6e36f698aac @ git://anongit.freedesktop.org/gfx-ci/linux piglit_4509: fdc5a4ca11124ab8413c7988896eec4c97336694 @ git://anongit.freedesktop.org/piglit == Logs == For more details see: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_103922v1/index.html [-- Attachment #2: Type: text/html, Size: 38202 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction 2022-05-12 9:40 [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction Thomas Hellström 2022-05-12 16:27 ` [Intel-gfx] ✓ Fi.CI.BAT: success for " Patchwork 2022-05-12 19:23 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork @ 2022-05-19 21:46 ` Andi Shyti 2022-06-20 12:29 ` Thomas Hellström 2 siblings, 1 reply; 5+ messages in thread From: Andi Shyti @ 2022-05-19 21:46 UTC (permalink / raw) To: Thomas Hellström; +Cc: intel-gfx, Matthew Auld, dri-devel Hi Thomas, On Thu, May 12, 2022 at 11:40:45AM +0200, Thomas Hellström wrote: > In vma destruction, the following race may occur: > > Thread 1: Thread 2: > i915_vma_destroy(); > > ... > list_del_init(vma->vm_link); > ... > mutex_unlock(vma->vm->mutex); > __i915_vm_release(); > release_references(); > > And in release_reference() we dereference vma->vm to get to the > vm gt pointer, leadin go a use-after free. leading to [...] > -static void release_references(struct i915_vma *vma, bool vm_ddestroy) > +static void release_references(struct i915_vma *vma, struct intel_gt *gt, > + bool vm_ddestroy) > { > struct drm_i915_gem_object *obj = vma->obj; > - struct intel_gt *gt = vma->vm->gt; > > GEM_BUG_ON(i915_vma_is_active(vma)); but then we have if (vm_ddestroy) i915_vm_resv_put(vma->vm); were we reference to a freed vm, right? Do we need to check it here, as well? Andi ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction 2022-05-19 21:46 ` [Intel-gfx] [PATCH] " Andi Shyti @ 2022-06-20 12:29 ` Thomas Hellström 0 siblings, 0 replies; 5+ messages in thread From: Thomas Hellström @ 2022-06-20 12:29 UTC (permalink / raw) To: Andi Shyti; +Cc: intel-gfx, Matthew Auld, dri-devel Hi, Andi On 5/19/22 23:46, Andi Shyti wrote: > Hi Thomas, > > On Thu, May 12, 2022 at 11:40:45AM +0200, Thomas Hellström wrote: >> In vma destruction, the following race may occur: >> >> Thread 1: Thread 2: >> i915_vma_destroy(); >> >> ... >> list_del_init(vma->vm_link); >> ... >> mutex_unlock(vma->vm->mutex); >> __i915_vm_release(); >> release_references(); >> >> And in release_reference() we dereference vma->vm to get to the >> vm gt pointer, leadin go a use-after free. > leading to Thanks, will fix. > > [...] > >> -static void release_references(struct i915_vma *vma, bool vm_ddestroy) >> +static void release_references(struct i915_vma *vma, struct intel_gt *gt, >> + bool vm_ddestroy) >> { >> struct drm_i915_gem_object *obj = vma->obj; >> - struct intel_gt *gt = vma->vm->gt; >> >> GEM_BUG_ON(i915_vma_is_active(vma)); > but then we have > > if (vm_ddestroy) > i915_vm_resv_put(vma->vm); > > were we reference to a freed vm, right? Do we need to check it > here, as well? No, it's not needed, since if vm_ddestroy is true, we keep the vm alive using the vm resv_ref until i915_vm_resv_put(). This is for the rare occasions where, during vm destruction, we fail to grab an object reference and therefore vma destruction is left for the object destructor. In those cases the vma needs to keep the vm in memory for it to be able to grab the vm mutex. /Thomas > > Andi ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-06-20 12:29 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-05-12 9:40 [Intel-gfx] [PATCH] drm/i915: Fix vm use-after-free in vma destruction Thomas Hellström 2022-05-12 16:27 ` [Intel-gfx] ✓ Fi.CI.BAT: success for " Patchwork 2022-05-12 19:23 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork 2022-05-19 21:46 ` [Intel-gfx] [PATCH] " Andi Shyti 2022-06-20 12:29 ` Thomas Hellström
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox