[PATCH] dma-buf: fix dma_fence_array_signaled

Boris Brezillon boris.brezillon at collabora.com
Fri Nov 8 14:54:44 UTC 2024 

On Fri,  8 Nov 2024 10:42:56 +0100
"Christian König" <ckoenig.leichtzumerken at gmail.com> wrote:

> The function silently assumed that signaling was already enabled for the
> dma_fence_array. This meant that without enabling signaling first we would
> never see forward progress.
> 
> Fix that by falling back to testing each individual fence when signaling
> isn't enabled yet.
> 
> Signed-off-by: Christian König <christian.koenig at amd.com>
> ---
>  drivers/dma-buf/dma-fence-array.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/dma-buf/dma-fence-array.c b/drivers/dma-buf/dma-fence-array.c
> index 46ac42bcfac0..01203796827a 100644
> --- a/drivers/dma-buf/dma-fence-array.c
> +++ b/drivers/dma-buf/dma-fence-array.c
> @@ -103,10 +103,22 @@ static bool dma_fence_array_enable_signaling(struct dma_fence *fence)
>  static bool dma_fence_array_signaled(struct dma_fence *fence)
>  {
>  	struct dma_fence_array *array = to_dma_fence_array(fence);
> +	unsigned int i, num_pending;
>  
> -	if (atomic_read(&array->num_pending) > 0)
> +	num_pending = atomic_read(&array->num_pending);
> +	if (test_bit(DMA_FENCE_FLAG_ENABLE_SIGNAL_BIT, &array->base.flags)) {
> +		if (!num_pending)
> +			goto signal;
>  		return false;
> +	}
> +
> +	for (i = 0; i < array->num_fences; ++i) {
> +		if (dma_fence_is_signaled(array->fences[i]) && !--num_pending)
> +			goto signal;
> +	}
> +	return false;
>  
> +signal:
>  	dma_fence_array_clear_pending_error(array);
>  	return true;
>  }

It would be good to have comments explaining what happens here. I think
I figured it out, but it's far from obvious:

- we need to read array->num_pending before checking the enable_signal
  bit to avoid racing with the enable_signaling() implementation,
  which might decrement the counter, and cause a partial check.
- the !--num_pending is here to account for the any_signaled case
- if we race with enable_signaling(), that means the !num_pending
  check in the is_signalling_enabled branch might be outdated
  (num_pending might have been decremented), but that's fine. The user
  will get the right value when testing again later

With this explained in comments, the patch is

`Reviewed-by: Boris Brezillon <boris.brezillon at collabora.com>`

More information about the dri-devel mailing list