Commit 2aa6f5b0 authored Feb 21, 2024 by Erik Kurzinger Committed by Simon Ser Feb 22, 2024

drm/syncobj: handle NULL fence in syncobj_eventfd_entry_func



During syncobj_eventfd_entry_func, dma_fence_chain_find_seqno may set
the fence to NULL if the given seqno is signaled and a later seqno has
already been submitted. In that case, the eventfd should be signaled
immediately which currently does not happen.

This is a similar issue to the one addressed by commit b19926d4
("drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.").

As a fix, if the return value of dma_fence_chain_find_seqno indicates
success but it sets the fence to NULL, we will assign a stub fence to
ensure the following code still signals the eventfd.

v1 -> v2: assign a stub fence instead of signaling the eventfd

Signed-off-by: Erik Kurzinger <ekurzinger@nvidia.com>
Fixes: c7a47229 ("drm/syncobj: add IOCTL to register an eventfd")
Signed-off-by: Simon Ser <contact@emersion.fr>
Link: https://patchwork.freedesktop.org/patch/msgid/20240221184527.37667-1-ekurzinger@nvidia.com

parent 3c43177f

drivers/gpu/drm/drm_syncobj.c

+12 −1

Original line number	Diff line number	Diff line
		@@ -1418,10 +1418,21 @@ syncobj_eventfd_entry_func(struct drm_syncobj *syncobj,

		/* This happens inside the syncobj lock */
		fence = dma_fence_get(rcu_dereference_protected(syncobj->fence, 1));
		if (!fence)
		return;

		ret = dma_fence_chain_find_seqno(&fence, entry->point);
		if (ret != 0 \|\| !fence) {
		if (ret != 0) {
		/* The given seqno has not been submitted yet. */
		dma_fence_put(fence);
		return;
		} else if (!fence) {
		/* If dma_fence_chain_find_seqno returns 0 but sets the fence
		* to NULL, it implies that the given seqno is signaled and a
		* later seqno has already been submitted. Assign a stub fence
		* so that the eventfd still gets signaled below.
		*/
		fence = dma_fence_get_stub();
		}

		list_del_init(&entry->node);