msm: kgsl: Signal dump_gate only when worker finishes work

Currently we are accessing snapshot structure after signaling dump_gate. In corner cases this worker can get preempted before driver reads this variable, and eventually client dumps the snapshot and snapshot object gets released. When worker gets back in execution it will read freed memory and will case kernel panic. To fix this race, do completion for dump_gate after finishing work in worker kgsl_snapshot_save_frozen_objs. Change-Id: Iaf3c9f9e75a6e3e19653d2d166e2da624796ec98 Signed-off-by: Pankaj Gupta <gpankaj@codeaurora.org> Signed-off-by: celtare21 <celtare21@gmail.com> Signed-off-by: azrim <mirzaspc@gmail.com>
2025-02-20 11:45:48 +08:00 · 2020-01-29 19:07:24 +05:30 · 2020-01-29 19:07:24 +05:30 · 2b1f803da2
commit 2b1f803da2
parent 1a521dea78
1 changed files with 2 additions and 2 deletions
--- a/drivers/gpu/msm/kgsl_snapshot.c
+++ b/drivers/gpu/msm/kgsl_snapshot.c
@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2012-2020, The Linux Foundation. All rights reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 and
@ -1344,6 +1344,6 @@ done:
 				snapshot->ib2base);

 gmu_only:
-	complete_all(&snapshot->dump_gate);
 	BUG_ON(device->force_panic);
+	complete_all(&snapshot->dump_gate);
 }