• Philip Yang's avatar
    drm/amdkfd: Fix double release compute pasid · 1a799c4c
    Philip Yang authored
    If kfd_process_device_init_vm returns failure after vm is converted to
    compute vm and vm->pasid set to compute pasid, KFD will not take
    pdd->drm_file reference. As a result, drm close file handler maybe
    called to release the compute pasid before KFD process destroy worker to
    release the same pasid and set vm->pasid to zero, this generates below
    WARNING backtrace and NULL pointer access.
    
    Add helper amdgpu_amdkfd_gpuvm_set_vm_pasid and call it at the last step
    of kfd_process_device_init_vm, to ensure vm pasid is the original pasid
    if acquiring vm failed or is the compute pasid with pdd->drm_file
    reference taken to avoid double release same pasid.
    
     amdgpu: Failed to create process VM object
     ida_free called for id=32770 which is not allocated.
     WARNING: CPU: 57 PID: 72542 at ../lib/idr.c:522 ida_free+0x96/0x140
     RIP: 0010:ida_free+0x96/0x140
     Call Trace:
      amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu]
      amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu]
      drm_file_free.part.13+0x216/0x270 [drm]
      drm_close_helper.isra.14+0x60/0x70 [drm]
      drm_release+0x6e/0xf0 [drm]
      __fput+0xcc/0x280
      ____fput+0xe/0x20
      task_work_run+0x96/0xc0
      do_exit+0x3d0/0xc10
    
     BUG: kernel NULL pointer dereference, address: 0000000000000000
     RIP: 0010:ida_free+0x76/0x140
     Call Trace:
      amdgpu_pasid_free_delayed+0xe1/0x2a0 [amdgpu]
      amdgpu_driver_postclose_kms+0x2d8/0x340 [amdgpu]
      drm_file_free.part.13+0x216/0x270 [drm]
      drm_close_helper.isra.14+0x60/0x70 [drm]
      drm_release+0x6e/0xf0 [drm]
      __fput+0xcc/0x280
      ____fput+0xe/0x20
      task_work_run+0x96/0xc0
      do_exit+0x3d0/0xc10
    Signed-off-by: default avatarPhilip Yang <Philip.Yang@amd.com>
    Reviewed-by: default avatarFelix Kuehling <Felix.Kuehling@amd.com>
    Signed-off-by: default avatarAlex Deucher <alexander.deucher@amd.com>
    1a799c4c
kfd_process.c 52.9 KB