projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 682439f)
drm/amdgpu: drop redundant sched job cleanup when cs is aborted
authorGuchun Chen <guchun.chen@amd.com>
Wed, 26 Apr 2023 01:46:54 +0000 (09:46 +0800)
committerAlex Deucher <alexander.deucher@amd.com>
Thu, 4 May 2023 03:10:02 +0000 (23:10 -0400)
Once command submission failed due to userptr invalidation in
amdgpu_cs_submit, legacy code will perform cleanup of scheduler
job. However, it's not needed at all, as former commit has integrated
job cleanup stuff into amdgpu_job_free. Otherwise, because of double
free, a NULL pointer dereference will occur in such scenario.

Bug: https://gitlab.freedesktop.org/drm/amd/-/issues/2457
Fixes: f7d66fb2ea43 ("drm/amdgpu: cleanup scheduler job initialization v2")
Signed-off-by: Guchun Chen <guchun.chen@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c patch | blob | history

diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
index 08eced097bd8e11cee560ee5baf5e602b05420bb..2eb2c66843a8891a5bd49ebdd1defea630b7b99e 100644 (file)
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
@@ -1276,7 +1276,7 @@ static int amdgpu_cs_submit(struct amdgpu_cs_parser *p,
                r = drm_sched_job_add_dependency(&leader->base, fence);
                if (r) {
                        dma_fence_put(fence);
-                       goto error_cleanup;
+                       return r;
                }
        }
 
@@ -1303,7 +1303,8 @@ static int amdgpu_cs_submit(struct amdgpu_cs_parser *p,
        }
        if (r) {
                r = -EAGAIN;
-               goto error_unlock;
+               mutex_unlock(&p->adev->notifier_lock);
+               return r;
        }
 
        p->fence = dma_fence_get(&leader->base.s_fence->finished);
@@ -1350,14 +1351,6 @@ static int amdgpu_cs_submit(struct amdgpu_cs_parser *p,
        mutex_unlock(&p->adev->notifier_lock);
        mutex_unlock(&p->bo_list->bo_list_mutex);
        return 0;
-
-error_unlock:
-       mutex_unlock(&p->adev->notifier_lock);
-
-error_cleanup:
-       for (i = 0; i < p->gang_size; ++i)
-               drm_sched_job_cleanup(&p->jobs[i]->base);
-       return r;
 }
 
 /* Cleanup the parser structure */
Domain: System / Kernel;