drm/i915/gem: Mark up the racy read of the mmap_singleton
authorChris Wilson <chris@chris-wilson.co.uk>
Wed, 11 Mar 2020 09:26:24 +0000 (09:26 +0000)
committerChris Wilson <chris@chris-wilson.co.uk>
Wed, 11 Mar 2020 12:00:02 +0000 (12:00 +0000)
[11057.642683] BUG: KCSAN: data-race in i915_gem_mmap [i915] / singleton_release [i915]
[11057.642717]
[11057.642740] write (marked) to 0xffff8881f24471a0 of 8 bytes by task 44668 on cpu 2:
[11057.643162]  singleton_release+0x38/0x60 [i915]
[11057.643192]  __fput+0x160/0x3c0
[11057.643217]  ____fput+0x16/0x20
[11057.643241]  task_work_run+0xba/0x100
[11057.643263]  exit_to_usermode_loop+0xe4/0xf0
[11057.643286]  do_syscall_64+0x27e/0x2c0
[11057.643314]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[11057.643339]
[11057.643359] read to 0xffff8881f24471a0 of 8 bytes by task 44667 on cpu 3:
[11057.643774]  i915_gem_mmap+0x295/0x670 [i915]
[11057.643802]  mmap_region+0x62b/0xac0
[11057.643825]  do_mmap+0x414/0x6b0
[11057.643848]  vm_mmap_pgoff+0xa9/0xf0
[11057.643875]  ksys_mmap_pgoff+0x1ac/0x2f0
[11057.643900]  do_syscall_64+0x6e/0x2c0
[11057.643924]  entry_SYSCALL_64_after_hwframe+0x44/0xa9

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20200311092624.10012-3-chris@chris-wilson.co.uk
drivers/gpu/drm/i915/gem/i915_gem_mman.c

index e8cccc131c40f066c3aefc005299e5a1512d25dd..b39c24dae64e6a02645c6a6bb9364fc86d9348c2 100644 (file)
@@ -775,7 +775,7 @@ static struct file *mmap_singleton(struct drm_i915_private *i915)
        struct file *file;
 
        rcu_read_lock();
-       file = i915->gem.mmap_singleton;
+       file = READ_ONCE(i915->gem.mmap_singleton);
        if (file && !get_file_rcu(file))
                file = NULL;
        rcu_read_unlock();