> -----Original Message----- > From: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx> > Sent: Thursday, July 23, 2020 10:21 AM > To: intel-gfx@xxxxxxxxxxxxxxxxxxxxx > Cc: dri-devel@xxxxxxxxxxxxxxxxxxxxx; Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>; > Tang, CQ <cq.tang@xxxxxxxxx>; Vetter, Daniel <daniel.vetter@xxxxxxxxx>; > stable@xxxxxxxxxxxxxxx > Subject: [PATCH 2/3] drm/i915/gem: Move context decoupling from > postclose to preclose > > Since the GEM contexts refer to other GEM state, we need to nerf those > pointers before that state is freed during drm_gem_release(). We need to > move i915_gem_context_close() from the postclose callback to the preclose. > > In particular, debugfs likes to peek into the GEM contexts, and from there > peek at the drm core objects. If the context is closed during the peeking, we > may attempt to dereference a stale core object. > > Signed-off-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx> > Cc: CQ Tang <cq.tang@xxxxxxxxx> > Cc: Daniel Vetter <daniel.vetter@xxxxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx > --- > drivers/gpu/drm/i915/i915_drv.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/i915/i915_drv.c > b/drivers/gpu/drm/i915/i915_drv.c index 5fd5af4bc855..15242a8c70f7 100644 > --- a/drivers/gpu/drm/i915/i915_drv.c > +++ b/drivers/gpu/drm/i915/i915_drv.c > @@ -1114,11 +1114,15 @@ static void i915_driver_lastclose(struct > drm_device *dev) > vga_switcheroo_process_delayed_switch(); > } > > +static void i915_driver_preclose(struct drm_device *dev, struct > +drm_file *file) { > + i915_gem_context_close(file); > +} > + > static void i915_driver_postclose(struct drm_device *dev, struct drm_file > *file) { > struct drm_i915_file_private *file_priv = file->driver_priv; > > - i915_gem_context_close(file); > i915_gem_release(dev, file); Now we separate i915_gem_context_close() from i915_gem_release() and other freeing code in postclose(), is there any side effect to allow code to run in between? Can we move all postclose() code into preclose()? --CQ > > kfree_rcu(file_priv, rcu); > @@ -1850,6 +1854,7 @@ static struct drm_driver driver = { > .release = i915_driver_release, > .open = i915_driver_open, > .lastclose = i915_driver_lastclose, > + .preclose = i915_driver_preclose, > .postclose = i915_driver_postclose, > > .gem_close_object = i915_gem_close_object, > -- > 2.20.1