@@ -691,6 +691,15 @@ static int do_switch_rcs(struct intel_engine_cs *ring,
*/
from = ring->last_context;
+ /* The only context which 'from' can be, if it was changed, is the default
+ * context. The default context cannot end up in evict everything (as
+ * commented above) because it is always pinned.
+ */
+ if (WARN_ON(from == to)) {
+ ret = -EPERM;
+ goto unpin_out;
+ }
+
if (needs_pd_load) {
/* Older GENs still want the load first, "PP_DCLV followed by
* PP_DIR_BASE register through Load Register Immediate commands
As what was correctly debugged here: commit acc240d41ea1ab9c488a79219fb313b5b46265ae Author: Daniel Vetter <daniel.vetter@ffwll.ch> Date: Thu Dec 5 15:42:34 2013 +0100 drm/i915: Fix use-after-free in do_switch It then becomes apparent that the default context cannot be the context being switched to for context switch because it is always bound. It follows that if the ring->last_context (from) has changed after the bind_to_gtt, it will always be the default context - this is commented in the code block. This assertion will help catch issues without our logic sooner than letting the system move long (which is possible for some time). I really want this to be a BUG(), but I also want the patch to get merged. I think the fact that none of the ERRNOs make any sense at all is just more evidence that this shouldn't be a WARN. //Cc: Ian Lister (don't have current email address) Cc: Rafael Barbalho <rafael.barbalho@intel.com> Signed-off-by: Ben Widawsky <ben@bwidawsk.net> --- drivers/gpu/drm/i915/i915_gem_context.c | 9 +++++++++ 1 file changed, 9 insertions(+)