Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp1024070ybe; Wed, 4 Sep 2019 11:18:28 -0700 (PDT) X-Google-Smtp-Source: APXvYqw/Fe2t0x9FmcFEsK7M/HCIgOVS0oa2YZ1W9DN2jc2hHdD35fIV5syeJPJU8/b+YWdYWOu6 X-Received: by 2002:a17:90a:7f81:: with SMTP id m1mr6430962pjl.92.1567621108877; Wed, 04 Sep 2019 11:18:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567621108; cv=none; d=google.com; s=arc-20160816; b=G0Or1a3rvElKqJaVh3FrV2o661xfAOmf71TmWP70tTsd1FG+FRXojHmgvcXBQL2MCX 5pjtrjGS+T1oL9/kJh0PG7YmwvgViQOU47j5ZZF1mS7q2dlDHts5/lJ/3w6EncoaWsyP J2AF9Dy8SqudwT5tEqh+RZmS7cFZoSFWdS9m7EkwDfovRyzse1atj0OKL08wLK+KsCx9 THvPJwd485JsOkPhvKRonQguxdiQpmrUWLZOpTDQpP6lupbZEn/8cwVRTR0F9j0nxpEA DN6MUeu2oNyx8r4WjUhlQBOlGOnzljQAp6JeQVLYiKsJ1H/SBKnG8AfJnhJbeM0OhDE3 S39w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=OZ26uiFZshUsug5bWXg7xY5zuFC2LJF55m/84Gpxu+E=; b=wXQz646OG0rJgoELpzMizr6h6+Badpd9zzi3uEK2YuYLZyBnStLF02dHgyFFlHnYuy 9wBDV3ZTd8hZ5ccgbcH2lgOzswPyi+cLhoQT7q2XnyUybXJ1dgQ1hGG8RG8LbIumStr+ QfALbvuEAxQHap92m16OC9NRuaHaer24TXC4DYg3QN8UzjNzBPilh/W85I337qWA6weo zB3mOGsTaKfhsTmQjD/0LrcFoA4+JFf6F/3VdFZtSoox8duxXK8LWHLeK4fPH3wUth2E QdDsGAEl7r5RXiUL/rgS9WdjQ4Zjflbo1OHALjsi+kNi6CaGbZ2LqyABnzzhKyTCakAn 402w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=EA84o6Zd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x16si18256554pln.98.2019.09.04.11.18.13; Wed, 04 Sep 2019 11:18:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=EA84o6Zd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389777AbfIDSNx (ORCPT + 99 others); Wed, 4 Sep 2019 14:13:53 -0400 Received: from mail.kernel.org ([198.145.29.99]:58784 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390355AbfIDSNv (ORCPT ); Wed, 4 Sep 2019 14:13:51 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EE5F2208E4; Wed, 4 Sep 2019 18:13:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1567620830; bh=q1h3wBIpEygtj0TyIhZNZ2gIK5Dvwof6yKn0nAdg9ss=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EA84o6ZdPfC87zT9cTF97C//W6Ic4VtRQaxAwB5xgsWk/BHV49fp1hoVNnBAkkjWE 1NK4fQkAhbWdWVXIHQHEetHc7hDIjOXx8zDthJ0MQMh5JoRP92YMCAAIo9Z5r1MUuz I4nP1O6XnRQ2Te5PBBrG4sQ5LE5mx2VdRPfnWhzM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Xiong Zhang , Zhenyu Wang , Chris Wilson , Jani Nikula Subject: [PATCH 5.2 112/143] drm/i915: Dont deballoon unused ggtt drm_mm_node in linux guest Date: Wed, 4 Sep 2019 19:54:15 +0200 Message-Id: <20190904175318.780438544@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190904175314.206239922@linuxfoundation.org> References: <20190904175314.206239922@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Xiong Zhang commit 0a3dfbb5cd9033752639ef33e319c2f2863c713a upstream. The following call trace may exist in linux guest dmesg when guest i915 driver is unloaded. [ 90.776610] [drm:vgt_deballoon_space.isra.0 [i915]] deballoon space: range [0x0 - 0x0] 0 KiB. [ 90.776621] BUG: unable to handle kernel NULL pointer dereference at 00000000000000c0 [ 90.776691] IP: drm_mm_remove_node+0x4d/0x320 [drm] [ 90.776718] PGD 800000012c7d0067 P4D 800000012c7d0067 PUD 138e4c067 PMD 0 [ 90.777091] task: ffff9adab60f2f00 task.stack: ffffaf39c0fe0000 [ 90.777142] RIP: 0010:drm_mm_remove_node+0x4d/0x320 [drm] [ 90.777573] Call Trace: [ 90.777653] intel_vgt_deballoon+0x4c/0x60 [i915] [ 90.777729] i915_ggtt_cleanup_hw+0x121/0x190 [i915] [ 90.777792] i915_driver_unload+0x145/0x180 [i915] [ 90.777856] i915_pci_remove+0x15/0x20 [i915] [ 90.777890] pci_device_remove+0x3b/0xc0 [ 90.777916] device_release_driver_internal+0x157/0x220 [ 90.777945] driver_detach+0x39/0x70 [ 90.777967] bus_remove_driver+0x51/0xd0 [ 90.777990] pci_unregister_driver+0x23/0x90 [ 90.778019] SyS_delete_module+0x1da/0x240 [ 90.778045] entry_SYSCALL_64_fastpath+0x24/0x87 [ 90.778072] RIP: 0033:0x7f34312af067 [ 90.778092] RSP: 002b:00007ffdea3da0d8 EFLAGS: 00000206 [ 90.778297] RIP: drm_mm_remove_node+0x4d/0x320 [drm] RSP: ffffaf39c0fe3dc0 [ 90.778344] ---[ end trace f4b1bc8305fc59dd ]--- Four drm_mm_node are used to reserve guest ggtt space, but some of them may be skipped and not initialised due to space constraints in intel_vgt_balloon(). If drm_mm_remove_node() is called with uninitialized drm_mm_node, the above call trace occurs. This patch check drm_mm_node's validity before calling drm_mm_remove_node(). Fixes: ff8f797557c7("drm/i915: return the correct usable aperture size under gvt environment") Cc: stable@vger.kernel.org Signed-off-by: Xiong Zhang Acked-by: Zhenyu Wang Reviewed-by: Chris Wilson Signed-off-by: Chris Wilson Link: https://patchwork.freedesktop.org/patch/msgid/1566279978-9659-1-git-send-email-xiong.y.zhang@intel.com (cherry picked from commit 4776f3529d6b1e47f02904ad1d264d25ea22b27b) Signed-off-by: Jani Nikula Signed-off-by: Greg Kroah-Hartman --- drivers/gpu/drm/i915/i915_vgpu.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/gpu/drm/i915/i915_vgpu.c +++ b/drivers/gpu/drm/i915/i915_vgpu.c @@ -101,6 +101,9 @@ static struct _balloon_info_ bl_info; static void vgt_deballoon_space(struct i915_ggtt *ggtt, struct drm_mm_node *node) { + if (!drm_mm_node_allocated(node)) + return; + DRM_DEBUG_DRIVER("deballoon space: range [0x%llx - 0x%llx] %llu KiB.\n", node->start, node->start + node->size,