On Tue, Oct 13, 2015 at 12:23:38PM +0300, Ville Syrjälä wrote: > On Sat, Oct 10, 2015 at 10:44:32AM +0100, Chris Wilson wrote: > > We should serialise access to the intel_crtc->unpin_work through the > > dev->event_lock spinlock. It should not be possible for it to disappear > > without severe error as the mmio_flip worker has not tagged the > > unpin_work pending flip-completion. Similarly if the error exists, just > > taking the unpin_work whilst holding the spinlock and then using it > > unserialised just masks the race. (It is supposed to be valid as the > > unpin_work exists until the flip completion interrupt which should not > > fire until we flush the mmio writes to update the display base which is > > the last time we access the unpin_work from the kthread.) > > > > References: https://bugs.freedesktop.org/show_bug.cgi?id=92335 > > Signed-off-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx> > > So not sure what's going on yet? After a couple of nights sleeping on it, not a clue. Either I've missed something that allows unpin_work to silenty disappear before we mark work->pending as pending (let alone complete) or the oops is from another racy pointer dereference. I'm going to guess the latter and see if there are any candidates (here, I can believe that in the middle of programming the flip we get an interrupt that causes the unpin work to disappear). -Chris -- Chris Wilson, Intel Open Source Technology Centre _______________________________________________ Intel-gfx mailing list Intel-gfx@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/intel-gfx
