Hi,
On 02/12/14 14:41, Vikas Patil wrote:
Hi All,
What I found is UnwrapExtMemoryCallBack() function from eurasia_km\services4\srvkm\common\devicemem.c always calls omap_gem_put_pages(), however just before the crash it calls omap_gem_put_paddr() and it crashes in it due to NULL pointer dereference of &obj->dev->struct_mutex. instead of omap_gem_put_pages(). Does this gives any clue on what might be going wrong? What OMAP_BO_TILED_MASK signifies?
OMAP_BO_TILED_MASK tells that the buffer has been allocated with TILER.
I'm not really familiar with this stuff, but I presume a matching operation is done in PVRSRVImportGEMKM().
But but... If &obj->dev->struct_mutex causes a NULL ref, it sounds to me that the memory has already been released, or somehow else a NULL has gotten into there.
Even if the code would accidentally call omap_gem_put_paddr instead of omap_gem_put_pages, the struct_mutex should be fine.
Tomi