[PATCH] dma-buf: fix debugfs versus rcu and fence dumping

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
@ 2018-12-06  1:41 jglisse
  2018-12-06  8:09 ` Koenig, Christian
  2018-12-16 19:23 ` kbuild test robot
  0 siblings, 2 replies; 6+ messages in thread
From: jglisse @ 2018-12-06  1:41 UTC (permalink / raw)
  To: linux-kernel
  Cc: Jérôme Glisse, Christian König, Daniel Vetter,
	Sumit Semwal, linux-media, dri-devel, linaro-mm-sig,
	Stéphane Marchesin, stable

From: Jérôme Glisse <jglisse@redhat.com>

The debugfs take reference on fence without dropping them. Also the
rcu section are not well balance. Fix all that ...

Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
Cc: Christian König <christian.koenig@amd.com>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Sumit Semwal <sumit.semwal@linaro.org>
Cc: linux-media@vger.kernel.org
Cc: dri-devel@lists.freedesktop.org
Cc: linaro-mm-sig@lists.linaro.org
Cc: Stéphane Marchesin <marcheu@chromium.org>
Cc: stable@vger.kernel.org
---
 drivers/dma-buf/dma-buf.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
index 13884474d158..f6f4de42ac49 100644
--- a/drivers/dma-buf/dma-buf.c
+++ b/drivers/dma-buf/dma-buf.c
@@ -1051,24 +1051,31 @@ static int dma_buf_debug_show(struct seq_file *s, void *unused)
 			fobj = rcu_dereference(robj->fence);
 			shared_count = fobj ? fobj->shared_count : 0;
 			fence = rcu_dereference(robj->fence_excl);
+			fence = dma_fence_get_rcu(fence);
 			if (!read_seqcount_retry(&robj->seq, seq))
 				break;
 			rcu_read_unlock();
 		}
-
-		if (fence)
+		if (fence) {
 			seq_printf(s, "\tExclusive fence: %s %s %ssignalled\n",
 				   fence->ops->get_driver_name(fence),
 				   fence->ops->get_timeline_name(fence),
 				   dma_fence_is_signaled(fence) ? "" : "un");
+			dma_fence_put(fence);
+		}
+
+		rcu_read_lock();
 		for (i = 0; i < shared_count; i++) {
 			fence = rcu_dereference(fobj->shared[i]);
 			if (!dma_fence_get_rcu(fence))
 				continue;
+			rcu_read_unlock();
 			seq_printf(s, "\tShared fence: %s %s %ssignalled\n",
 				   fence->ops->get_driver_name(fence),
 				   fence->ops->get_timeline_name(fence),
 				   dma_fence_is_signaled(fence) ? "" : "un");
+			dma_fence_put(fence);
+			rcu_read_lock();
 		}
 		rcu_read_unlock();
 
-- 
2.17.2


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
  2018-12-06  1:41 [PATCH] dma-buf: fix debugfs versus rcu and fence dumping jglisse
@ 2018-12-06  8:09 ` Koenig, Christian
  2018-12-06 15:21   ` Jerome Glisse
  2018-12-16 19:23 ` kbuild test robot
  1 sibling, 1 reply; 6+ messages in thread
From: Koenig, Christian @ 2018-12-06  8:09 UTC (permalink / raw)
  To: jglisse@redhat.com, linux-kernel@vger.kernel.org
  Cc: Daniel Vetter, Sumit Semwal, linux-media@vger.kernel.org,
	dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org,
	Stéphane Marchesin, stable@vger.kernel.org

Am 06.12.18 um 02:41 schrieb jglisse@redhat.com:
> From: Jérôme Glisse <jglisse@redhat.com>
>
> The debugfs take reference on fence without dropping them. Also the
> rcu section are not well balance. Fix all that ...
>
> Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
> Cc: Christian König <christian.koenig@amd.com>
> Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
> Cc: Sumit Semwal <sumit.semwal@linaro.org>
> Cc: linux-media@vger.kernel.org
> Cc: dri-devel@lists.freedesktop.org
> Cc: linaro-mm-sig@lists.linaro.org
> Cc: Stéphane Marchesin <marcheu@chromium.org>
> Cc: stable@vger.kernel.org

Well NAK, you are now taking the RCU lock twice and dropping the RCU and 
still accessing fobj has a huge potential for accessing freed up memory.

The only correct thing I can see here is to grab a reference to the 
fence before printing any info on it,
Christian.

> ---
>   drivers/dma-buf/dma-buf.c | 11 +++++++++--
>   1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
> index 13884474d158..f6f4de42ac49 100644
> --- a/drivers/dma-buf/dma-buf.c
> +++ b/drivers/dma-buf/dma-buf.c
> @@ -1051,24 +1051,31 @@ static int dma_buf_debug_show(struct seq_file *s, void *unused)
>   			fobj = rcu_dereference(robj->fence);
>   			shared_count = fobj ? fobj->shared_count : 0;
>   			fence = rcu_dereference(robj->fence_excl);
> +			fence = dma_fence_get_rcu(fence);
>   			if (!read_seqcount_retry(&robj->seq, seq))
>   				break;
>   			rcu_read_unlock();
>   		}
> -
> -		if (fence)
> +		if (fence) {
>   			seq_printf(s, "\tExclusive fence: %s %s %ssignalled\n",
>   				   fence->ops->get_driver_name(fence),
>   				   fence->ops->get_timeline_name(fence),
>   				   dma_fence_is_signaled(fence) ? "" : "un");
> +			dma_fence_put(fence);
> +		}
> +
> +		rcu_read_lock();
>   		for (i = 0; i < shared_count; i++) {
>   			fence = rcu_dereference(fobj->shared[i]);
>   			if (!dma_fence_get_rcu(fence))
>   				continue;
> +			rcu_read_unlock();
>   			seq_printf(s, "\tShared fence: %s %s %ssignalled\n",
>   				   fence->ops->get_driver_name(fence),
>   				   fence->ops->get_timeline_name(fence),
>   				   dma_fence_is_signaled(fence) ? "" : "un");
> +			dma_fence_put(fence);
> +			rcu_read_lock();
>   		}
>   		rcu_read_unlock();
>   


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
  2018-12-06  8:09 ` Koenig, Christian
@ 2018-12-06 15:21   ` Jerome Glisse
  2018-12-06 16:08     ` Koenig, Christian
  0 siblings, 1 reply; 6+ messages in thread
From: Jerome Glisse @ 2018-12-06 15:21 UTC (permalink / raw)
  To: Koenig, Christian
  Cc: linux-kernel@vger.kernel.org, Daniel Vetter, Sumit Semwal,
	linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
	linaro-mm-sig@lists.linaro.org, Stéphane Marchesin,
	stable@vger.kernel.org

On Thu, Dec 06, 2018 at 08:09:28AM +0000, Koenig, Christian wrote:
> Am 06.12.18 um 02:41 schrieb jglisse@redhat.com:
> > From: Jérôme Glisse <jglisse@redhat.com>
> >
> > The debugfs take reference on fence without dropping them. Also the
> > rcu section are not well balance. Fix all that ...
> >
> > Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
> > Cc: Christian König <christian.koenig@amd.com>
> > Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
> > Cc: Sumit Semwal <sumit.semwal@linaro.org>
> > Cc: linux-media@vger.kernel.org
> > Cc: dri-devel@lists.freedesktop.org
> > Cc: linaro-mm-sig@lists.linaro.org
> > Cc: Stéphane Marchesin <marcheu@chromium.org>
> > Cc: stable@vger.kernel.org
> 
> Well NAK, you are now taking the RCU lock twice and dropping the RCU and 
> still accessing fobj has a huge potential for accessing freed up memory.
> 
> The only correct thing I can see here is to grab a reference to the 
> fence before printing any info on it,
> Christian.

Hu ? That is exactly what i am doing, take reference under rcu,
rcu_unlock print the fence info, drop the fence reference, rcu
lock rinse and repeat ...

Note that the fobj in _existing_ code is access outside the rcu
end that there is an rcu imbalance in that code ie a lonlely
rcu_unlock after the for loop.

So that the existing code is broken.

> 
> > ---
> >   drivers/dma-buf/dma-buf.c | 11 +++++++++--
> >   1 file changed, 9 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
> > index 13884474d158..f6f4de42ac49 100644
> > --- a/drivers/dma-buf/dma-buf.c
> > +++ b/drivers/dma-buf/dma-buf.c
> > @@ -1051,24 +1051,31 @@ static int dma_buf_debug_show(struct seq_file *s, void *unused)
> >   			fobj = rcu_dereference(robj->fence);
> >   			shared_count = fobj ? fobj->shared_count : 0;
> >   			fence = rcu_dereference(robj->fence_excl);
> > +			fence = dma_fence_get_rcu(fence);
> >   			if (!read_seqcount_retry(&robj->seq, seq))
> >   				break;
> >   			rcu_read_unlock();
> >   		}
> > -
> > -		if (fence)
> > +		if (fence) {
> >   			seq_printf(s, "\tExclusive fence: %s %s %ssignalled\n",
> >   				   fence->ops->get_driver_name(fence),
> >   				   fence->ops->get_timeline_name(fence),
> >   				   dma_fence_is_signaled(fence) ? "" : "un");
> > +			dma_fence_put(fence);
> > +		}
> > +
> > +		rcu_read_lock();
> >   		for (i = 0; i < shared_count; i++) {
> >   			fence = rcu_dereference(fobj->shared[i]);
> >   			if (!dma_fence_get_rcu(fence))
> >   				continue;
> > +			rcu_read_unlock();
> >   			seq_printf(s, "\tShared fence: %s %s %ssignalled\n",
> >   				   fence->ops->get_driver_name(fence),
> >   				   fence->ops->get_timeline_name(fence),
> >   				   dma_fence_is_signaled(fence) ? "" : "un");
> > +			dma_fence_put(fence);
> > +			rcu_read_lock();
> >   		}
> >   		rcu_read_unlock();
> >   
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
  2018-12-06 15:21   ` Jerome Glisse
@ 2018-12-06 16:08     ` Koenig, Christian
  2018-12-06 16:19       ` Jerome Glisse
  0 siblings, 1 reply; 6+ messages in thread
From: Koenig, Christian @ 2018-12-06 16:08 UTC (permalink / raw)
  To: Jerome Glisse
  Cc: linux-kernel@vger.kernel.org, Daniel Vetter, Sumit Semwal,
	linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
	linaro-mm-sig@lists.linaro.org, Stéphane Marchesin,
	stable@vger.kernel.org

Am 06.12.18 um 16:21 schrieb Jerome Glisse:
> On Thu, Dec 06, 2018 at 08:09:28AM +0000, Koenig, Christian wrote:
>> Am 06.12.18 um 02:41 schrieb jglisse@redhat.com:
>>> From: Jérôme Glisse <jglisse@redhat.com>
>>>
>>> The debugfs take reference on fence without dropping them. Also the
>>> rcu section are not well balance. Fix all that ...
>>>
>>> Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
>>> Cc: Christian König <christian.koenig@amd.com>
>>> Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
>>> Cc: Sumit Semwal <sumit.semwal@linaro.org>
>>> Cc: linux-media@vger.kernel.org
>>> Cc: dri-devel@lists.freedesktop.org
>>> Cc: linaro-mm-sig@lists.linaro.org
>>> Cc: Stéphane Marchesin <marcheu@chromium.org>
>>> Cc: stable@vger.kernel.org
>> Well NAK, you are now taking the RCU lock twice and dropping the RCU and
>> still accessing fobj has a huge potential for accessing freed up memory.
>>
>> The only correct thing I can see here is to grab a reference to the
>> fence before printing any info on it,
>> Christian.
> Hu ? That is exactly what i am doing, take reference under rcu,
> rcu_unlock print the fence info, drop the fence reference, rcu
> lock rinse and repeat ...
>
> Note that the fobj in _existing_ code is access outside the rcu
> end that there is an rcu imbalance in that code ie a lonlely
> rcu_unlock after the for loop.
>
> So that the existing code is broken.

No, the existing code is perfectly fine.

Please note the break in the loop before the rcu_unlock();
>    			if (!read_seqcount_retry(&robj->seq, seq))
>    				break; <- HERE!
>    			rcu_read_unlock();
>    		}

So your patch breaks that and take the RCU read lock twice.

Regards,
Christian.

>
>>> ---
>>>    drivers/dma-buf/dma-buf.c | 11 +++++++++--
>>>    1 file changed, 9 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
>>> index 13884474d158..f6f4de42ac49 100644
>>> --- a/drivers/dma-buf/dma-buf.c
>>> +++ b/drivers/dma-buf/dma-buf.c
>>> @@ -1051,24 +1051,31 @@ static int dma_buf_debug_show(struct seq_file *s, void *unused)
>>>    			fobj = rcu_dereference(robj->fence);
>>>    			shared_count = fobj ? fobj->shared_count : 0;
>>>    			fence = rcu_dereference(robj->fence_excl);
>>> +			fence = dma_fence_get_rcu(fence);
>>>    			if (!read_seqcount_retry(&robj->seq, seq))
>>>    				break;
>>>    			rcu_read_unlock();
>>>    		}
>>> -
>>> -		if (fence)
>>> +		if (fence) {
>>>    			seq_printf(s, "\tExclusive fence: %s %s %ssignalled\n",
>>>    				   fence->ops->get_driver_name(fence),
>>>    				   fence->ops->get_timeline_name(fence),
>>>    				   dma_fence_is_signaled(fence) ? "" : "un");
>>> +			dma_fence_put(fence);
>>> +		}
>>> +
>>> +		rcu_read_lock();
>>>    		for (i = 0; i < shared_count; i++) {
>>>    			fence = rcu_dereference(fobj->shared[i]);
>>>    			if (!dma_fence_get_rcu(fence))
>>>    				continue;
>>> +			rcu_read_unlock();
>>>    			seq_printf(s, "\tShared fence: %s %s %ssignalled\n",
>>>    				   fence->ops->get_driver_name(fence),
>>>    				   fence->ops->get_timeline_name(fence),
>>>    				   dma_fence_is_signaled(fence) ? "" : "un");
>>> +			dma_fence_put(fence);
>>> +			rcu_read_lock();
>>>    		}
>>>    		rcu_read_unlock();
>>>    


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
  2018-12-06 16:08     ` Koenig, Christian
@ 2018-12-06 16:19       ` Jerome Glisse
  0 siblings, 0 replies; 6+ messages in thread
From: Jerome Glisse @ 2018-12-06 16:19 UTC (permalink / raw)
  To: Koenig, Christian
  Cc: linux-kernel@vger.kernel.org, Daniel Vetter, Sumit Semwal,
	linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
	linaro-mm-sig@lists.linaro.org, Stéphane Marchesin,
	stable@vger.kernel.org

On Thu, Dec 06, 2018 at 04:08:12PM +0000, Koenig, Christian wrote:
> Am 06.12.18 um 16:21 schrieb Jerome Glisse:
> > On Thu, Dec 06, 2018 at 08:09:28AM +0000, Koenig, Christian wrote:
> >> Am 06.12.18 um 02:41 schrieb jglisse@redhat.com:
> >>> From: Jérôme Glisse <jglisse@redhat.com>
> >>>
> >>> The debugfs take reference on fence without dropping them. Also the
> >>> rcu section are not well balance. Fix all that ...
> >>>
> >>> Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
> >>> Cc: Christian König <christian.koenig@amd.com>
> >>> Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
> >>> Cc: Sumit Semwal <sumit.semwal@linaro.org>
> >>> Cc: linux-media@vger.kernel.org
> >>> Cc: dri-devel@lists.freedesktop.org
> >>> Cc: linaro-mm-sig@lists.linaro.org
> >>> Cc: Stéphane Marchesin <marcheu@chromium.org>
> >>> Cc: stable@vger.kernel.org
> >> Well NAK, you are now taking the RCU lock twice and dropping the RCU and
> >> still accessing fobj has a huge potential for accessing freed up memory.
> >>
> >> The only correct thing I can see here is to grab a reference to the
> >> fence before printing any info on it,
> >> Christian.
> > Hu ? That is exactly what i am doing, take reference under rcu,
> > rcu_unlock print the fence info, drop the fence reference, rcu
> > lock rinse and repeat ...
> >
> > Note that the fobj in _existing_ code is access outside the rcu
> > end that there is an rcu imbalance in that code ie a lonlely
> > rcu_unlock after the for loop.
> >
> > So that the existing code is broken.
> 
> No, the existing code is perfectly fine.
> 
> Please note the break in the loop before the rcu_unlock();
> >    			if (!read_seqcount_retry(&robj->seq, seq))
> >    				break; <- HERE!
> >    			rcu_read_unlock();
> >    		}
> 
> So your patch breaks that and take the RCU read lock twice.

Ok missed that, i wonder if the refcount in balance explains
the crash that was reported to me ... i sent a patch just for
that.

Thank you for reviewing and pointing out the code i was
oblivious too :)

Cheers,
Jérôme

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] dma-buf: fix debugfs versus rcu and fence dumping
  2018-12-06  1:41 [PATCH] dma-buf: fix debugfs versus rcu and fence dumping jglisse
  2018-12-06  8:09 ` Koenig, Christian
@ 2018-12-16 19:23 ` kbuild test robot
  1 sibling, 0 replies; 6+ messages in thread
From: kbuild test robot @ 2018-12-16 19:23 UTC (permalink / raw)
  To: jglisse
  Cc: kbuild-all, linux-kernel, Jérôme Glisse,
	Christian König, Daniel Vetter, Sumit Semwal, linux-media,
	dri-devel, linaro-mm-sig, Stéphane Marchesin, stable

[-- Attachment #1: Type: text/plain, Size: 10204 bytes --]

Hi Jérôme,

I love your patch! Perhaps something to improve:

[auto build test WARNING on linus/master]
[also build test WARNING on v4.20-rc6 next-20181214]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/jglisse-redhat-com/dma-buf-fix-debugfs-versus-rcu-and-fence-dumping/20181206-205935
config: x86_64-allmodconfig (attached as .config)
compiler: gcc-7 (Debian 7.3.0-1) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

All warnings (new ones prefixed by >>):

   include/linux/slab.h:332:43: warning: dubious: x & !y
   include/linux/slab.h:332:43: warning: dubious: x & !y
>> drivers/dma-buf/dma-buf.c:1031:9: warning: context imbalance in 'dma_buf_debug_show' - different lock contexts for basic block

vim +/dma_buf_debug_show +1031 drivers/dma-buf/dma-buf.c

b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1008  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1009  #ifdef CONFIG_DEBUG_FS
eb0b947e drivers/dma-buf/dma-buf.c Mathias Krause 2016-06-19  1010  static int dma_buf_debug_show(struct seq_file *s, void *unused)
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1011  {
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1012  	int ret;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1013  	struct dma_buf *buf_obj;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1014  	struct dma_buf_attachment *attach_obj;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1015  	struct reservation_object *robj;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1016  	struct reservation_object_list *fobj;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1017  	struct dma_fence *fence;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1018  	unsigned seq;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1019  	int count = 0, attach_count, shared_count, i;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1020  	size_t size = 0;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1021  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1022  	ret = mutex_lock_interruptible(&db_list.lock);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1023  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1024  	if (ret)
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1025  		return ret;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1026  
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1027  	seq_puts(s, "\nDma-buf Objects:\n");
da6c8f5e drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1028  	seq_printf(s, "%-8s\t%-8s\t%-8s\t%-8s\texp_name\n",
da6c8f5e drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1029  		   "size", "flags", "mode", "count");
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1030  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04 @1031  	list_for_each_entry(buf_obj, &db_list.head, list_node) {
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1032  		ret = mutex_lock_interruptible(&buf_obj->lock);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1033  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1034  		if (ret) {
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1035  			seq_puts(s,
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1036  				 "\tERROR locking buffer object: skipping\n");
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1037  			continue;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1038  		}
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1039  
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1040  		seq_printf(s, "%08zu\t%08x\t%08x\t%08ld\t%s\n",
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1041  				buf_obj->size,
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1042  				buf_obj->file->f_flags, buf_obj->file->f_mode,
a1f6dbac drivers/dma-buf/dma-buf.c Al Viro        2014-08-20  1043  				file_count(buf_obj->file),
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1044  				buf_obj->exp_name);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1045  
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1046  		robj = buf_obj->resv;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1047  		while (true) {
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1048  			seq = read_seqcount_begin(&robj->seq);
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1049  			rcu_read_lock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1050  			fobj = rcu_dereference(robj->fence);
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1051  			shared_count = fobj ? fobj->shared_count : 0;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1052  			fence = rcu_dereference(robj->fence_excl);
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1053  			fence = dma_fence_get_rcu(fence);
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1054  			if (!read_seqcount_retry(&robj->seq, seq))
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1055  				break;
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1056  			rcu_read_unlock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1057  		}
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1058  		if (fence) {
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1059  			seq_printf(s, "\tExclusive fence: %s %s %ssignalled\n",
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1060  				   fence->ops->get_driver_name(fence),
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1061  				   fence->ops->get_timeline_name(fence),
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1062  				   dma_fence_is_signaled(fence) ? "" : "un");
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1063  			dma_fence_put(fence);
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1064  		}
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1065  
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1066  		rcu_read_lock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1067  		for (i = 0; i < shared_count; i++) {
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1068  			fence = rcu_dereference(fobj->shared[i]);
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1069  			if (!dma_fence_get_rcu(fence))
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1070  				continue;
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1071  			rcu_read_unlock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1072  			seq_printf(s, "\tShared fence: %s %s %ssignalled\n",
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1073  				   fence->ops->get_driver_name(fence),
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1074  				   fence->ops->get_timeline_name(fence),
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1075  				   dma_fence_is_signaled(fence) ? "" : "un");
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1076  			dma_fence_put(fence);
87e66c10 drivers/dma-buf/dma-buf.c Jérôme Glisse  2018-12-05  1077  			rcu_read_lock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1078  		}
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1079  		rcu_read_unlock();
5eb2c72c drivers/dma-buf/dma-buf.c Russell King   2017-03-31  1080  
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1081  		seq_puts(s, "\tAttached Devices:\n");
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1082  		attach_count = 0;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1083  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1084  		list_for_each_entry(attach_obj, &buf_obj->attachments, node) {
9eddb41d drivers/dma-buf/dma-buf.c Markus Elfring 2017-05-08  1085  			seq_printf(s, "\t%s\n", dev_name(attach_obj->dev));
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1086  			attach_count++;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1087  		}
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1088  
c0b00a52 drivers/base/dma-buf.c    Sumit Semwal   2014-02-03  1089  		seq_printf(s, "Total %d devices attached\n\n",
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1090  				attach_count);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1091  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1092  		count++;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1093  		size += buf_obj->size;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1094  		mutex_unlock(&buf_obj->lock);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1095  	}
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1096  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1097  	seq_printf(s, "\nTotal %d objects, %zu bytes\n", count, size);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1098  
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1099  	mutex_unlock(&db_list.lock);
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1100  	return 0;
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1101  }
b89e3563 drivers/base/dma-buf.c    Sumit Semwal   2013-04-04  1102  

:::::: The code at line 1031 was first introduced by commit
:::::: b89e35636bc75b72d15a1af6d49798802aff77d5 dma-buf: Add debugfs support

:::::: TO: Sumit Semwal <sumit.semwal@linaro.org>
:::::: CC: Sumit Semwal <sumit.semwal@linaro.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 66644 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2018-12-16 19:24 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-12-06  1:41 [PATCH] dma-buf: fix debugfs versus rcu and fence dumping jglisse
2018-12-06  8:09 ` Koenig, Christian
2018-12-06 15:21   ` Jerome Glisse
2018-12-06 16:08     ` Koenig, Christian
2018-12-06 16:19       ` Jerome Glisse
2018-12-16 19:23 ` kbuild test robot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox