diff mbox series

nouveau/uvmm: fix addr/range calcs for remap operations

Message ID 20240328024317.2041851-1-airlied@gmail.com (mailing list archive)
State New, archived
Headers show
Series nouveau/uvmm: fix addr/range calcs for remap operations | expand

Commit Message

Dave Airlie March 28, 2024, 2:43 a.m. UTC 
From: Dave Airlie <airlied@redhat.com>

dEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8
was causing a remap operation like the below.

op_remap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a 0000000000000000
op_remap: next:
op_remap: unmap: 0000003fffed0000 0000000000100000 0
op_map: map: 0000003ffffc0000 0000000000010000 000000005b1ba33c 00000000000e0000

This was resulting in an unmap operation from 0x3fffed0000+0xf0000, 0x100000
which was corrupting the pagetables and oopsing the kernel.

Fixes the prev + unmap range calcs to use start/end and map back to addr/range.

Signed-off-by: Dave Airlie <airlied@redhat.com>
Fixes: b88baab82871 ("drm/nouveau: implement new VM_BIND uAPI")
Cc: Danilo Krummrich <dakr@redhat.com>
---
 drivers/gpu/drm/nouveau/nouveau_uvmm.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Danilo Krummrich March 28, 2024, 5:07 p.m. UTC | #1 
On 3/28/24 03:43, Dave Airlie wrote:
> From: Dave Airlie <airlied@redhat.com>
> 
> dEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8
> was causing a remap operation like the below.
> 
> op_remap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a 0000000000000000
> op_remap: next:
> op_remap: unmap: 0000003fffed0000 0000000000100000 0
> op_map: map: 0000003ffffc0000 0000000000010000 000000005b1ba33c 00000000000e0000
> 
> This was resulting in an unmap operation from 0x3fffed0000+0xf0000, 0x100000
> which was corrupting the pagetables and oopsing the kernel.

Good catch, thanks for looking into that.

> 
> Fixes the prev + unmap range calcs to use start/end and map back to addr/range.

I like how using start/end instead fixes the issue and keeps it simple.

> 
> Signed-off-by: Dave Airlie <airlied@redhat.com>
> Fixes: b88baab82871 ("drm/nouveau: implement new VM_BIND uAPI")
> Cc: Danilo Krummrich <dakr@redhat.com>

Applied the patch to drm-misc-fixes.

> ---
>   drivers/gpu/drm/nouveau/nouveau_uvmm.c | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/gpu/drm/nouveau/nouveau_uvmm.c b/drivers/gpu/drm/nouveau/nouveau_uvmm.c
> index 9675ef25b16d..87bce1a9d073 100644
> --- a/drivers/gpu/drm/nouveau/nouveau_uvmm.c
> +++ b/drivers/gpu/drm/nouveau/nouveau_uvmm.c
> @@ -813,15 +813,15 @@ op_remap(struct drm_gpuva_op_remap *r,
>   	struct drm_gpuva_op_unmap *u = r->unmap;
>   	struct nouveau_uvma *uvma = uvma_from_va(u->va);
>   	u64 addr = uvma->va.va.addr;
> -	u64 range = uvma->va.va.range;
> +	u64 end = uvma->va.va.addr + uvma->va.va.range;
>   
>   	if (r->prev)
>   		addr = r->prev->va.addr + r->prev->va.range;
>   
>   	if (r->next)
> -		range = r->next->va.addr - addr;
> +		end = r->next->va.addr;
>   
> -	op_unmap_range(u, addr, range);
> +	op_unmap_range(u, addr, end - addr);
>   }
>   
>   static int
diff mbox series

Patch

diff --git a/drivers/gpu/drm/nouveau/nouveau_uvmm.c b/drivers/gpu/drm/nouveau/nouveau_uvmm.c
index 9675ef25b16d..87bce1a9d073 100644
--- a/drivers/gpu/drm/nouveau/nouveau_uvmm.c
+++ b/drivers/gpu/drm/nouveau/nouveau_uvmm.c
@@ -813,15 +813,15 @@  op_remap(struct drm_gpuva_op_remap *r,
 	struct drm_gpuva_op_unmap *u = r->unmap;
 	struct nouveau_uvma *uvma = uvma_from_va(u->va);
 	u64 addr = uvma->va.va.addr;
-	u64 range = uvma->va.va.range;
+	u64 end = uvma->va.va.addr + uvma->va.va.range;
 
 	if (r->prev)
 		addr = r->prev->va.addr + r->prev->va.range;
 
 	if (r->next)
-		range = r->next->va.addr - addr;
+		end = r->next->va.addr;
 
-	op_unmap_range(u, addr, range);
+	op_unmap_range(u, addr, end - addr);
 }
 
 static int