Gem GTT mmaps.. - Thomas Hellström

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Thomas Hellström" <thomas@shipmail.org>
To: Jesse Barnes <jbarnes@virtuousgeek.org>
Cc: DRI <dri-devel@lists.sourceforge.net>,
	Linux Kernel <linux-kernel@vger.kernel.org>
Subject: Gem GTT mmaps..
Date: Wed, 04 Feb 2009 23:32:00 +0100	[thread overview]
Message-ID: <498A1760.7010108@shipmail.org> (raw)

Jesse,

I have some concerns about the GEM GTT mmap functionality.

First, a gem object pointer is copied to map->offset and then to the 
vma->vm_private_data without proper reference counting. This pointer is 
used in i915_gem_fault() to access the gem object. However if the gem 
object is destroyed and a process then tries to access data in a vma 
mapping the (now destroyed) object, it would dereference a stale pointer 
into kernel space? Shouldn't those pointers be reference counted, and to 
account for fork(), a vm open and close would be needed to  reference 
count corresponding pointers of newly created and destroyed vmas?

Second, the i915_gem_fault method  returns VM_FAULT_SIGBUS if 
vm_insert_pfn() fails with an -EBUSY. I think that's an error, since 
that would indicate that the pte was already populated by a racing thread.

/Thomas

next             reply	other threads:[~2009-02-04 22:32 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-02-04 22:32 Thomas Hellström [this message]
2009-02-04 23:02 ` Gem GTT mmaps Jesse Barnes
2009-02-04 23:42   ` Eric Anholt
2009-02-05 18:37     ` Jesse Barnes
2009-02-06 17:14       ` Jesse Barnes
2009-02-06 21:35         ` Thomas Hellström
2009-02-06 22:24           ` Jesse Barnes
2009-02-06 22:39             ` Thomas Hellström
2009-02-06 23:22               ` Jesse Barnes
2009-02-07  0:52             ` Chris Wilson
2009-02-11 22:01               ` Jesse Barnes
2009-02-07  8:06             ` Xavier Bestel
2009-02-10 22:00             ` Eric Anholt
2009-02-10 22:58               ` Jesse Barnes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=498A1760.7010108@shipmail.org \
    --to=thomas@shipmail.org \
    --cc=dri-devel@lists.sourceforge.net \
    --cc=jbarnes@virtuousgeek.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox