Re: [PATCH] drm/i915: Do not dereference pointers from ring buffer in evict event

From: Steven Rostedt
Date: Tue Mar 18 2014 - 11:31:46 EST

Next message: Vinod Koul: "Re: [PATCH] dma: Add Keystone Packet DMA Engine driver"
Previous message: OGAWA Hirofumi: "Re: [PATCH v4 5/6] fat: permit to return phy block number by fibmap in fallocated region"
In reply to: Steven Rostedt: "[PATCH] drm/i915: Do not dereference pointers from ring buffer in evict event"
Next in thread: Daniel Vetter: "Re: [PATCH] drm/i915: Do not dereference pointers from ring buffer in evict event"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 18 Mar 2014 11:27:37 -0400
Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:

> The TP_printk() should never dereference any pointers, because the ring
> buffer can be read at some unknown time in the future. If a device no
> longer exists, it can cause a kernel oops. This also makes this
> event useless when saving the ring buffer in userspaces tools such as
> perf and trace-cmd.
>
> The i915_gem_evict_vm dereferences the vm pointer which may also not
> exist when the ring buffer is read sometime in the future.
>
> Link: http://lkml.kernel.org/r/1395095198-20034-3-git-send-email-artagnon@xxxxxxxxx
> Reported-by: Ramkumar Ramachandra <artagnon@xxxxxxxxx> Cc:
> stable@xxxxxxxxxxxxxxx # 3.13+

Bah, claw's mail is playing havoc with my line wraps. Please fix the
above when applying, or I can send anothe patch. Thanks :-)

I had to re-insert the patch due to it but didn't see the screw up with
the Cc of stable.

-- Steve

> Fixes: bcccff847d1f "drm/i915: trace vm eviction instead of everything"
> Signed-off-by: Steven Rostedt <rostedt@xxxxxxxxxxx>
> ---
> diff --git a/drivers/gpu/drm/i915/i915_trace.h b/drivers/gpu/drm/i915/i915_trace.h
> index 6e580c9..f3e8a90 100644
> --- a/drivers/gpu/drm/i915/i915_trace.h
> +++ b/drivers/gpu/drm/i915/i915_trace.h
> @@ -238,14 +238,16 @@ TRACE_EVENT(i915_gem_evict_vm,
> TP_ARGS(vm),
>
> TP_STRUCT__entry(
> + __field(u32, dev)
> __field(struct i915_address_space *, vm)
> ),
>
> TP_fast_assign(
> + __entry->dev = dev->primary->index;
> __entry->vm = vm;
> ),
>
> - TP_printk("dev=%d, vm=%p", __entry->vm->dev->primary->index, __entry->vm)
> + TP_printk("dev=%d, vm=%p", __entry->dev, __entry->vm)
> );
>
> TRACE_EVENT(i915_gem_ring_sync_to,

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vinod Koul: "Re: [PATCH] dma: Add Keystone Packet DMA Engine driver"
Previous message: OGAWA Hirofumi: "Re: [PATCH v4 5/6] fat: permit to return phy block number by fibmap in fallocated region"
In reply to: Steven Rostedt: "[PATCH] drm/i915: Do not dereference pointers from ring buffer in evict event"
Next in thread: Daniel Vetter: "Re: [PATCH] drm/i915: Do not dereference pointers from ring buffer in evict event"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]