On 04/07/2017 11:06, Chris Wilson wrote:
Quoting Tvrtko Ursulin (2017-07-04 10:59:29)
On 22/06/2017 17:02, Chris Wilson wrote:
Commit fabef825626d ("drm/i915: Drop struct_mutex around frontbuffer
flushes") adds a dependency to ifbdev->vma when flushing the framebufer,
but the checks are only against the existence of the ifbdev->fb and not
against ifbdev->vma. This leaves a window of opportunity where we may
try to operate on the fbdev prior to it being probed (thanks to
asynchronous booting).
How about changing the intelfb_alloc to not write the fb to ifbdev but
instead return it to the caller, so intelfb_create could then set the
ifbdev->fb and ifbdev->vma atomically under the mutex?
Midlayer mishap.
After an IRC chat I see that the issue is intel_fbdev_init_bios also
sets the fb and not vma, which I missed earlier.
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@xxxxxxxxx>
Regards,
Tvrtko
_______________________________________________
Intel-gfx mailing list
Intel-gfx@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
