[Dri-devel] Re: Recent broken locking in DRM code..
On Son, 2002-12-01 at 20:40, Linus Torvalds wrote:
> I'm following the DRM kernel changes, and over the last few days code
> appeared that I really don't think should be in the kernel, and that I
> really don't want to merge.
>
> The problem appears to be that the DRM people are used to using semaphores
> to protect kernel data structures. That is WRONG. It leads to all kinds of
> stupid problems, like realizing that you cannot use semaphores from
> interrupts, so when interrupts need to use the data structures the code
> tries to do all kinds of strange stuff, like using task-queues to do the
> work that should have been done in the interrupt.
Actually, I did that because I thought send_sig_info() or kfree() might
not be interrupt safe.
> The fact is, that for data structure integrity, you should just use a
> spinlock. And if the data structure needs to be accessed from interrupt
> context, just use the irq-safe versions of the spinlock. Please don't
> start using things like task-queues just because the locking was done
> wrong in the first place.
>
> Spinlocks are faster and simpler than semaphores, and optimize away on UP.
> They also end up being a lot more straightforward to use - they have no
> subtle issues. Yes, they require that you do all user-level accesses and
> any allocations that can sleep outside the spinlocked region, but that's a
> _goodness_, not a problem: it just forces the user to not make the
> critical region bigger than it need be.
Does that also apply to kmalloc()/kfree(), or are they safe?
> So _please_, whoever did this (Michel?):
>
> - remove "dev->vbl_sem", and replace it with a "dev->vbl_lock" spinlock
> - use "spin_lock_irqsave()/spun_unlock_irqrestore()" to protect the vbl
>list.
> - rename "vbl_immediate_bh()" as "vbl_send_signals()", and just call it
>directly from the interrupt handler rather than playing all the games
>with task-queues.
> - remove all the vbl_tq stuff.
How does the attached patch look?
> Quite frankly, I'd rather get rid of some of the old TQ stuff in DRM
> (called "work queues" in modern 2.5.x), and I definitely do not want to
> see _more_ of it. I suspect that the only reason the new code uses them is
> that it was was what the DRM code already did from before.
Yes, I had asked about this a while ago but not gotten much feedback so
I copied some similar code from the DRM. Thanks for your feedback, I
appreciate it.
--
Earthling Michel Dänzer (MrCooper)/ Debian GNU/Linux (powerpc) developer
XFree86 and DRI project member / CS student, Free Software enthusiast
Index: programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h
===
RCS file: /cvsroot/dri/xc/xc/programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h,v
retrieving revision 1.53
diff -p -u -r1.53 drmP.h
--- programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h 30 Nov 2002 14:24:06 - 1.53
+++ programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h 1 Dec 2002 21:25:57 -
@@ -591,8 +600,7 @@ typedef struct drm_device {
#if __HAVE_VBL_IRQ
wait_queue_head_t vbl_queue;
atomic_t vbl_received;
- struct tq_struct vbl_tq;
- struct semaphore vbl_sem;
+ spinlock_tvbl_lock;
drm_vbl_sig_t vbl_sigs;
#endif
cycles_t ctx_start;
@@ -834,7 +845,7 @@ extern void DRM(driver_irq_unin
extern int DRM(wait_vblank)(struct inode *inode, struct file *filp,
unsigned int cmd, unsigned long arg);
extern int DRM(vblank_wait)(drm_device_t *dev, unsigned int *vbl_seq);
-extern void DRM(vbl_immediate_bh)( void *arg );
+extern void DRM(vbl_send_signals)( drm_device_t *dev );
#endif
#if __HAVE_DMA_IRQ_BH
extern void DRM(dma_immediate_bh)( void *dev );
Index: programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h
===
RCS file: /cvsroot/dri/xc/xc/programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h,v
retrieving revision 1.8
diff -p -u -r1.8 drm_dma.h
--- programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h 30 Nov 2002 14:24:07 - 1.8
+++ programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h 1 Dec 2002 21:25:59 -
@@ -509,6 +509,9 @@ int DRM(dma_get_buffers)(drm_device_t *d
int DRM(irq_install)( drm_device_t *dev, int irq )
{
int ret;
+#if __HAVE_VBL_IRQ
+ unsigned long flags;
+#endif
if ( !irq )
return -EINVAL;
@@ -541,16 +544,11 @@ int DRM(irq_install)( drm_device_t *dev,
#if __HAVE_VBL_IRQ
init_waitqueue_head(&dev->vbl_queue);
- sema_init( &dev->vbl_sem, 0 );
+ spin_lock_irqsave( &dev->vbl_lock, flags );
INIT_LIST_HEAD( &dev->vbl_sigs.head );
- up( &dev->vbl_sem );
-
- INIT_LIST_HEAD( &dev->vbl_tq.list );
- dev->vbl_tq.sync = 0;
- dev->vbl_tq.routine = DRM(vbl_immediate_bh);
- dev->vbl_tq.data = dev;
+ spin_unlock_irqrestore( &dev->vbl_lock, f
[Dri-devel] Re: Recent broken locking in DRM code..
On 1 Dec 2002, Michel Dänzer wrote: > > Actually, I did that because I thought send_sig_info() or kfree() might > not be interrupt safe. Signals are commonly sent from interrupts: kill_fasync() is quite commonly supported by many device drivers, and the resulting SIGIO is almost universally sent from an interrupt handler. Memory freeing is also fine - it's only _allocation_ that is frowned upon (you can do it, using GFP_ATOMIC, but it's usually a really bad idea. Most useful for things like network drivers where the loss of a packet due to out-of-memory conditions is acceptable). > Does that also apply to kmalloc()/kfree(), or are they safe? kfree() (or free_pages() or others of that type) is always safe. kmalloc(x, GFP_ATOMIC) works, but has problems (ie being over-eager about using it can easily result in a system that just dies from being out of memory and not being able to do the required memory balancing and swap-out to replenish it). The attached patch looked mostly ok, except this part: - sema_init( &dev->vbl_sem, 0 ); + spin_lock_irqsave( &dev->vbl_lock, flags ); .. should almost certainly have been a spin_lock_init(&dev->vbl_lock); instead of locking and unlocking an uninitialized variable (from what I could tell from just reading the diff). Btw, from a testing standpoint it's then also worthwhile compiling with CONFIG_DEBUG_SPINLOCK, which will verify that spinlocks are initialized etc. Linus --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ Dri-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/dri-devel
[Dri-devel] Re: Recent broken locking in DRM code..
On Mon, 2002-12-02 at 03:00, Linus Torvalds wrote:
> On 1 Dec 2002, Michel Dänzer wrote:
>
> > Does that also apply to kmalloc()/kfree(), or are they safe?
>
> kfree() (or free_pages() or others of that type) is always safe.
> kmalloc(x, GFP_ATOMIC) works, but has problems (ie being over-eager about
> using it can easily result in a system that just dies from being out of
> memory and not being able to do the required memory balancing and
> swap-out to replenish it).
Luckily, we only need kfree() in the interrupt here, kmalloc() is done
in the ioctl. Thanks to you and Ben for explaining this.
> The attached patch looked mostly ok, except this part:
>
> - sema_init( &dev->vbl_sem, 0 );
> + spin_lock_irqsave( &dev->vbl_lock, flags );
> ..
>
> should almost certainly have been a
>
> spin_lock_init(&dev->vbl_lock);
>
> instead of locking and unlocking an uninitialized variable (from what I
> could tell from just reading the diff).
Fixed, thanks. I'll commit the attached updated patch soon unless
someone sees another mistake. It works for me. Now I hope someone will
fill in the missing pieces and/or do the cleanup necessary for BSD.
> Btw, from a testing standpoint it's then also worthwhile compiling with
> CONFIG_DEBUG_SPINLOCK, which will verify that spinlocks are initialized
> etc.
I hope to get around to that some time.
--
Earthling Michel Dänzer (MrCooper)/ Debian GNU/Linux (powerpc) developer
XFree86 and DRI project member / CS student, Free Software enthusiast
Index: programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h
===
RCS file: /cvsroot/dri/xc/xc/programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h,v
retrieving revision 1.53
diff -p -u -r1.53 drmP.h
--- programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h 30 Nov 2002 14:24:06 - 1.53
+++ programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drmP.h 2 Dec 2002 11:43:05 -
@@ -591,8 +600,7 @@ typedef struct drm_device {
#if __HAVE_VBL_IRQ
wait_queue_head_t vbl_queue;
atomic_t vbl_received;
- struct tq_struct vbl_tq;
- struct semaphore vbl_sem;
+ spinlock_tvbl_lock;
drm_vbl_sig_t vbl_sigs;
#endif
cycles_t ctx_start;
@@ -834,7 +845,7 @@ extern void DRM(driver_irq_unin
extern int DRM(wait_vblank)(struct inode *inode, struct file *filp,
unsigned int cmd, unsigned long arg);
extern int DRM(vblank_wait)(drm_device_t *dev, unsigned int *vbl_seq);
-extern void DRM(vbl_immediate_bh)( void *arg );
+extern void DRM(vbl_send_signals)( drm_device_t *dev );
#endif
#if __HAVE_DMA_IRQ_BH
extern void DRM(dma_immediate_bh)( void *dev );
Index: programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h
===
RCS file: /cvsroot/dri/xc/xc/programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h,v
retrieving revision 1.8
diff -p -u -r1.8 drm_dma.h
--- programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h 30 Nov 2002 14:24:07 - 1.8
+++ programs/Xserver/hw/xfree86/os-support/linux/drm/kernel/drm_dma.h 2 Dec 2002 11:43:11 -
@@ -509,6 +509,9 @@ int DRM(dma_get_buffers)(drm_device_t *d
int DRM(irq_install)( drm_device_t *dev, int irq )
{
int ret;
+#if __HAVE_VBL_IRQ
+ unsigned long flags;
+#endif
if ( !irq )
return -EINVAL;
@@ -541,16 +544,9 @@ int DRM(irq_install)( drm_device_t *dev,
#if __HAVE_VBL_IRQ
init_waitqueue_head(&dev->vbl_queue);
- sema_init( &dev->vbl_sem, 0 );
+ spin_lock_init( &dev->vbl_lock );
INIT_LIST_HEAD( &dev->vbl_sigs.head );
-
- up( &dev->vbl_sem );
-
- INIT_LIST_HEAD( &dev->vbl_tq.list );
- dev->vbl_tq.sync = 0;
- dev->vbl_tq.routine = DRM(vbl_immediate_bh);
- dev->vbl_tq.data = dev;
#endif
/* Before installing handler */
@@ -642,6 +638,7 @@ int DRM(wait_vblank)( DRM_IOCTL_ARGS )
flags = vblwait.request.type & _DRM_VBLANK_FLAGS_MASK;
if ( flags & _DRM_VBLANK_SIGNAL ) {
+ unsigned long flags;
drm_vbl_sig_t *vbl_sig = DRM_MALLOC( sizeof( drm_vbl_sig_t ) );
if ( !vbl_sig )
@@ -656,11 +653,11 @@ int DRM(wait_vblank)( DRM_IOCTL_ARGS )
vblwait.reply.sequence = atomic_read( &dev->vbl_received );
/* Hook signal entry into list */
- down( &dev->vbl_sem );
+ spin_lock_irqsave( &dev->vbl_lock, flags );
list_add_tail( (struct list_head *) vbl_sig, &dev->vbl_sigs.head );
- up( &dev->vbl_sem );
+ spin_unlock_irqrestore( &dev->vbl_lock, flags );
} else {
ret = DRM(vblank_wait)( dev, &vblwait.request.sequence );
@@ -675,14 +672,14 @@ int DRM(wait_vblank)( DRM_IOCTL_ARGS )
return ret;
}
-void DRM(vbl_immediate_bh)( void *arg )
+void DRM(vbl_send_signals)( drm_device_t *dev )
{
- drm_device_t *dev = (drm_device_t *) arg;
struct list_head *entry, *tmp;
drm_vbl_sig_t *vbl_sig;
unsigned int vbl_seq = atomic_read( &dev-
