Comment # 5
on bug 107545
from Julien Isorce
Extract of the 2 attached cs dumps: User space so before ioctl radeon_cs_ioctl: 0x00000290 0x00000000 0xC0016900 0x000002A1 Kernel space so in radeon_cs_ioctl: 0x00000290 0x0000000b 0x00000000 0x000002a1 So for some reasons 0x00000000C0016900 gets overwritten by 0x0000000b00000000 Note that it always get overwritten with this value above and this value also appears in the other packet0 bug report: https://bugs.freedesktop.org/show_bug.cgi?id=84500#c7 I have started to narrow down the issue and it looks like it happens in "radeon_cs_parser_init" in kernel/drivers/gpu/drm/radeon as the overwrtting is already present just after this function. But it is not easy to debug further as this function is quite difficult to understand so any inputs would be appreciated, thx! Does kernel space make a copy of the cs chunks or just keep a pointer on it, as I see "user_ptr" ? Also note that the issue does not happen with amdgpu so one possibility is that "amdgpu_cs_parser_init" is more robust.
You are receiving this mail because:
- You are the assignee for the bug.
_______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/dri-devel
