From: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
To: Hans Verkuil <hverkuil@xs4all.nl>
Cc: linux-media <linux-media@vger.kernel.org>,
Pawel Osciak <pawel@osciak.com>,
Marek Szyprowski <m.szyprowski@samsung.com>,
sasha.levin@oracle.com
Subject: Re: [PATCHv3] videobuf2: fix lockdep warning
Date: Wed, 06 Aug 2014 10:46:04 +0200 [thread overview]
Message-ID: <7218932.ogQRVaqRSh@avalon> (raw)
In-Reply-To: <53E1CECB.40600@xs4all.nl>
Hi Hans,
On Wednesday 06 August 2014 08:44:27 Hans Verkuil wrote:
> On 08/06/2014 12:15 AM, Laurent Pinchart wrote:
> > On Tuesday 05 August 2014 12:56:14 Hans Verkuil wrote:
> >> Changes since v2: use a mutex instead of a spinlock due to possible
> >> sleeps inside the mmap memop. Use the mutex when buffers are
> >> allocated/freed, so it's a much coarser lock.
> >>
> >> The following lockdep warning has been there ever since commit
> >
> >> a517cca6b24fc54ac209e44118ec8962051662e3 one year ago:
> > [snip]
> >
> >> The reason is that vb2_fop_mmap and vb2_fop_get_unmapped_area take the
> >> core lock while they are called with the mmap_sem semaphore held. But
> >> elsewhere in the code the core lock is taken first but calls to
> >> copy_to/from_user() can take the mmap_sem semaphore as well, potentially
> >> causing a classical A-B/B-A deadlock.
> >>
> >> However, the mmap/get_unmapped_area calls really shouldn't take the core
> >> lock at all. So what would happen if they don't take the core lock
> >> anymore?
> >>
> >> There are two situations that need to be taken into account: calling mmap
> >> while new buffers are being added and calling mmap while buffers are
> >> being deleted.
> >>
> >> The first case works almost fine without a lock: in all cases mmap relies
> >> on correctly filled-in q->num_buffers/q->num_planes values and those are
> >> only updated by reqbufs and create_buffers *after* any new buffers have
> >> been initialized completely. Except in one case: if an error occurred
> >> while allocating the buffers it will increase num_buffers and rely on
> >> __vb2_queue_free to decrease it again. So there is a short period where
> >> the buffer information may be wrong.
> >>
> >> The second case definitely does pose a problem: buffers may be in the
> >> process of being deleted, without the internal structure being updated.
> >>
> >> In order to fix this a new mutex is added to vb2_queue that is taken when
> >> buffers are allocated or deleted, and in vb2_mmap. That way vb2_mmap
> >> won't get stale buffer data. Note that this is a problem only for
> >> MEMORY_MMAP, so even though __qbuf_userptr and __qbuf_dmabuf also mess
> >> around with buffers (mem_priv in particular), this doesn't clash with
> >> vb2_mmap or vb2_get_unmapped_area since those are MMAP specific.
> >>
> >> As an additional bonus the hack in __buf_prepare, the USERPTR case, can
> >> be removed as well since mmap() no longer takes the core lock.
> >>
> >> All in all a much cleaner solution.
> >>
> >> Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
> >
> > Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
> >
> > with one small comment, please see below.
> >
> >> ---
> >>
> >> drivers/media/v4l2-core/videobuf2-core.c | 56 +++++++++-----------------
> >> include/media/videobuf2-core.h | 2 ++
> >> 2 files changed, 21 insertions(+), 37 deletions(-)
> >
> > [snip]
> >
> >> diff --git a/include/media/videobuf2-core.h
> >> b/include/media/videobuf2-core.h index fc910a6..ae1289b 100644
> >> --- a/include/media/videobuf2-core.h
> >> +++ b/include/media/videobuf2-core.h
> >> @@ -366,6 +366,7 @@ struct v4l2_fh;
> >> * cannot be started unless at least this number of buffers
> >> * have been queued into the driver.
> >> *
> >> + * @queue_lock: private mutex used when buffers are
> >> allocated/freed/mmapped
> >
> > queue_lock sounds a bit too generic to me, it might confuse readers into
> > thinking the lock protects the whole queue.
>
> How about mmap_lock?
That sounds better.
> >> * @memory: current memory type used
> >> * @bufs: videobuf buffer structures
> >> * @num_buffers: number of allocated/used buffers
> >> @@ -399,6 +400,7 @@ struct vb2_queue {
> >> u32 min_buffers_needed;
> >>
> >> /* private: internal use only */
> >> + struct mutex queue_lock;
> >> enum v4l2_memory memory;
> >> struct vb2_buffer *bufs[VIDEO_MAX_FRAME];
> >> unsigned int num_buffers;
--
Regards,
Laurent Pinchart
prev parent reply other threads:[~2014-08-06 8:45 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-05 10:56 [PATCHv3] videobuf2: fix lockdep warning Hans Verkuil
2014-08-05 11:43 ` Marek Szyprowski
2014-08-05 22:15 ` Laurent Pinchart
2014-08-06 6:44 ` Hans Verkuil
2014-08-06 8:46 ` Laurent Pinchart [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7218932.ogQRVaqRSh@avalon \
--to=laurent.pinchart@ideasonboard.com \
--cc=hverkuil@xs4all.nl \
--cc=linux-media@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=pawel@osciak.com \
--cc=sasha.levin@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.