On 12/09/2019 13:56, Chris Wilson wrote:
The userptr put_pages can be called from inside try_to_unmap, and so enters with the page lock held on one of the object's backing pages. We cannot take the page lock ourselves for fear of recursion.
Reported-by: Lionel Landwerlin lionel.g.landwerlin@intel.com Reported-by: Martin Wilck Martin.Wilck@suse.com Reported-by: Leo Kraav leho@kraav.com Fixes: aa56a292ce62 ("drm/i915/userptr: Acquire the page lock around set_page_dirty()") References: https://bugzilla.kernel.org/show_bug.cgi?id=203317 Signed-off-by: Chris Wilson chris@chris-wilson.co.uk Cc: Tvrtko Ursulin tvrtko.ursulin@intel.com Cc: Jani Nikula jani.nikula@intel.com Cc: Joonas Lahtinen joonas.lahtinen@linux.intel.com Cc: stable@vger.kernel.org
drivers/gpu/drm/i915/gem/i915_gem_userptr.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_userptr.c b/drivers/gpu/drm/i915/gem/i915_gem_userptr.c index 74da35611d7c..11b231c187c5 100644 --- a/drivers/gpu/drm/i915/gem/i915_gem_userptr.c +++ b/drivers/gpu/drm/i915/gem/i915_gem_userptr.c @@ -672,15 +672,7 @@ i915_gem_userptr_put_pages(struct drm_i915_gem_object *obj, for_each_sgt_page(page, sgt_iter, pages) { if (obj->mm.dirty)
/** As this may not be anonymous memory (e.g. shmem)* but exist on a real mapping, we have to lock* the page in order to dirty it -- holding* the page reference is not sufficient to* prevent the inode from being truncated.* Play safe and take the lock.*/set_page_dirty_lock(page);
set_page_dirty(page);mark_page_accessed(page); put_page(page);
Acked-by: Tvrtko Ursulin tvrtko.ursulin@intel.com
Regards,
Tvrtko