From: ville.syrjala@linux.intel.com
To: dri-devel@lists.freedesktop.org
Cc: intel-gfx@lists.freedesktop.org
Subject: [PATCH 09/19] drm: Fix race between drm_vblank_off() and drm_queue_vblank_event()
Date: Wed, 6 Aug 2014 14:49:52 +0300 [thread overview]
Message-ID: <1407325803-6944-10-git-send-email-ville.syrjala@linux.intel.com> (raw)
In-Reply-To: <1407325803-6944-1-git-send-email-ville.syrjala@linux.intel.com>
From: Ville Syrjälä <ville.syrjala@linux.intel.com>
Currently it's possible that the following will happen:
1. drm_wait_vblank() calls drm_vblank_get()
2. drm_vblank_off() gets called
3. drm_wait_vblank() calls drm_queue_vblank_event() which
adds the event to the queue event though vblank interrupts
are currently disabled (and may not be re-enabled ever again).
To fix the problem, add another vblank->enabled check into
drm_queue_vblank_event().
drm_vblank_off() holds event_lock around the vblank disable,
so no further locking needs to be added to drm_queue_vblank_event().
vblank disable from another source is not possible since
drm_wait_vblank() already holds a vblank reference.
Reviewed-by: Matt Roper <matthew.d.roper@intel.com>
Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
---
drivers/gpu/drm/drm_irq.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/drivers/gpu/drm/drm_irq.c b/drivers/gpu/drm/drm_irq.c
index 9353609..b2428cb 100644
--- a/drivers/gpu/drm/drm_irq.c
+++ b/drivers/gpu/drm/drm_irq.c
@@ -1270,6 +1270,7 @@ static int drm_queue_vblank_event(struct drm_device *dev, int pipe,
union drm_wait_vblank *vblwait,
struct drm_file *file_priv)
{
+ struct drm_vblank_crtc *vblank = &dev->vblank[pipe];
struct drm_pending_vblank_event *e;
struct timeval now;
unsigned long flags;
@@ -1293,6 +1294,18 @@ static int drm_queue_vblank_event(struct drm_device *dev, int pipe,
spin_lock_irqsave(&dev->event_lock, flags);
+ /*
+ * drm_vblank_off() might have been called after we called
+ * drm_vblank_get(). drm_vblank_off() holds event_lock
+ * around the vblank disable, so no need for further locking.
+ * The reference from drm_vblank_get() protects against
+ * vblank disable from another source.
+ */
+ if (!vblank->enabled) {
+ ret = -EINVAL;
+ goto err_unlock;
+ }
+
if (file_priv->event_space < sizeof e->event) {
ret = -EBUSY;
goto err_unlock;
--
1.8.5.5
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/dri-devel
next prev parent reply other threads:[~2014-08-06 11:49 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-06 11:49 [PATCH v2 00/19] drm: More vblank on/off work ville.syrjala
2014-08-06 11:49 ` [PATCH v2 01/19] drm: Always reject drm_vblank_get() after drm_vblank_off() ville.syrjala
2014-08-06 11:49 ` [PATCH v2 02/19] drm/i915: Warn if drm_vblank_get() still works " ville.syrjala
2014-08-06 11:49 ` [PATCH 03/19] drm: Don't clear vblank timestamps when vblank interrupt is disabled ville.syrjala
2014-08-06 11:49 ` [PATCH 04/19] drm: Move drm_update_vblank_count() ville.syrjala
2014-08-06 11:49 ` [PATCH 05/19] drm: Have the vblank counter account for the time between vblank irq disable and drm_vblank_off() ville.syrjala
2014-09-02 19:33 ` Mario Kleiner
2014-08-06 11:49 ` [PATCH 06/19] drm: Avoid random vblank counter jumps if the hardware counter has been reset ville.syrjala
2014-08-06 11:49 ` [PATCH v2 07/19] drm: Reduce the amount of dev->vblank[crtc] in the code ville.syrjala
2014-08-06 11:49 ` [PATCH 08/19] drm: Fix deadlock between event_lock and vbl_lock/vblank_time_lock ville.syrjala
2014-08-06 11:49 ` ville.syrjala [this message]
2014-08-06 13:23 ` [PATCH 09/19] drm: Fix race between drm_vblank_off() and drm_queue_vblank_event() Daniel Vetter
2014-08-06 13:33 ` [Intel-gfx] " Ville Syrjälä
2014-08-06 11:49 ` [PATCH v2 10/19] drm: Disable vblank interrupt immediately when drm_vblank_offdelay<0 ville.syrjala
2014-08-06 11:49 ` [PATCH v2 11/19] drm: Add dev->vblank_disable_immediate flag ville.syrjala
2014-08-06 11:49 ` [PATCH 12/19] drm/i915: Opt out of vblank disable timer on >gen2 ville.syrjala
2014-08-06 11:49 ` [PATCH v2 13/19] drm: Kick start vblank interrupts at drm_vblank_on() ville.syrjala
2014-08-06 11:49 ` [PATCH 14/19] drm: Don't update vblank timestamp when the counter didn't change ville.syrjala
2014-08-06 12:56 ` Daniel Vetter
2014-08-06 13:09 ` Daniel Vetter
2014-09-04 12:14 ` Mario Kleiner
2014-09-13 16:25 ` Mario Kleiner
2014-09-15 8:50 ` Daniel Vetter
2014-09-23 12:48 ` [Intel-gfx] " Jani Nikula
2014-09-23 13:51 ` Daniel Vetter
2014-09-23 14:15 ` Mario Kleiner
2014-08-06 11:49 ` [PATCH 15/19] drm: Update vblank->last in drm_update_vblank_count() ville.syrjala
2014-08-06 13:08 ` [Intel-gfx] " Daniel Vetter
2014-08-06 13:30 ` Ville Syrjälä
2014-08-06 14:19 ` Daniel Vetter
2014-08-06 11:49 ` [PATCH 16/19] drm: Store the vblank timestamp when adjusting the counter during disable ville.syrjala
2014-08-06 13:12 ` [Intel-gfx] " Daniel Vetter
2014-08-06 11:50 ` [PATCH 17/19] drm/i915: Clear .last vblank count before drm_vblank_off() when sanitizing crtc state ville.syrjala
2014-08-06 13:30 ` [Intel-gfx] " Daniel Vetter
2014-08-06 13:43 ` Ville Syrjälä
2014-08-06 11:50 ` [PATCH 18/19] drm/i915: Update scanline_offset only for active crtcs ville.syrjala
2014-08-06 11:50 ` [PATCH 19/19] drm: Fix confusing debug message in drm_update_vblank_count() ville.syrjala
2014-08-06 11:50 ` [PATCH igt] tests/kms_flip: Assert that vblank timestamps aren't zeroed ville.syrjala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1407325803-6944-10-git-send-email-ville.syrjala@linux.intel.com \
--to=ville.syrjala@linux.intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.