[PATCH v2 0/7] xfree86: Handle drm race condition

Maarten Lankhorst maarten.lankhorst at canonical.com
Tue Mar 19 03:50:47 PDT 2013


Hey,

Op 19-03-13 11:27, Chris Wilson schreef:
> On Tue, Mar 19, 2013 at 11:02:14AM +0100, Maarten Lankhorst wrote:
>> Hey,
>>
>> Op 19-03-13 10:21, Chris Wilson schreef:
>>> On Mon, Mar 18, 2013 at 01:51:44PM -0700, Bryce Harrington wrote:
>>>> Update:  Squashes a couple commits to avoid potential hang if
>>>> git bisecting.  No other changes from v1.
>>> I'd probably drop the last EAGAIN patch as that is part of the libdrm
>>> API, but other than that it looks to be a reasonably self-contained w/a
>>> for this perplexing problem.
>>>
>>> Reviewed-by: Chris Wilson <chris at chris-wilson.co.uk>
>>> -Chris
>>>
>> And completely wrong, version I pushed to ubuntu's xorg-server for comparison:
>>
>> Nacked-by: Maarten Lankhorst <maarten.lankhorst at canonical.com>
> So you pushed the busy-spin into drmSetMaster(), which is just a tighter
> variant of the above.
>
> Anything which adds the minimal delay, warns about that delay, and
> works around the issue is fine by me.
> -Chris

Here's what I think is happening, based on the information I have.

Because of the delayed fput in recent kernels, it is possible for plymouth to exit and not drop master right away.
It's put onto a workqueue to be freed slightly later. Xorg-server starts in the meantime, opens a fd, but because the fd
hasn't been closed by plymouth yet, it didn't get implicitly authenticated and it didn't get drm master either.

The drmSetMaster call is needed, but the spinning is really just waiting for the workqueue to run.

bryce's patch never worked, it just caused it to try drmsetinterfaceversion for a few seconds before timing out. That call
was failing because his patch series never tried to obtain drm master.

The get_drm_info call also makes it more likely to run into the same problem as well. It opens the fd and immediately
closes it again. This will re-trigger the race..

For testing I did a small patch in the drm core that drops drm master when opening device.
The patch is attached inline below.

radeon and intel driver both fail to load with it. Intel doesn't return an error, and falls back silently to modesetting.
radeon however complains similar to this:

[    42.876] (==) RADEON(G0): Depth 24, (--) framebuffer bpp 32
[    42.876] (II) RADEON(G0): Pixel depth = 24 bits stored in 4 bytes (32 bpp pixmaps)
[    42.876] (==) RADEON(G0): Default visual is TrueColor
[    42.876] (==) RADEON(G0): RGB weight 888
[    42.876] (II) RADEON(G0): Using 8 bits per RGB (8 bit DAC)
[    42.876] (--) RADEON(G0): Chipset: "TURKS" (ChipID = 0x6741)
[    42.961] (EE) RADEON(G0): [drm] failed to set drm interface version.
[    42.961] (EE) RADEON(G0): Kernel modesetting setup failed

I've seen this error before in one of the races, so it's not just a theoretical issue. Just another possible failure mode.

I think all drivers have to be fixed to handle this case correctly, and they should probably all do the same spinning as well.

diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c
index f369429..1d3099f 100644
--- a/drivers/gpu/drm/drm_fops.c
+++ b/drivers/gpu/drm/drm_fops.c
@@ -339,6 +339,7 @@ static int drm_open_helper(struct inode *inode, struct file *filp,
 			}
 		}
 		mutex_unlock(&dev->struct_mutex);
+		drm_dropmaster_ioctl(dev, NULL, priv);
 	} else {
 		/* get a reference to the master */
 		priv->master = drm_master_get(priv->minor->master);



More information about the xorg-devel mailing list