[PATCH AUTOSEL 6.1 01/25] drm/gma500: Fix call trace when psb_gem_mm_init() fails
From: Sasha Levin
Date: Tue Nov 07 2023 - 07:50:25 EST
From: Sui Jingfeng <suijingfeng@xxxxxxxxxxx>
[ Upstream commit da596080b2b400c50fe9f8f237bcaf09fed06af8 ]
Because the gma_irq_install() is call after psb_gem_mm_init() function,
when psb_gem_mm_init() fails, the interrupt line haven't been allocated.
Yet the gma_irq_uninstall() is called in the psb_driver_unload() function
without checking if checking the irq is registered or not.
The calltrace is appended as following:
[ 20.539253] ioremap memtype_reserve failed -16
[ 20.543895] gma500 0000:00:02.0: Failure to map stolen base.
[ 20.565049] ------------[ cut here ]------------
[ 20.565066] Trying to free already-free IRQ 16
[ 20.565087] WARNING: CPU: 1 PID: 381 at kernel/irq/manage.c:1893 free_irq+0x209/0x370
[ 20.565316] CPU: 1 PID: 381 Comm: systemd-udevd Tainted: G C 6.5.0-rc1+ #368
[ 20.565329] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./IMB-140D Plus, BIOS P1.10 11/18/2013
[ 20.565338] RIP: 0010:free_irq+0x209/0x370
[ 20.565357] Code: 41 5d 41 5e 41 5f 5d 31 d2 89 d1 89 d6 89 d7 41 89 d1 c3 cc cc cc cc 8b 75 d0 48 c7 c7 e0 77 12 9f 4c 89 4d c8 e8 57 fe f4 ff <0f> 0b 48 8b 75 c8 4c 89 f7 e8 29 f3 f1 00 49 8b 47 40 48 8b 40 78
[ 20.565369] RSP: 0018:ffffae3b40733808 EFLAGS: 00010046
[ 20.565382] RAX: 0000000000000000 RBX: ffff9f8082bfe000 RCX: 0000000000000000
[ 20.565390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 20.565397] RBP: ffffae3b40733840 R08: 0000000000000000 R09: 0000000000000000
[ 20.565405] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f80871c3100
[ 20.565413] R13: ffff9f80835d3360 R14: ffff9f80835d32a4 R15: ffff9f80835d3200
[ 20.565424] FS: 00007f13d36458c0(0000) GS:ffff9f8138880000(0000) knlGS:0000000000000000
[ 20.565434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 20.565441] CR2: 00007f0d046f3f20 CR3: 0000000006c8c000 CR4: 00000000000006e0
[ 20.565450] Call Trace:
[ 20.565458] <TASK>
[ 20.565470] ? show_regs+0x72/0x90
[ 20.565488] ? free_irq+0x209/0x370
[ 20.565504] ? __warn+0x8d/0x160
[ 20.565520] ? free_irq+0x209/0x370
[ 20.565536] ? report_bug+0x1bb/0x1d0
[ 20.565555] ? handle_bug+0x46/0x90
[ 20.565572] ? exc_invalid_op+0x19/0x80
[ 20.565587] ? asm_exc_invalid_op+0x1b/0x20
[ 20.565607] ? free_irq+0x209/0x370
[ 20.565625] ? free_irq+0x209/0x370
[ 20.565644] gma_irq_uninstall+0x15b/0x1e0 [gma500_gfx]
[ 20.565728] psb_driver_unload+0x27/0x190 [gma500_gfx]
[ 20.565800] psb_pci_probe+0x5d2/0x790 [gma500_gfx]
[ 20.565873] local_pci_probe+0x48/0xb0
[ 20.565892] pci_device_probe+0xc8/0x280
[ 20.565912] really_probe+0x1d2/0x440
[ 20.565929] __driver_probe_device+0x8a/0x190
[ 20.565944] driver_probe_device+0x23/0xd0
[ 20.565957] __driver_attach+0x10f/0x220
[ 20.565971] ? __pfx___driver_attach+0x10/0x10
[ 20.565984] bus_for_each_dev+0x7a/0xe0
[ 20.566002] driver_attach+0x1e/0x30
[ 20.566014] bus_add_driver+0x127/0x240
[ 20.566029] driver_register+0x64/0x140
[ 20.566043] ? __pfx_psb_init+0x10/0x10 [gma500_gfx]
[ 20.566111] __pci_register_driver+0x68/0x80
[ 20.566128] psb_init+0x2c/0xff0 [gma500_gfx]
[ 20.566194] do_one_initcall+0x46/0x330
[ 20.566214] ? kmalloc_trace+0x2a/0xb0
[ 20.566233] do_init_module+0x6a/0x270
[ 20.566250] load_module+0x207f/0x23a0
[ 20.566278] init_module_from_file+0x9c/0xf0
[ 20.566293] ? init_module_from_file+0x9c/0xf0
[ 20.566315] idempotent_init_module+0x184/0x240
[ 20.566335] __x64_sys_finit_module+0x64/0xd0
[ 20.566352] do_syscall_64+0x59/0x90
[ 20.566366] ? ksys_mmap_pgoff+0x123/0x270
[ 20.566378] ? __secure_computing+0x9b/0x110
[ 20.566392] ? exit_to_user_mode_prepare+0x39/0x190
[ 20.566406] ? syscall_exit_to_user_mode+0x2a/0x50
[ 20.566420] ? do_syscall_64+0x69/0x90
[ 20.566433] ? do_syscall_64+0x69/0x90
[ 20.566445] ? do_syscall_64+0x69/0x90
[ 20.566458] entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 20.566472] RIP: 0033:0x7f13d351ea3d
[ 20.566485] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c3 a3 0f 00 f7 d8 64 89 01 48
[ 20.566496] RSP: 002b:00007ffe566c1fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 20.566510] RAX: ffffffffffffffda RBX: 000055e66806eec0 RCX: 00007f13d351ea3d
[ 20.566519] RDX: 0000000000000000 RSI: 00007f13d36d9441 RDI: 0000000000000010
[ 20.566527] RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000002
[ 20.566535] R10: 0000000000000010 R11: 0000000000000246 R12: 00007f13d36d9441
[ 20.566543] R13: 000055e6681108c0 R14: 000055e66805ba70 R15: 000055e66819a9c0
[ 20.566559] </TASK>
[ 20.566566] ---[ end trace 0000000000000000 ]---
Signed-off-by: Sui Jingfeng <suijingfeng@xxxxxxxxxxx>
Signed-off-by: Patrik Jakobsson <patrik.r.jakobsson@xxxxxxxxx>
Link: https://patchwork.freedesktop.org/patch/msgid/20230727185855.713318-1-suijingfeng@xxxxxxxxxxx
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/gpu/drm/gma500/psb_drv.h | 1 +
drivers/gpu/drm/gma500/psb_irq.c | 5 +++++
2 files changed, 6 insertions(+)
diff --git a/drivers/gpu/drm/gma500/psb_drv.h b/drivers/gpu/drm/gma500/psb_drv.h
index ae544b69fc475..52f9ed3c24b8e 100644
--- a/drivers/gpu/drm/gma500/psb_drv.h
+++ b/drivers/gpu/drm/gma500/psb_drv.h
@@ -426,6 +426,7 @@ struct drm_psb_private {
uint32_t pipestat[PSB_NUM_PIPE];
spinlock_t irqmask_lock;
+ bool irq_enabled;
/* Power */
bool pm_initialized;
diff --git a/drivers/gpu/drm/gma500/psb_irq.c b/drivers/gpu/drm/gma500/psb_irq.c
index d421031462df6..ab2d49dab35a0 100644
--- a/drivers/gpu/drm/gma500/psb_irq.c
+++ b/drivers/gpu/drm/gma500/psb_irq.c
@@ -338,6 +338,8 @@ int gma_irq_install(struct drm_device *dev)
gma_irq_postinstall(dev);
+ dev_priv->irq_enabled = true;
+
return 0;
}
@@ -348,6 +350,9 @@ void gma_irq_uninstall(struct drm_device *dev)
unsigned long irqflags;
unsigned int i;
+ if (!dev_priv->irq_enabled)
+ return;
+
spin_lock_irqsave(&dev_priv->irqmask_lock, irqflags);
if (dev_priv->ops->hotplug_enable)
--
2.42.0