Re: git: e5764cf07588 - main - linuxkpi: Don't destroy the mutex in `xa_destroy()`

Fri, 31 Jan 2025 12:03:02 -0800 

On Fri, Jan 31, 2025 at 04:03:27PM +0000, Jean-SébastienPédron wrote:
> The branch main has been updated by dumbbell:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=e5764cf0758855e2d5a9ebab6d6addc6eaccd56e
> 
> commit e5764cf0758855e2d5a9ebab6d6addc6eaccd56e
> Author:     Jean-Sébastien Pédron <dumbb...@freebsd.org>
> AuthorDate: 2025-01-21 22:54:51 +0000
> Commit:     Jean-Sébastien Pédron <dumbb...@freebsd.org>
> CommitDate: 2025-01-31 16:00:50 +0000
> 
>     linuxkpi: Don't destroy the mutex in `xa_destroy()`
>     
>     [Why]
>     The mutex initialized in `xa_init_flags()` is not destroyed here on
>     purpose. The reason is that on Linux, the xarray remains usable after a
>     call to `xa_destroy()`. For instance the i915 DRM driver relies on that
>     during the initialixation of its GuC. Basically, `xa_destroy()` "resets"
>     the structure to zero but doesn't really destroy it.
>     
>     Reviewed by:    manu
>     Sponsored by:   The FreeBSD Foundation
>     Differential Revision: https://reviews.freebsd.org/D48762
> ---
>  sys/compat/linuxkpi/common/src/linux_xarray.c | 12 +++++++++++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/sys/compat/linuxkpi/common/src/linux_xarray.c 
> b/sys/compat/linuxkpi/common/src/linux_xarray.c
> index 54c536042392..3f07f6d7c59f 100644
> --- a/sys/compat/linuxkpi/common/src/linux_xarray.c
> +++ b/sys/compat/linuxkpi/common/src/linux_xarray.c
> @@ -362,9 +362,19 @@ xa_destroy(struct xarray *xa)
>       struct radix_tree_iter iter;
>       void **ppslot;
>  
> +     xa_lock(xa);
>       radix_tree_for_each_slot(ppslot, &xa->xa_head, &iter, 0)
>               radix_tree_iter_delete(&xa->xa_head, &iter, ppslot);
> -     mtx_destroy(&xa->xa_lock);
> +     xa_unlock(xa);
> +
> +     /*
> +      * The mutex initialized in `xa_init_flags()` is not destroyed here on
> +      * purpose. The reason is that on Linux, the xarray remains usable
> +      * after a call to `xa_destroy()`. For instance the i915 DRM driver
> +      * relies on that during the initialixation of its GuC. Basically,
> +      * `xa_destroy()` "resets" the structure to zero but doesn't really
> +      * destroy it.
> +      */
>  }
>  
>  /*
Was this tested with WITNESS and unloading a module that created xarray?
I suspect this situation should result in panic/page fault.

Reply via email to