[RFC PATCH] drm/i915: Use rcu_dereference() in hwsp_offset()

[RFC PATCH] drm/i915: Use rcu_dereference() in hwsp_offset()

[Sebastian Brzezinka]

Replace rcu_dereference_protected() with rcu_dereference() in
hwsp_offset() since the function is called within an RCU read-side
critical section. Using rcu_dereference() avoids unnecessary
protection checks and aligns with correct RCU usage patterns.

Signed-off-by: Sebastian Brzezinka <sebastian.brzezinka@intel.com>
---
I noticed that the current implementation of hwsp_offset() uses rcu_dereference_protected()
when accessing rq->timeline. This seems to be a slight misuse of the API.
rcu_dereference_protected() is intended for updater-side code, where we are not holding
rcu_read_lock() but instead rely on another lock that guarantees safety. The condition argument
in this function acts more like an assertion that the caller holds the required lock.
In our case, hwsp_offset() is called inside an RCU read-side critical section, which means
the correct primitive is rcu_dereference(). The original intent of the condition argument
seems to have been to guard against use-after-free scenarios for timeline(?). However,
rcu_dereference_protected() does not enforce that, it simply returns the pointer regardless
of i915_request_signaled(), and in rare cases this pattern has led to issues such as:
https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/15181
'''
...
<4> [281.246503] drivers/gpu/drm/i915/gt/gen8_engine_cs.c:427 suspicious rcu_dereference_protected() usage!
<4> [281.246506]
other info that might help us debug this:
<4> [281.246507]
rcu_scheduler_active = 2, debug_locks = 1
<4> [281.246509] 5 locks held by gem_exec_whispe/2308:
<4> [281.246511]  #0: ffffc90002ae77c8 (reservation_ww_class_acquire){+.+.}-{0:0}, at: i915_gem_do_execbuffer+0xd2c/0x3710 [i915]
<4> [281.246852]  #1: ffffc90002ae77f0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: i915_gem_do_execbuffer+0xd2c/0x3710 [i915]
<4> [281.247073]  #2: ffff8881e8a4a878 (&timeline->mutex){+.+.}-{3:3}, at: i915_request_create+0x61/0x200 [i915]
<4> [281.247403]  #3: ffffffff83595560 (rcu_read_lock){....}-{1:2}, at: execlists_submission_tasklet+0x44/0x27b0 [i915]
<4> [281.247592]  #4: ffff88812f0c2020 (&sched_engine->lock){-.-.}-{2:2}, at: execlists_submission_tasklet+0x20d/0x27b0 [i915]
<4> [281.247787]
stack backtrace:
<4> [281.247789] CPU: 9 UID: 0 PID: 2308 Comm: gem_exec_whispe Tainted: G     U              6.17.0-CI_DRM_17306-gb3f121acbde4+ #1 PREEMPT(voluntary)
<4> [281.247792] Tainted: [U]=USER
<4> [281.247792] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.6062.A00.2502050210 02/05/2025
<4> [281.247793] Call Trace:
<4> [281.247794]  <IRQ>
<4> [281.247796]  dump_stack_lvl+0x91/0xf0
<4> [281.247802]  dump_stack+0x10/0x20
<4> [281.247804]  lockdep_rcu_suspicious+0x151/0x1e0
<4> [281.247811]  ? __i915_request_submit+0xb0/0x430 [i915]
<4> [281.248010]  hwsp_offset+0x90/0xa0 [i915]
<4> [281.248199]  gen12_emit_fini_breadcrumb_rcs+0xdf/0x480 [i915]
<4> [281.248388]  ? __i915_request_submit+0xb0/0x430 [i915]
<4> [281.248584]  __i915_request_submit+0x15b/0x430 [i915]
<4> [281.248781]  execlists_submission_tasklet+0xdfa/0x27b0 [i915]
<4> [281.248974]  ? mark_held_locks+0x46/0x90
<4> [281.248982]  tasklet_action_common+0x166/0x410
<4> [281.248988]  tasklet_hi_action+0x29/0x40
<4> [281.248990]  handle_softirqs+0xd7/0x4d0
<4> [281.248994]  ? __i915_request_queue+0x3f/0x80 [i915]
<4> [281.249194]  __do_softirq+0x10/0x18
<4> [281.249197]  do_softirq.part.0+0x47/0xd0
...
'''

This issue reproduces very rarely, and I haven’t been able to reproduce it myself, so
I’m not entirely sure why this scenario occurs why we attempt to emit a breadcrumb even
when the request’s fence is already signaled. However, the correct approach seems to be:
 - Drop the use of rcu_dereference_protected() in this context, since it’s not providing
   real safety here.
 - Avoid emitting a breadcrumb at all when the request is already signaled, as
   doing so appears unnecessary.

My concern is that breadcrumbs seem to be emitted in __i915_request_submit, which appears
to be well-guarded against processing retried requests. This leaves me puzzled about what’s
actually happening here.
---
 drivers/gpu/drm/i915/gt/gen8_engine_cs.c | 3 +--
 drivers/gpu/drm/i915/i915_request.c      | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/gpu/drm/i915/gt/gen8_engine_cs.c b/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
index e9f65f27b53f..b799d423d306 100644
--- a/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
+++ b/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
@@ -424,8 +424,7 @@ static u32 hwsp_offset(const struct i915_request *rq)
 	const struct intel_timeline *tl;
 
 	/* Before the request is executed, the timeline is fixed */
-	tl = rcu_dereference_protected(rq->timeline,
-				       !i915_request_signaled(rq));
+	tl = rcu_dereference(rq->timeline);
 
 	/* See the comment in i915_request_active_seqno(). */
 	return page_mask_bits(tl->hwsp_offset) + offset_in_page(rq->hwsp_seqno);
diff --git a/drivers/gpu/drm/i915/i915_request.c b/drivers/gpu/drm/i915/i915_request.c
index b9a2b2194c8f..25a9e574149e 100644
--- a/drivers/gpu/drm/i915/i915_request.c
+++ b/drivers/gpu/drm/i915/i915_request.c
@@ -657,7 +657,7 @@ bool __i915_request_submit(struct i915_request *request)
 	if (request->sched.semaphores &&
 	    i915_sw_fence_signaled(&request->semaphore))
 		engine->saturated |= request->sched.semaphores;
-
+	/*It seems that breadcrumbs are being emitted here.*/
 	engine->emit_fini_breadcrumb(request,
 				     request->ring->vaddr + request->postfix);
 
-- 
2.34.1

Re: [RFC PATCH] drm/i915: Use rcu_dereference() in hwsp_offset()

[Sebastian Brzezinka]

TL;DR:
1. If rcu_dereference_protected is intended to prevent use-after-free, it currently doesn’t.
2. Does anyone know how we end up in this state and what the proper way to prevent it is?
   Adding an if check before engine->emit_fini_breadcrumb feels like a hack.
-- 
Best regards,
Sebastian

✗ i915.CI.BAT: failure for drm/i915: Use rcu_dereference() in hwsp_offset()

[Patchwork]

[-- Attachment #1: Type: text/plain, Size: 18446 bytes --]

== Series Details ==

Series: drm/i915: Use rcu_dereference() in hwsp_offset()
URL   : https://patchwork.freedesktop.org/series/157001/
State : failure

== Summary ==

CI Bug Log - changes from CI_DRM_17481 -> Patchwork_157001v1
====================================================

Summary
-------

  **FAILURE**

  Serious unknown changes coming with Patchwork_157001v1 absolutely need to be
  verified manually.
  
  If you think the reported changes have nothing to do with the changes
  introduced in Patchwork_157001v1, please notify your bug team (I915-ci-infra@lists.freedesktop.org) to allow them
  to document this new failure mode, which will reduce false positives in CI.

  External URL: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/index.html

Participating hosts (46 -> 45)
------------------------------

  Missing    (1): fi-snb-2520m 

Possible new issues
-------------------

  Here are the unknown changes that may have been introduced in Patchwork_157001v1:

### IGT changes ###

#### Possible regressions ####

  * igt@i915_module_load@load:
    - bat-dg2-13:         [PASS][1] -> [DMESG-WARN][2]
   [1]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-13/igt@i915_module_load@load.html
   [2]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-13/igt@i915_module_load@load.html

  * igt@i915_pm_rpm@module-reload:
    - bat-dg2-14:         [PASS][3] -> [DMESG-WARN][4] +43 other tests dmesg-warn
   [3]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-14/igt@i915_pm_rpm@module-reload.html
   [4]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-14/igt@i915_pm_rpm@module-reload.html
    - fi-bsw-nick:        [PASS][5] -> [DMESG-WARN][6] +40 other tests dmesg-warn
   [5]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-bsw-nick/igt@i915_pm_rpm@module-reload.html
   [6]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-bsw-nick/igt@i915_pm_rpm@module-reload.html
    - bat-kbl-2:          [PASS][7] -> [DMESG-WARN][8] +40 other tests dmesg-warn
   [7]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-kbl-2/igt@i915_pm_rpm@module-reload.html
   [8]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-kbl-2/igt@i915_pm_rpm@module-reload.html
    - bat-adlp-6:         [PASS][9] -> [DMESG-WARN][10] +40 other tests dmesg-warn
   [9]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-adlp-6/igt@i915_pm_rpm@module-reload.html
   [10]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-adlp-6/igt@i915_pm_rpm@module-reload.html

  * igt@i915_selftest@live@client:
    - bat-dg2-8:          [PASS][11] -> [DMESG-WARN][12] +41 other tests dmesg-warn
   [11]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-8/igt@i915_selftest@live@client.html
   [12]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-8/igt@i915_selftest@live@client.html
    - fi-kbl-guc:         [PASS][13] -> [DMESG-WARN][14] +40 other tests dmesg-warn
   [13]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-kbl-guc/igt@i915_selftest@live@client.html
   [14]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-kbl-guc/igt@i915_selftest@live@client.html
    - bat-adls-6:         [PASS][15] -> [DMESG-WARN][16] +40 other tests dmesg-warn
   [15]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-adls-6/igt@i915_selftest@live@client.html
   [16]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-adls-6/igt@i915_selftest@live@client.html

  * igt@i915_selftest@live@coherency:
    - bat-dg2-9:          [PASS][17] -> [DMESG-WARN][18] +41 other tests dmesg-warn
   [17]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-9/igt@i915_selftest@live@coherency.html
   [18]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-9/igt@i915_selftest@live@coherency.html
    - fi-kbl-x1275:       [PASS][19] -> [DMESG-WARN][20] +40 other tests dmesg-warn
   [19]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-kbl-x1275/igt@i915_selftest@live@coherency.html
   [20]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-kbl-x1275/igt@i915_selftest@live@coherency.html
    - bat-adlp-11:        [PASS][21] -> [DMESG-WARN][22] +40 other tests dmesg-warn
   [21]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-adlp-11/igt@i915_selftest@live@coherency.html
   [22]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-adlp-11/igt@i915_selftest@live@coherency.html

  * igt@i915_selftest@live@gem:
    - fi-rkl-11600:       [PASS][23] -> [DMESG-WARN][24] +40 other tests dmesg-warn
   [23]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-rkl-11600/igt@i915_selftest@live@gem.html
   [24]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-rkl-11600/igt@i915_selftest@live@gem.html

  * igt@i915_selftest@live@gem_contexts:
    - bat-arls-6:         [PASS][25] -> [DMESG-WARN][26] +40 other tests dmesg-warn
   [25]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-arls-6/igt@i915_selftest@live@gem_contexts.html
   [26]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-arls-6/igt@i915_selftest@live@gem_contexts.html
    - bat-arlh-3:         [PASS][27] -> [DMESG-WARN][28] +40 other tests dmesg-warn
   [27]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-arlh-3/igt@i915_selftest@live@gem_contexts.html
   [28]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-arlh-3/igt@i915_selftest@live@gem_contexts.html

  * igt@i915_selftest@live@gt_contexts:
    - bat-jsl-1:          [PASS][29] -> [DMESG-WARN][30] +40 other tests dmesg-warn
   [29]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-jsl-1/igt@i915_selftest@live@gt_contexts.html
   [30]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-jsl-1/igt@i915_selftest@live@gt_contexts.html

  * igt@i915_selftest@live@gt_engines:
    - bat-dg1-6:          [PASS][31] -> [DMESG-WARN][32] +43 other tests dmesg-warn
   [31]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg1-6/igt@i915_selftest@live@gt_engines.html
   [32]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg1-6/igt@i915_selftest@live@gt_engines.html

  * igt@i915_selftest@live@gt_heartbeat:
    - bat-rpls-4:         [PASS][33] -> [DMESG-WARN][34] +40 other tests dmesg-warn
   [33]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-rpls-4/igt@i915_selftest@live@gt_heartbeat.html
   [34]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-rpls-4/igt@i915_selftest@live@gt_heartbeat.html

  * igt@i915_selftest@live@gt_mocs:
    - bat-twl-2:          [PASS][35] -> [DMESG-WARN][36] +40 other tests dmesg-warn
   [35]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-twl-2/igt@i915_selftest@live@gt_mocs.html
   [36]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-twl-2/igt@i915_selftest@live@gt_mocs.html

  * igt@i915_selftest@live@gt_pm:
    - fi-tgl-1115g4:      [PASS][37] -> [DMESG-WARN][38] +40 other tests dmesg-warn
   [37]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-tgl-1115g4/igt@i915_selftest@live@gt_pm.html
   [38]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-tgl-1115g4/igt@i915_selftest@live@gt_pm.html

  * igt@i915_selftest@live@gt_tlb:
    - bat-adlp-9:         [PASS][39] -> [DMESG-WARN][40] +40 other tests dmesg-warn
   [39]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-adlp-9/igt@i915_selftest@live@gt_tlb.html
   [40]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-adlp-9/igt@i915_selftest@live@gt_tlb.html

  * igt@i915_selftest@live@guc_multi_lrc:
    - bat-mtlp-8:         [PASS][41] -> [DMESG-WARN][42] +40 other tests dmesg-warn
   [41]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-mtlp-8/igt@i915_selftest@live@guc_multi_lrc.html
   [42]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-mtlp-8/igt@i915_selftest@live@guc_multi_lrc.html

  * igt@i915_selftest@live@hangcheck:
    - bat-atsm-1:         [PASS][43] -> [DMESG-WARN][44] +41 other tests dmesg-warn
   [43]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-atsm-1/igt@i915_selftest@live@hangcheck.html
   [44]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-atsm-1/igt@i915_selftest@live@hangcheck.html
    - bat-mtlp-9:         [PASS][45] -> [DMESG-WARN][46] +40 other tests dmesg-warn
   [45]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-mtlp-9/igt@i915_selftest@live@hangcheck.html
   [46]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-mtlp-9/igt@i915_selftest@live@hangcheck.html

  * igt@i915_selftest@live@hugepages:
    - fi-glk-j4005:       [PASS][47] -> [DMESG-WARN][48] +40 other tests dmesg-warn
   [47]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-glk-j4005/igt@i915_selftest@live@hugepages.html
   [48]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-glk-j4005/igt@i915_selftest@live@hugepages.html

  * igt@i915_selftest@live@late_gt_pm:
    - fi-cfl-8109u:       [PASS][49] -> [DMESG-WARN][50] +40 other tests dmesg-warn
   [49]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-cfl-8109u/igt@i915_selftest@live@late_gt_pm.html
   [50]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-cfl-8109u/igt@i915_selftest@live@late_gt_pm.html
    - fi-kbl-8809g:       [PASS][51] -> [DMESG-WARN][52] +40 other tests dmesg-warn
   [51]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-kbl-8809g/igt@i915_selftest@live@late_gt_pm.html
   [52]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-kbl-8809g/igt@i915_selftest@live@late_gt_pm.html

  * igt@i915_selftest@live@objects:
    - fi-skl-6600u:       [PASS][53] -> [DMESG-WARN][54] +40 other tests dmesg-warn
   [53]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-skl-6600u/igt@i915_selftest@live@objects.html
   [54]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-skl-6600u/igt@i915_selftest@live@objects.html

  * igt@i915_selftest@live@perf:
    - bat-dg2-11:         [PASS][55] -> [DMESG-WARN][56] +41 other tests dmesg-warn
   [55]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-11/igt@i915_selftest@live@perf.html
   [56]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-11/igt@i915_selftest@live@perf.html

  * igt@i915_selftest@live@sanitycheck:
    - fi-kbl-7567u:       [PASS][57] -> [DMESG-WARN][58] +40 other tests dmesg-warn
   [57]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-kbl-7567u/igt@i915_selftest@live@sanitycheck.html
   [58]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-kbl-7567u/igt@i915_selftest@live@sanitycheck.html
    - bat-twl-1:          [PASS][59] -> [DMESG-WARN][60] +40 other tests dmesg-warn
   [59]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-twl-1/igt@i915_selftest@live@sanitycheck.html
   [60]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-twl-1/igt@i915_selftest@live@sanitycheck.html
    - bat-jsl-5:          [PASS][61] -> [DMESG-WARN][62] +40 other tests dmesg-warn
   [61]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-jsl-5/igt@i915_selftest@live@sanitycheck.html
   [62]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-jsl-5/igt@i915_selftest@live@sanitycheck.html
    - bat-apl-1:          [PASS][63] -> [DMESG-WARN][64] +40 other tests dmesg-warn
   [63]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-apl-1/igt@i915_selftest@live@sanitycheck.html
   [64]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-apl-1/igt@i915_selftest@live@sanitycheck.html
    - bat-arls-5:         [PASS][65] -> [DMESG-WARN][66] +38 other tests dmesg-warn
   [65]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-arls-5/igt@i915_selftest@live@sanitycheck.html
   [66]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-arls-5/igt@i915_selftest@live@sanitycheck.html
    - bat-rplp-1:         [PASS][67] -> [DMESG-WARN][68] +40 other tests dmesg-warn
   [67]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-rplp-1/igt@i915_selftest@live@sanitycheck.html
   [68]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-rplp-1/igt@i915_selftest@live@sanitycheck.html
    - bat-arlh-2:         [PASS][69] -> [DMESG-WARN][70] +40 other tests dmesg-warn
   [69]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-arlh-2/igt@i915_selftest@live@sanitycheck.html
   [70]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-arlh-2/igt@i915_selftest@live@sanitycheck.html

  * igt@i915_selftest@live@slpc:
    - fi-cfl-guc:         [PASS][71] -> [DMESG-WARN][72] +40 other tests dmesg-warn
   [71]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-cfl-guc/igt@i915_selftest@live@slpc.html
   [72]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-cfl-guc/igt@i915_selftest@live@slpc.html
    - bat-mtlp-6:         [PASS][73] -> [DMESG-WARN][74] +40 other tests dmesg-warn
   [73]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-mtlp-6/igt@i915_selftest@live@slpc.html
   [74]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-mtlp-6/igt@i915_selftest@live@slpc.html

  * igt@i915_selftest@live@uncore:
    - bat-dg1-7:          [PASS][75] -> [DMESG-WARN][76] +43 other tests dmesg-warn
   [75]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg1-7/igt@i915_selftest@live@uncore.html
   [76]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg1-7/igt@i915_selftest@live@uncore.html

  * igt@i915_selftest@live@vma:
    - fi-cfl-8700k:       [PASS][77] -> [DMESG-WARN][78] +40 other tests dmesg-warn
   [77]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-cfl-8700k/igt@i915_selftest@live@vma.html
   [78]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-cfl-8700k/igt@i915_selftest@live@vma.html

  * igt@i915_selftest@live@workarounds:
    - fi-bsw-n3050:       [PASS][79] -> [DMESG-WARN][80] +40 other tests dmesg-warn
   [79]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/fi-bsw-n3050/igt@i915_selftest@live@workarounds.html
   [80]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/fi-bsw-n3050/igt@i915_selftest@live@workarounds.html

  
#### Warnings ####

  * igt@i915_selftest@live@workarounds:
    - bat-dg2-9:          [DMESG-FAIL][81] ([i915#12061]) -> [DMESG-WARN][82] +1 other test dmesg-warn
   [81]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-9/igt@i915_selftest@live@workarounds.html
   [82]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-9/igt@i915_selftest@live@workarounds.html
    - bat-dg2-11:         [DMESG-FAIL][83] ([i915#12061]) -> [DMESG-WARN][84] +1 other test dmesg-warn
   [83]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-11/igt@i915_selftest@live@workarounds.html
   [84]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-11/igt@i915_selftest@live@workarounds.html

  
Known issues
------------

  Here are the changes found in Patchwork_157001v1 that come from known issues:

### IGT changes ###

#### Issues hit ####

  * igt@gem_lmem_swapping@basic:
    - bat-dg2-11:         [PASS][85] -> [DMESG-WARN][86] ([i915#14545])
   [85]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-11/igt@gem_lmem_swapping@basic.html
   [86]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-11/igt@gem_lmem_swapping@basic.html
    - bat-dg2-14:         [PASS][87] -> [DMESG-WARN][88] ([i915#14545])
   [87]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-14/igt@gem_lmem_swapping@basic.html
   [88]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-14/igt@gem_lmem_swapping@basic.html
    - bat-dg2-8:          [PASS][89] -> [DMESG-WARN][90] ([i915#14545])
   [89]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-8/igt@gem_lmem_swapping@basic.html
   [90]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-8/igt@gem_lmem_swapping@basic.html
    - bat-dg1-7:          [PASS][91] -> [DMESG-WARN][92] ([i915#14545])
   [91]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg1-7/igt@gem_lmem_swapping@basic.html
   [92]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg1-7/igt@gem_lmem_swapping@basic.html
    - bat-dg2-9:          [PASS][93] -> [DMESG-WARN][94] ([i915#14545])
   [93]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-9/igt@gem_lmem_swapping@basic.html
   [94]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-9/igt@gem_lmem_swapping@basic.html
    - bat-dg1-6:          [PASS][95] -> [DMESG-WARN][96] ([i915#14545])
   [95]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg1-6/igt@gem_lmem_swapping@basic.html
   [96]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg1-6/igt@gem_lmem_swapping@basic.html

  * igt@i915_selftest@live:
    - bat-dg2-8:          [PASS][97] -> [DMESG-FAIL][98] ([i915#12061]) +1 other test dmesg-fail
   [97]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-dg2-8/igt@i915_selftest@live.html
   [98]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-dg2-8/igt@i915_selftest@live.html

  * igt@i915_selftest@live@workarounds:
    - bat-arls-5:         [PASS][99] -> [DMESG-FAIL][100] ([i915#12061]) +1 other test dmesg-fail
   [99]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17481/bat-arls-5/igt@i915_selftest@live@workarounds.html
   [100]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/bat-arls-5/igt@i915_selftest@live@workarounds.html

  
  [i915#12061]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12061
  [i915#14545]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14545


Build changes
-------------

  * Linux: CI_DRM_17481 -> Patchwork_157001v1

  CI-20190529: 20190529
  CI_DRM_17481: 3512eb46a8d42c3deb477856c25d519b19a7d165 @ git://anongit.freedesktop.org/gfx-ci/linux
  IGT_8606: 7f516488d66a52df3b3027d5c02c5be298424b78 @ https://gitlab.freedesktop.org/drm/igt-gpu-tools.git
  Patchwork_157001v1: 3512eb46a8d42c3deb477856c25d519b19a7d165 @ git://anongit.freedesktop.org/gfx-ci/linux

== Logs ==

For more details see: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v1/index.html

[-- Attachment #2: Type: text/html, Size: 20475 bytes --]

✗ i915.CI.BAT: failure for drm/i915: Use rcu_dereference() in hwsp_offset() (rev2)

[Patchwork]

[-- Attachment #1: Type: text/plain, Size: 17978 bytes --]

== Series Details ==

Series: drm/i915: Use rcu_dereference() in hwsp_offset() (rev2)
URL   : https://patchwork.freedesktop.org/series/157001/
State : failure

== Summary ==

CI Bug Log - changes from CI_DRM_17567 -> Patchwork_157001v2
====================================================

Summary
-------

  **FAILURE**

  Serious unknown changes coming with Patchwork_157001v2 absolutely need to be
  verified manually.
  
  If you think the reported changes have nothing to do with the changes
  introduced in Patchwork_157001v2, please notify your bug team (I915-ci-infra@lists.freedesktop.org) to allow them
  to document this new failure mode, which will reduce false positives in CI.

  External URL: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/index.html

Participating hosts (45 -> 44)
------------------------------

  Missing    (1): fi-snb-2520m 

Possible new issues
-------------------

  Here are the unknown changes that may have been introduced in Patchwork_157001v2:

### IGT changes ###

#### Possible regressions ####

  * igt@i915_module_load@load:
    - bat-dg2-13:         [PASS][1] -> [DMESG-WARN][2]
   [1]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-13/igt@i915_module_load@load.html
   [2]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-13/igt@i915_module_load@load.html

  * igt@i915_pm_rpm@module-reload:
    - bat-dg2-14:         [PASS][3] -> [DMESG-WARN][4] +43 other tests dmesg-warn
   [3]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-14/igt@i915_pm_rpm@module-reload.html
   [4]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-14/igt@i915_pm_rpm@module-reload.html
    - fi-bsw-nick:        [PASS][5] -> [DMESG-WARN][6] +40 other tests dmesg-warn
   [5]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-bsw-nick/igt@i915_pm_rpm@module-reload.html
   [6]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-bsw-nick/igt@i915_pm_rpm@module-reload.html
    - bat-kbl-2:          [PASS][7] -> [DMESG-WARN][8] +40 other tests dmesg-warn
   [7]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-kbl-2/igt@i915_pm_rpm@module-reload.html
   [8]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-kbl-2/igt@i915_pm_rpm@module-reload.html
    - bat-adlp-6:         [PASS][9] -> [DMESG-WARN][10] +40 other tests dmesg-warn
   [9]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-adlp-6/igt@i915_pm_rpm@module-reload.html
   [10]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-adlp-6/igt@i915_pm_rpm@module-reload.html

  * igt@i915_selftest@live@client:
    - bat-dg2-8:          [PASS][11] -> [DMESG-WARN][12] +43 other tests dmesg-warn
   [11]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-8/igt@i915_selftest@live@client.html
   [12]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-8/igt@i915_selftest@live@client.html
    - fi-kbl-guc:         [PASS][13] -> [DMESG-WARN][14] +40 other tests dmesg-warn
   [13]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-kbl-guc/igt@i915_selftest@live@client.html
   [14]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-kbl-guc/igt@i915_selftest@live@client.html
    - bat-adls-6:         [PASS][15] -> [DMESG-WARN][16] +40 other tests dmesg-warn
   [15]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-adls-6/igt@i915_selftest@live@client.html
   [16]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-adls-6/igt@i915_selftest@live@client.html

  * igt@i915_selftest@live@coherency:
    - bat-dg2-9:          [PASS][17] -> [DMESG-WARN][18] +41 other tests dmesg-warn
   [17]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-9/igt@i915_selftest@live@coherency.html
   [18]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-9/igt@i915_selftest@live@coherency.html
    - fi-kbl-x1275:       [PASS][19] -> [DMESG-WARN][20] +40 other tests dmesg-warn
   [19]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-kbl-x1275/igt@i915_selftest@live@coherency.html
   [20]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-kbl-x1275/igt@i915_selftest@live@coherency.html
    - bat-adlp-11:        [PASS][21] -> [DMESG-WARN][22] +40 other tests dmesg-warn
   [21]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-adlp-11/igt@i915_selftest@live@coherency.html
   [22]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-adlp-11/igt@i915_selftest@live@coherency.html

  * igt@i915_selftest@live@gem:
    - fi-rkl-11600:       [PASS][23] -> [DMESG-WARN][24] +40 other tests dmesg-warn
   [23]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-rkl-11600/igt@i915_selftest@live@gem.html
   [24]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-rkl-11600/igt@i915_selftest@live@gem.html

  * igt@i915_selftest@live@gem_contexts:
    - bat-arls-6:         [PASS][25] -> [DMESG-WARN][26] +40 other tests dmesg-warn
   [25]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-arls-6/igt@i915_selftest@live@gem_contexts.html
   [26]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-arls-6/igt@i915_selftest@live@gem_contexts.html
    - bat-arlh-3:         [PASS][27] -> [DMESG-WARN][28] +40 other tests dmesg-warn
   [27]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-arlh-3/igt@i915_selftest@live@gem_contexts.html
   [28]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-arlh-3/igt@i915_selftest@live@gem_contexts.html

  * igt@i915_selftest@live@gt_contexts:
    - bat-jsl-1:          [PASS][29] -> [DMESG-WARN][30] +40 other tests dmesg-warn
   [29]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-jsl-1/igt@i915_selftest@live@gt_contexts.html
   [30]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-jsl-1/igt@i915_selftest@live@gt_contexts.html

  * igt@i915_selftest@live@gt_engines:
    - bat-dg1-6:          [PASS][31] -> [DMESG-WARN][32] +43 other tests dmesg-warn
   [31]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg1-6/igt@i915_selftest@live@gt_engines.html
   [32]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg1-6/igt@i915_selftest@live@gt_engines.html

  * igt@i915_selftest@live@gt_heartbeat:
    - bat-rpls-4:         [PASS][33] -> [DMESG-WARN][34] +40 other tests dmesg-warn
   [33]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-rpls-4/igt@i915_selftest@live@gt_heartbeat.html
   [34]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-rpls-4/igt@i915_selftest@live@gt_heartbeat.html

  * igt@i915_selftest@live@gt_mocs:
    - bat-twl-2:          [PASS][35] -> [DMESG-WARN][36] +40 other tests dmesg-warn
   [35]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-twl-2/igt@i915_selftest@live@gt_mocs.html
   [36]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-twl-2/igt@i915_selftest@live@gt_mocs.html

  * igt@i915_selftest@live@gt_pm:
    - fi-tgl-1115g4:      [PASS][37] -> [DMESG-WARN][38] +40 other tests dmesg-warn
   [37]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-tgl-1115g4/igt@i915_selftest@live@gt_pm.html
   [38]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-tgl-1115g4/igt@i915_selftest@live@gt_pm.html

  * igt@i915_selftest@live@gt_tlb:
    - bat-adlp-9:         [PASS][39] -> [DMESG-WARN][40] +40 other tests dmesg-warn
   [39]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-adlp-9/igt@i915_selftest@live@gt_tlb.html
   [40]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-adlp-9/igt@i915_selftest@live@gt_tlb.html

  * igt@i915_selftest@live@guc_multi_lrc:
    - bat-mtlp-8:         [PASS][41] -> [DMESG-WARN][42] +40 other tests dmesg-warn
   [41]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-mtlp-8/igt@i915_selftest@live@guc_multi_lrc.html
   [42]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-mtlp-8/igt@i915_selftest@live@guc_multi_lrc.html

  * igt@i915_selftest@live@hangcheck:
    - bat-atsm-1:         [PASS][43] -> [DMESG-WARN][44] +41 other tests dmesg-warn
   [43]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-atsm-1/igt@i915_selftest@live@hangcheck.html
   [44]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-atsm-1/igt@i915_selftest@live@hangcheck.html
    - bat-mtlp-9:         [PASS][45] -> [DMESG-WARN][46] +39 other tests dmesg-warn
   [45]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-mtlp-9/igt@i915_selftest@live@hangcheck.html
   [46]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-mtlp-9/igt@i915_selftest@live@hangcheck.html

  * igt@i915_selftest@live@hugepages:
    - fi-glk-j4005:       [PASS][47] -> [DMESG-WARN][48] +40 other tests dmesg-warn
   [47]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-glk-j4005/igt@i915_selftest@live@hugepages.html
   [48]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-glk-j4005/igt@i915_selftest@live@hugepages.html

  * igt@i915_selftest@live@late_gt_pm:
    - fi-kbl-8809g:       [PASS][49] -> [DMESG-WARN][50] +40 other tests dmesg-warn
   [49]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-kbl-8809g/igt@i915_selftest@live@late_gt_pm.html
   [50]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-kbl-8809g/igt@i915_selftest@live@late_gt_pm.html

  * igt@i915_selftest@live@objects:
    - fi-skl-6600u:       [PASS][51] -> [DMESG-WARN][52] +40 other tests dmesg-warn
   [51]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-skl-6600u/igt@i915_selftest@live@objects.html
   [52]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-skl-6600u/igt@i915_selftest@live@objects.html

  * igt@i915_selftest@live@perf:
    - bat-dg2-11:         [PASS][53] -> [DMESG-WARN][54] +41 other tests dmesg-warn
   [53]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-11/igt@i915_selftest@live@perf.html
   [54]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-11/igt@i915_selftest@live@perf.html

  * igt@i915_selftest@live@sanitycheck:
    - fi-kbl-7567u:       [PASS][55] -> [DMESG-WARN][56] +40 other tests dmesg-warn
   [55]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-kbl-7567u/igt@i915_selftest@live@sanitycheck.html
   [56]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-kbl-7567u/igt@i915_selftest@live@sanitycheck.html
    - bat-twl-1:          [PASS][57] -> [DMESG-WARN][58] +40 other tests dmesg-warn
   [57]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-twl-1/igt@i915_selftest@live@sanitycheck.html
   [58]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-twl-1/igt@i915_selftest@live@sanitycheck.html
    - bat-jsl-5:          [PASS][59] -> [DMESG-WARN][60] +40 other tests dmesg-warn
   [59]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-jsl-5/igt@i915_selftest@live@sanitycheck.html
   [60]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-jsl-5/igt@i915_selftest@live@sanitycheck.html
    - bat-apl-1:          [PASS][61] -> [DMESG-WARN][62] +40 other tests dmesg-warn
   [61]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-apl-1/igt@i915_selftest@live@sanitycheck.html
   [62]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-apl-1/igt@i915_selftest@live@sanitycheck.html
    - bat-arls-5:         [PASS][63] -> [DMESG-WARN][64] +38 other tests dmesg-warn
   [63]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-arls-5/igt@i915_selftest@live@sanitycheck.html
   [64]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-arls-5/igt@i915_selftest@live@sanitycheck.html
    - bat-rplp-1:         [PASS][65] -> [DMESG-WARN][66] +40 other tests dmesg-warn
   [65]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-rplp-1/igt@i915_selftest@live@sanitycheck.html
   [66]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-rplp-1/igt@i915_selftest@live@sanitycheck.html
    - bat-arlh-2:         [PASS][67] -> [DMESG-WARN][68] +40 other tests dmesg-warn
   [67]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-arlh-2/igt@i915_selftest@live@sanitycheck.html
   [68]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-arlh-2/igt@i915_selftest@live@sanitycheck.html

  * igt@i915_selftest@live@slpc:
    - fi-cfl-guc:         [PASS][69] -> [DMESG-WARN][70] +40 other tests dmesg-warn
   [69]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-cfl-guc/igt@i915_selftest@live@slpc.html
   [70]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-cfl-guc/igt@i915_selftest@live@slpc.html
    - bat-mtlp-6:         [PASS][71] -> [DMESG-WARN][72] +40 other tests dmesg-warn
   [71]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-mtlp-6/igt@i915_selftest@live@slpc.html
   [72]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-mtlp-6/igt@i915_selftest@live@slpc.html

  * igt@i915_selftest@live@uncore:
    - bat-dg1-7:          [PASS][73] -> [DMESG-WARN][74] +43 other tests dmesg-warn
   [73]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg1-7/igt@i915_selftest@live@uncore.html
   [74]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg1-7/igt@i915_selftest@live@uncore.html

  * igt@i915_selftest@live@vma:
    - fi-cfl-8700k:       [PASS][75] -> [DMESG-WARN][76] +40 other tests dmesg-warn
   [75]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-cfl-8700k/igt@i915_selftest@live@vma.html
   [76]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-cfl-8700k/igt@i915_selftest@live@vma.html

  * igt@i915_selftest@live@workarounds:
    - fi-bsw-n3050:       [PASS][77] -> [DMESG-WARN][78] +40 other tests dmesg-warn
   [77]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/fi-bsw-n3050/igt@i915_selftest@live@workarounds.html
   [78]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/fi-bsw-n3050/igt@i915_selftest@live@workarounds.html

  
#### Warnings ####

  * igt@i915_selftest@live@workarounds:
    - bat-arls-5:         [DMESG-FAIL][79] ([i915#12061]) -> [DMESG-WARN][80] +1 other test dmesg-warn
   [79]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-arls-5/igt@i915_selftest@live@workarounds.html
   [80]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-arls-5/igt@i915_selftest@live@workarounds.html

  
Known issues
------------

  Here are the changes found in Patchwork_157001v2 that come from known issues:

### IGT changes ###

#### Issues hit ####

  * igt@gem_lmem_swapping@basic:
    - bat-dg2-11:         [PASS][81] -> [DMESG-WARN][82] ([i915#14545])
   [81]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-11/igt@gem_lmem_swapping@basic.html
   [82]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-11/igt@gem_lmem_swapping@basic.html
    - bat-dg2-14:         [PASS][83] -> [DMESG-WARN][84] ([i915#14545])
   [83]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-14/igt@gem_lmem_swapping@basic.html
   [84]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-14/igt@gem_lmem_swapping@basic.html
    - bat-dg2-8:          [PASS][85] -> [DMESG-WARN][86] ([i915#14545])
   [85]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-8/igt@gem_lmem_swapping@basic.html
   [86]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-8/igt@gem_lmem_swapping@basic.html
    - bat-dg1-7:          [PASS][87] -> [DMESG-WARN][88] ([i915#14545])
   [87]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg1-7/igt@gem_lmem_swapping@basic.html
   [88]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg1-7/igt@gem_lmem_swapping@basic.html
    - bat-dg2-9:          [PASS][89] -> [DMESG-WARN][90] ([i915#14545])
   [89]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg2-9/igt@gem_lmem_swapping@basic.html
   [90]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg2-9/igt@gem_lmem_swapping@basic.html
    - bat-dg1-6:          [PASS][91] -> [DMESG-WARN][92] ([i915#14545])
   [91]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-dg1-6/igt@gem_lmem_swapping@basic.html
   [92]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-dg1-6/igt@gem_lmem_swapping@basic.html

  
#### Warnings ####

  * igt@i915_selftest@live:
    - bat-atsm-1:         [DMESG-FAIL][93] ([i915#12061] / [i915#14204]) -> [DMESG-FAIL][94] ([i915#12061] / [i915#13929])
   [93]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-atsm-1/igt@i915_selftest@live.html
   [94]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-atsm-1/igt@i915_selftest@live.html

  * igt@i915_selftest@live@mman:
    - bat-atsm-1:         [DMESG-FAIL][95] ([i915#14204]) -> [DMESG-FAIL][96] ([i915#13929])
   [95]: https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_17567/bat-atsm-1/igt@i915_selftest@live@mman.html
   [96]: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/bat-atsm-1/igt@i915_selftest@live@mman.html

  
  [i915#12061]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12061
  [i915#13929]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/13929
  [i915#14204]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14204
  [i915#14545]: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/14545


Build changes
-------------

  * Linux: CI_DRM_17567 -> Patchwork_157001v2

  CI-20190529: 20190529
  CI_DRM_17567: 80939f90d3e68b92b868017ea450e6695f756666 @ git://anongit.freedesktop.org/gfx-ci/linux
  IGT_8632: bbd6b1e5161ad8d244042f4a0d9fefcd575ccf67 @ https://gitlab.freedesktop.org/drm/igt-gpu-tools.git
  Patchwork_157001v2: 80939f90d3e68b92b868017ea450e6695f756666 @ git://anongit.freedesktop.org/gfx-ci/linux

== Logs ==

For more details see: https://intel-gfx-ci.01.org/tree/drm-tip/Patchwork_157001v2/index.html

[-- Attachment #2: Type: text/html, Size: 20064 bytes --]

Re: [RFC PATCH] drm/i915: Use rcu_dereference() in hwsp_offset()

[Janusz Krzysztofik]

Hi Sebastian,

On Tuesday, 4 November 2025 12:33:38 CET Sebastian Brzezinka wrote:
> Replace rcu_dereference_protected() with rcu_dereference() in
> hwsp_offset() since the function is called within an RCU read-side
> critical section. Using rcu_dereference() avoids unnecessary
> protection checks and aligns with correct RCU usage patterns.
> 
> Signed-off-by: Sebastian Brzezinka <sebastian.brzezinka@intel.com>
> ---
> I noticed that the current implementation of hwsp_offset() uses rcu_dereference_protected()
> when accessing rq->timeline. This seems to be a slight misuse of the API.
> rcu_dereference_protected() is intended for updater-side code, where we are not holding
> rcu_read_lock() but instead rely on another lock that guarantees safety. The condition argument
> in this function acts more like an assertion that the caller holds the required lock.
> In our case, hwsp_offset() is called inside an RCU read-side critical section, which means
> the correct primitive is rcu_dereference(). The original intent of the condition argument
> seems to have been to guard against use-after-free scenarios for timeline(?). However,
> rcu_dereference_protected() does not enforce that, it simply returns the pointer regardless
> of i915_request_signaled(), and in rare cases this pattern has led to issues such as:
> https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/15181
> '''
> ...
> <4> [281.246503] drivers/gpu/drm/i915/gt/gen8_engine_cs.c:427 suspicious rcu_dereference_protected() usage!
> <4> [281.246506]
> other info that might help us debug this:
> <4> [281.246507]
> rcu_scheduler_active = 2, debug_locks = 1
> <4> [281.246509] 5 locks held by gem_exec_whispe/2308:
> <4> [281.246511]  #0: ffffc90002ae77c8 (reservation_ww_class_acquire){+.+.}-{0:0}, at: i915_gem_do_execbuffer+0xd2c/0x3710 [i915]
> <4> [281.246852]  #1: ffffc90002ae77f0 (reservation_ww_class_mutex){+.+.}-{3:3}, at: i915_gem_do_execbuffer+0xd2c/0x3710 [i915]
> <4> [281.247073]  #2: ffff8881e8a4a878 (&timeline->mutex){+.+.}-{3:3}, at: i915_request_create+0x61/0x200 [i915]
> <4> [281.247403]  #3: ffffffff83595560 (rcu_read_lock){....}-{1:2}, at: execlists_submission_tasklet+0x44/0x27b0 [i915]
> <4> [281.247592]  #4: ffff88812f0c2020 (&sched_engine->lock){-.-.}-{2:2}, at: execlists_submission_tasklet+0x20d/0x27b0 [i915]
> <4> [281.247787]
> stack backtrace:
> <4> [281.247789] CPU: 9 UID: 0 PID: 2308 Comm: gem_exec_whispe Tainted: G     U              6.17.0-CI_DRM_17306-gb3f121acbde4+ #1 PREEMPT(voluntary)
> <4> [281.247792] Tainted: [U]=USER
> <4> [281.247792] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.6062.A00.2502050210 02/05/2025
> <4> [281.247793] Call Trace:
> <4> [281.247794]  <IRQ>
> <4> [281.247796]  dump_stack_lvl+0x91/0xf0
> <4> [281.247802]  dump_stack+0x10/0x20
> <4> [281.247804]  lockdep_rcu_suspicious+0x151/0x1e0
> <4> [281.247811]  ? __i915_request_submit+0xb0/0x430 [i915]
> <4> [281.248010]  hwsp_offset+0x90/0xa0 [i915]
> <4> [281.248199]  gen12_emit_fini_breadcrumb_rcs+0xdf/0x480 [i915]
> <4> [281.248388]  ? __i915_request_submit+0xb0/0x430 [i915]
> <4> [281.248584]  __i915_request_submit+0x15b/0x430 [i915]
> <4> [281.248781]  execlists_submission_tasklet+0xdfa/0x27b0 [i915]
> <4> [281.248974]  ? mark_held_locks+0x46/0x90
> <4> [281.248982]  tasklet_action_common+0x166/0x410
> <4> [281.248988]  tasklet_hi_action+0x29/0x40
> <4> [281.248990]  handle_softirqs+0xd7/0x4d0
> <4> [281.248994]  ? __i915_request_queue+0x3f/0x80 [i915]
> <4> [281.249194]  __do_softirq+0x10/0x18
> <4> [281.249197]  do_softirq.part.0+0x47/0xd0
> ...
> '''
> 
> This issue reproduces very rarely, and I haven’t been able to reproduce it myself, so
> I’m not entirely sure why this scenario occurs why we attempt to emit a breadcrumb even
> when the request’s fence is already signaled. However, the correct approach seems to be:
>  - Drop the use of rcu_dereference_protected() in this context, since it’s not providing
>    real safety here.
>  - Avoid emitting a breadcrumb at all when the request is already signaled, as
>    doing so appears unnecessary.
> 
> My concern is that breadcrumbs seem to be emitted in __i915_request_submit, which appears
> to be well-guarded against processing retried requests. This leaves me puzzled about what’s
> actually happening here.
> ---
>  drivers/gpu/drm/i915/gt/gen8_engine_cs.c | 3 +--
>  drivers/gpu/drm/i915/i915_request.c      | 2 +-
>  2 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/gpu/drm/i915/gt/gen8_engine_cs.c b/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
> index e9f65f27b53f..b799d423d306 100644
> --- a/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
> +++ b/drivers/gpu/drm/i915/gt/gen8_engine_cs.c
> @@ -424,8 +424,7 @@ static u32 hwsp_offset(const struct i915_request *rq)
>  	const struct intel_timeline *tl;
>  
>  	/* Before the request is executed, the timeline is fixed */
> -	tl = rcu_dereference_protected(rq->timeline,
> -				       !i915_request_signaled(rq));

Whether rcu_dereference_protected() was misused or not, my understanding 
is that rq->timeline shouldn't be dereferenced after the request has been 
signaled, because that means the request has been already executed and 
rq->timeline may have been already invalidated.  The complain from RCU 
lockdep here means just that, I believe: the request was found already 
signaled while it shouldn't, so the pointer should no longer be trusted.  
I think that's the issue you should focus on, and try to identify its 
root cause.

Thanks,
Janusz

> +	tl = rcu_dereference(rq->timeline);
>  
>  	/* See the comment in i915_request_active_seqno(). */
>  	return page_mask_bits(tl->hwsp_offset) + offset_in_page(rq->hwsp_seqno);
> diff --git a/drivers/gpu/drm/i915/i915_request.c b/drivers/gpu/drm/i915/i915_request.c
> index b9a2b2194c8f..25a9e574149e 100644
> --- a/drivers/gpu/drm/i915/i915_request.c
> +++ b/drivers/gpu/drm/i915/i915_request.c
> @@ -657,7 +657,7 @@ bool __i915_request_submit(struct i915_request *request)
>  	if (request->sched.semaphores &&
>  	    i915_sw_fence_signaled(&request->semaphore))
>  		engine->saturated |= request->sched.semaphores;
> -
> +	/*It seems that breadcrumbs are being emitted here.*/
>  	engine->emit_fini_breadcrumb(request,
>  				     request->ring->vaddr + request->postfix);
>  
>