Re: [Intel-gfx] [PATCH v3 1/3] drm/i915/gt: BUG_ON unexpected NULL at scatterlist walking

Mon, 02 May 2022 09:45:46 -0700 

On Mon, 02 May 2022, Ramalingam C <ramalinga...@intel.com> wrote:
> While locating the start of ccs scatterlist in smem scatterlist, that has
> to be the size of lmem obj size + corresponding ccs data size, report bug
> if scatterlist terminate before that length.
>
> v2:
>   s/GEM_BUG_ON/BUG_ON with more commenting [Matt]
> v3:
>   Converted GEM_BUG_ON into BUG_ON with more documentation [Matt]
>
> Signed-off-by: Ramalingam C <ramalinga...@intel.com>
> Reviewed-by: Matthew Auld <matthew.a...@intel.com> (v1)
> ---
>  drivers/gpu/drm/i915/gt/intel_migrate.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/i915/gt/intel_migrate.c 
> b/drivers/gpu/drm/i915/gt/intel_migrate.c
> index 9d552f30b627..168d17b6f48a 100644
> --- a/drivers/gpu/drm/i915/gt/intel_migrate.c
> +++ b/drivers/gpu/drm/i915/gt/intel_migrate.c
> @@ -687,6 +687,16 @@ static void get_ccs_sg_sgt(struct sgt_dma *it, u32 
> bytes_to_cpy)
>               bytes_to_cpy -= len;
>  
>               it->sg = __sg_next(it->sg);
> +
> +             /*
> +              * On Flat-CCS capable platform when we back the lmem pages with
> +              * smem pages we add extra pages at the end of the smem
> +              * scatterlist, to store the ccs data corresponding to the lmem
> +              * pages. get_ccs_sg_sgt() is called to get the pointer for the
> +              * start of the extra pages added at the end of smem 
> scatterlist.
> +              * So scatterlist can't end at or before bytes_to_cpy.
> +              */
> +             BUG_ON(!it->sg);

Why would you have to bring the entire kernel down in this case? Why not
just let it oops on the NULL pointer dereference?

I'd prefer nuking *all* of the current BUG/BUG_ON in the driver, and not
add any single one back.


BR,
Jani.


>               it->dma = sg_dma_address(it->sg);
>               it->max = it->dma + sg_dma_len(it->sg);
>       } while (bytes_to_cpy);
> @@ -748,8 +758,10 @@ intel_context_migrate_copy(struct intel_context *ce,
>                * Need to fix it.
>                */
>               ccs_bytes_to_cpy = src_sz != dst_sz ? GET_CCS_BYTES(i915, 
> bytes_to_cpy) : 0;
> -             if (ccs_bytes_to_cpy)
> +             if (ccs_bytes_to_cpy) {
> +                     WARN_ON(abs(src_sz - dst_sz) < ccs_bytes_to_cpy);
>                       get_ccs_sg_sgt(&it_ccs, bytes_to_cpy);
> +             }
>       }
>  
>       src_offset = 0;

-- 
Jani Nikula, Intel Open Source Graphics Center

Reply via email to