Re: [Intel-gfx] 4.17-rc2: Could not determine valid watermarks for inherited state
On Thu, Apr 26, 2018 at 06:25:13PM +0300, Ville Syrjälä wrote:
> On Thu, Apr 26, 2018 at 06:16:41PM +0300, Ville Syrjälä wrote:
> > On Thu, Apr 26, 2018 at 05:56:14PM +0300, Ville Syrjälä wrote:
> > > On Thu, Apr 26, 2018 at 10:27:19AM -0400, Dave Jones wrote:
> > > > [1.176131] [drm:i9xx_get_initial_plane_config] pipe A/primary A
> > > > with fb: size=800x600@32, offset=0, pitch 3200, size 0x1d4c00
> > > > [1.176161] [drm:i915_gem_object_create_stolen_for_preallocated]
> > > > creating preallocated stolen object: stolen_offset=0x,
> > > > gtt_offset=0x, size=0x001d5000
> > > > [1.176312] [drm:intel_alloc_initial_plane_obj.isra.127] initial
> > > > plane fb obj (ptrval)
> > > > [1.176351] [drm:intel_modeset_init] pipe A active planes 0x1
> > > > [1.176456] [drm:drm_atomic_helper_check_plane_state] Plane must
> > > > cover entire CRTC
> > > > [1.176481] [drm:drm_rect_debug_print] dst: 800x600+0+0
> > > > [1.176494] [drm:drm_rect_debug_print] clip: 1366x768+0+0
> > >
> > > OK, so that's the problem right there. The fb we took over from the
> > > BIOS was 800x600, but now we're trying to set up a 1366x768 mode.
> > >
> > > We seem to be missing checks to make sure the initial fb is actually
> > > big enough for the mode we're currently using :(
> >
> Hmm. Or maybe we should just stick to the pipe src size.
>
> I'm curious whether this fixes the problem?
>
> diff --git a/drivers/gpu/drm/i915/intel_display.c
> b/drivers/gpu/drm/i915/intel_display.c
> index 0f8c7389e87d..30824beedef7 100644
> --- a/drivers/gpu/drm/i915/intel_display.c
> +++ b/drivers/gpu/drm/i915/intel_display.c
> @@ -15284,6 +15284,8 @@ static void intel_modeset_readout_hw_state(struct
> drm_device *dev)
> memset(>base.mode, 0, sizeof(crtc->base.mode));
> if (crtc_state->base.active) {
> intel_mode_from_pipe_config(>base.mode,
> crtc_state);
> +crtc->base.mode.hdisplay = crtc_state->pipe_src_w;
> +crtc->base.mode.vdisplay = crtc_state->pipe_src_h;
>
> intel_mode_from_pipe_config(_state->base.adjusted_mode, crtc_state);
> WARN_ON(drm_atomic_set_mode_for_crtc(crtc->base.state,
> >base.mode));
>
It does!
Feel free to throw a Tested-by: Dave Jones <da...@codemonkey.org.uk> in there.
Dave
___
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] 4.17-rc2: Could not determine valid watermarks for inherited state
On Thu, Apr 26, 2018 at 04:10:45PM +0300, Ville Syrjälä wrote: > On Mon, Apr 23, 2018 at 11:27:13AM -0400, Dave Jones wrote: > > This warning just started appearing during boot on a machine I upgraded > > to 4.17-rc2. The warning seems to have been there since 2015, but it > > has never triggered before today. > > Looks like we have bug open about this. I just asked for more > information there: > https://bugs.freedesktop.org/show_bug.cgi?id=105992#c5 > > If you can also boot with drm.debug=0xe maybe we can see some more > details about the supposedly bad watermarks. [1.153294] calling drm_kms_helper_init+0x0/0x15 @ 1 [1.153768] initcall drm_kms_helper_init+0x0/0x15 returned 0 after 0 usecs [1.154242] calling drm_core_init+0x0/0xea @ 1 [1.154760] initcall drm_core_init+0x0/0xea returned 0 after 53 usecs [1.156781] [drm:intel_pch_type] Found LynxPoint PCH [1.157254] [drm:intel_power_domains_init] Allowed DC state mask 00 [1.158717] [drm:i915_driver_load] ppgtt mode: 1 [1.159187] [drm:intel_uc_sanitize_options] enable_guc=0 (submission:no huc:no) [1.159665] [drm:i915_driver_load] guc_log_level=0 (enabled:no verbosity:-1) [1.160247] [drm:i915_ggtt_probe_hw] GGTT size = 2048M [1.160720] [drm:i915_ggtt_probe_hw] GMADR size = 256M [1.161189] [drm:i915_ggtt_probe_hw] DSM size = 64M [1.162126] fb: switching to inteldrmfb from EFI VGA [1.163161] fb: switching to inteldrmfb from VGA16 VGA [1.163511] [drm] Replacing VGA console driver [1.163819] [drm:i915_gem_init_stolen] Memory reserved for graphics device: 65536K, usable: 64512K [1.163868] [drm:intel_opregion_setup] graphic opregion physical addr: 0xd9a13018 [1.163908] [drm:intel_opregion_setup] Public ACPI methods supported [1.163924] [drm:intel_opregion_setup] SWSCI supported [1.168084] [drm:intel_opregion_setup] SWSCI GBDA callbacks 0cb3, SBCB callbacks 00300483 [1.168107] [drm:intel_opregion_setup] ASLE supported [1.168120] [drm:intel_opregion_setup] ASLE extension supported [1.168136] [drm:intel_opregion_setup] Found valid VBT in ACPI OpRegion (Mailbox #4) [1.168325] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013). [1.168341] [drm] Driver supports precise vblank timestamp query. [1.168357] [drm:intel_bios_init] Set default to SSC at 12 kHz [1.168373] [drm:intel_bios_init] VBT signature "$VBT HASWELL", BDB version 174 [1.168392] [drm:intel_bios_init] BDB_GENERAL_FEATURES int_tv_support 0 int_crt_support 1 lvds_use_ssc 0 lvds_ssc_freq 12 display_clock_mode 0 fdi_rx_polarity_inverted 0 [1.168425] [drm:intel_bios_init] crt_ddc_bus_pin: 5 [1.171131] [drm:intel_opregion_get_panel_type] Ignoring OpRegion panel type (0) [1.171151] [drm:intel_bios_init] Panel type: 2 (VBT) [1.171164] [drm:intel_bios_init] DRRS supported mode is static [1.171185] [drm:intel_bios_init] Found panel mode in BIOS VBT tables: [1.171203] [drm:drm_mode_debug_printmodeline] Modeline 0:"1024x768" 0 65000 1024 1048 1184 1344 768 771 777 806 0x8 0xa [1.171227] [drm:intel_bios_init] VBT initial LVDS value 300 [1.171242] [drm:intel_bios_init] VBT backlight PWM modulation frequency 200 Hz, active high, min brightness 0, level 255, controller 0 [1.171272] [drm:intel_bios_init] Found SDVO panel mode in BIOS VBT tables: [1.171289] [drm:drm_mode_debug_printmodeline] Modeline 0:"1600x1200" 0 162000 1600 1664 1856 2160 1200 1201 1204 1250 0x8 0xa [1.171314] [drm:intel_bios_init] DRRS State Enabled:1 [1.171327] [drm:intel_bios_init] No SDVO device info is found in VBT [1.171344] [drm:intel_bios_init] Port B VBT info: DP:0 HDMI:0 DVI:1 EDP:0 CRT:0 [1.171362] [drm:intel_bios_init] VBT HDMI level shift for port B: 6 [1.171377] [drm:intel_bios_init] Port D VBT info: DP:0 HDMI:1 DVI:1 EDP:0 CRT:0 [1.171395] [drm:intel_bios_init] VBT HDMI level shift for port D: 11 [1.171470] [drm:intel_dsm_detect] no _DSM method for intel device [1.171492] [drm:i915_driver_load] rawclk rate: 125000 kHz [1.171524] [drm:intel_power_well_enable] enabling always-on [1.171549] [drm:intel_power_well_enable] enabling display [1.172946] [drm:intel_fbc_init] Sanitized enable_fbc value: 0 [1.172964] [drm:intel_print_wm_latency] Primary WM0 latency 20 (2.0 usec) [1.172981] [drm:intel_print_wm_latency] Primary WM1 latency 4 (2.0 usec) [1.172997] [drm:intel_print_wm_latency] Primary WM2 latency 36 (18.0 usec) [1.173014] [drm:intel_print_wm_latency] Primary WM3 latency 90 (45.0 usec) [1.173030] [drm:intel_print_wm_latency] Primary WM4 latency 160 (80.0 usec) [1.173047] [drm:intel_print_wm_latency] Sprite WM0 latency 20 (2.0 usec) [1.173063] [drm:intel_print_wm_latency] Sprite WM1 latency 4 (2.0 usec) [1.173080] [drm:intel_print_wm_latency] Sprite WM2 latency 36 (18.0 usec) [
[Intel-gfx] 4.17-rc2: Could not determine valid watermarks for inherited state
This warning just started appearing during boot on a machine I upgraded to 4.17-rc2. The warning seems to have been there since 2015, but it has never triggered before today. Dave [1.158500] fb: switching to inteldrmfb from EFI VGA [1.159073] Console: switching to colour dummy device 80x25 [1.159523] checking generic (a 1) vs hw (e000 1000) [1.159539] fb: switching to inteldrmfb from VGA16 VGA [1.159752] [drm] Replacing VGA console driver [1.164454] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013). [1.164472] [drm] Driver supports precise vblank timestamp query. [1.167285] i915 :00:02.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [1.170212] [ cut here ] [1.170230] Could not determine valid watermarks for inherited state [1.170267] WARNING: CPU: 1 PID: 1 at drivers/gpu/drm/i915/intel_display.c:14584 sanitize_watermarks+0x17b/0x1c0 [1.170291] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.17.0-rc2+ #1 [1.170308] Hardware name: Shuttle Inc. SH87R/FH87, BIOS 2.03 06/19/2014 [1.170325] RIP: 0010:sanitize_watermarks+0x17b/0x1c0 [1.170338] RSP: :a944c0023bf0 EFLAGS: 00010246 [1.170352] RAX: RBX: 9193508c RCX: [1.170369] RDX: 0001 RSI: 990b7399 RDI: 990b7399 [1.170385] RBP: 9193508c R08: 0001 R09: 0001 [1.170401] R10: R11: R12: ffea [1.170418] R13: 9193508faa88 R14: 919350823528 R15: 9193508c0a08 [1.170434] FS: () GS:91935640() knlGS: [1.170453] CS: 0010 DS: ES: CR0: 80050033 [1.170466] CR2: CR3: 00011d224001 CR4: 000606e0 [1.170483] Call Trace: [1.170493] intel_modeset_init+0x769/0x18f0 [1.170506] i915_driver_load+0x9b9/0xf30 [1.170519] ? _raw_spin_unlock_irqrestore+0x3f/0x70 [1.170534] pci_device_probe+0xa3/0x120 [1.170546] driver_probe_device+0x28a/0x320 [1.170557] __driver_attach+0x9e/0xb0 [1.170568] ? driver_probe_device+0x320/0x320 [1.170581] bus_for_each_dev+0x68/0xc0 [1.170592] bus_add_driver+0x11d/0x210 [1.170604] ? mipi_dsi_bus_init+0x11/0x11 [1.170615] driver_register+0x5b/0xd0 [1.170627] do_one_initcall+0x10b/0x33f [1.170638] ? do_early_param+0x8b/0x8b [1.170651] ? rcu_read_lock_sched_held+0x66/0x70 [1.170663] ? do_early_param+0x8b/0x8b [1.170674] kernel_init_freeable+0x1c3/0x249 [1.170687] ? rest_init+0xc0/0xc0 [1.170697] kernel_init+0xa/0x100 [1.170707] ret_from_fork+0x24/0x30 [1.170717] Code: 00 00 00 65 48 33 04 25 28 00 00 00 75 4f 48 8d a4 24 88 00 00 00 5b 5d 41 5c 41 5d 41 5e c3 48 c7 c7 e0 5d 04 9a e8 25 33 b1 ff <0f> 0b eb a4 48 c7 c6 d5 73 04 9a 48 c7 c7 0f c6 fe 99 e8 0e 33 [1.170847] irq event stamp: 1449710 [1.170858] hardirqs last enabled at (1449709): [] console_unlock+0x51b/0x6b0 [1.170879] hardirqs last disabled at (1449710): [] error_entry+0x86/0x100 [1.170900] softirqs last enabled at (1449580): [] __do_softirq+0x3dd/0x521 [1.170922] softirqs last disabled at (1449563): [] irq_exit+0xb7/0xc0 00:02.0 VGA compatible controller: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller (rev 06) (That's 8086:0402 fwiw) ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] [regression] [git pull] drm for 4.3
On Tue, Sep 22, 2015 at 09:15:58AM -0700, Matt Roper wrote: > On Tue, Sep 22, 2015 at 05:13:55PM +0200, Daniel Vetter wrote: > > On Tue, Sep 22, 2015 at 08:00:17AM -0700, Jesse Barnes wrote: > > > Cc'ing Maarten and Matt; I'm guessing this may be related to one of > > > their recent patches. > > Sounds like this showed up before my recent work, but I think I might > have seen similar problems while working on atomic watermarks; the > issues I was seeing were because the initial hardware readout could > leave primary->visible set to true even when the CRTC was off. My > series (which is still under development) contains this patch to fix > that: > > http://patchwork.freedesktop.org/patch/59564/ > > Does applying that help with the problems reported here? No difference at all for me. Dave ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] [git pull] drm for 4.3
On Mon, Sep 07, 2015 at 02:45:59PM -0400, Dave Jones wrote: > On Fri, Sep 04, 2015 at 11:40:53PM +0100, Dave Airlie wrote: > > > > Hi Linus, > > > > This is the main pull request for the drm for 4.3. Nouveau is probably > the biggest > > amount of changes in here, since it missed 4.2. Highlights below, along > with the usual > > bunch of fixes. There are a few minor conflicts with your tree but > nothing > > you can't handle. All stuff outside drm should have applicable acks. > > > > Highlights: > > > > ... > > i915: > > Skylake support enabled by default > > legacy modesetting using atomic infrastructure > > Skylake fixes > > GEN9 workarounds > > Since this merge, I'm seeing this twice during boot.. And still there in -rc2. Several other people reported this too, and they also got no reponse. I'll start bisecting when I get home tonight. It shouldn't be too hard, as 4.2 was fine. Dave > [ cut here ] > WARNING: CPU: 0 PID: 6 at drivers/gpu/drm/i915/intel_display.c:1377 > assert_planes_disabled+0xdf/0x140() > plane A assertion failure, should be disabled but not > CPU: 0 PID: 6 Comm: kworker/u8:0 Not tainted 4.2.0-think+ #9 > Workqueue: events_unbound async_run_entry_fn > 0561 88050392b6f8 8d7dccce 88050392b740 > 88050392b730 8d079ee2 880500a6 > 8805008e99c8 88050392b790 > Call Trace: > [] dump_stack+0x4e/0x79 > [] warn_slowpath_common+0x82/0xc0 > [] warn_slowpath_fmt+0x4c/0x50 > [] assert_planes_disabled+0xdf/0x140 > [] intel_disable_pipe+0x4b/0x2c0 > [] haswell_crtc_disable+0x8a/0x2e0 > [] intel_atomic_commit+0xff/0x1320 > [] ? drm_atomic_check_only+0x21e/0x550 > [] drm_atomic_commit+0x37/0x60 > [] drm_atomic_helper_set_config+0x1c5/0x430 > [] drm_mode_set_config_internal+0x65/0x110 > [] restore_fbdev_mode+0xbe/0xe0 > [] drm_fb_helper_restore_fbdev_mode_unlocked+0x25/0x70 > [] drm_fb_helper_set_par+0x2d/0x50 > [] intel_fbdev_set_par+0x1a/0x60 > [] fbcon_init+0x545/0x5d0 > [] visual_init+0xca/0x130 > [] do_bind_con_driver+0x1c5/0x3b0 > [] do_take_over_console+0x149/0x1a0 > [] do_fbcon_takeover+0x57/0xb0 > [] fbcon_event_notify+0x66c/0x760 > [] notifier_call_chain+0x3e/0xb0 > [] __blocking_notifier_call_chain+0x4d/0x70 > [] blocking_notifier_call_chain+0x16/0x20 > [] fb_notifier_call_chain+0x1b/0x20 > [] register_framebuffer+0x1e7/0x300 > [] drm_fb_helper_initial_config+0x252/0x3e0 > [] intel_fbdev_initial_config+0x1b/0x20 > [] async_run_entry_fn+0x4a/0x140 > [] process_one_work+0x1fd/0x670 > [] ? process_one_work+0x16c/0x670 > [] worker_thread+0x4e/0x450 > [] ? process_one_work+0x670/0x670 > [] kthread+0x101/0x120 > [] ? kthread_create_on_node+0x250/0x250 > [] ret_from_fork+0x3f/0x70 > [] ? kthread_create_on_node+0x250/0x250 > ---[ end trace 54cab2e0c772d5d9 ]--- > > > 00:02.0 VGA compatible controller: Intel Corporation Xeon E3-1200 v3 > Processor Integrated Graphics Controller (rev 06) ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] [git pull] drm for 4.3
On Fri, Sep 04, 2015 at 11:40:53PM +0100, Dave Airlie wrote: > > Hi Linus, > > This is the main pull request for the drm for 4.3. Nouveau is probably the > biggest > amount of changes in here, since it missed 4.2. Highlights below, along with > the usual > bunch of fixes. There are a few minor conflicts with your tree but nothing > you can't handle. All stuff outside drm should have applicable acks. > > Highlights: > > ... > i915: > Skylake support enabled by default > legacy modesetting using atomic infrastructure > Skylake fixes > GEN9 workarounds Since this merge, I'm seeing this twice during boot.. [ cut here ] WARNING: CPU: 0 PID: 6 at drivers/gpu/drm/i915/intel_display.c:1377 assert_planes_disabled+0xdf/0x140() plane A assertion failure, should be disabled but not CPU: 0 PID: 6 Comm: kworker/u8:0 Not tainted 4.2.0-think+ #9 Workqueue: events_unbound async_run_entry_fn 0561 88050392b6f8 8d7dccce 88050392b740 88050392b730 8d079ee2 880500a6 8805008e99c8 88050392b790 Call Trace: [] dump_stack+0x4e/0x79 [] warn_slowpath_common+0x82/0xc0 [] warn_slowpath_fmt+0x4c/0x50 [] assert_planes_disabled+0xdf/0x140 [] intel_disable_pipe+0x4b/0x2c0 [] haswell_crtc_disable+0x8a/0x2e0 [] intel_atomic_commit+0xff/0x1320 [] ? drm_atomic_check_only+0x21e/0x550 [] drm_atomic_commit+0x37/0x60 [] drm_atomic_helper_set_config+0x1c5/0x430 [] drm_mode_set_config_internal+0x65/0x110 [] restore_fbdev_mode+0xbe/0xe0 [] drm_fb_helper_restore_fbdev_mode_unlocked+0x25/0x70 [] drm_fb_helper_set_par+0x2d/0x50 [] intel_fbdev_set_par+0x1a/0x60 [] fbcon_init+0x545/0x5d0 [] visual_init+0xca/0x130 [] do_bind_con_driver+0x1c5/0x3b0 [] do_take_over_console+0x149/0x1a0 [] do_fbcon_takeover+0x57/0xb0 [] fbcon_event_notify+0x66c/0x760 [] notifier_call_chain+0x3e/0xb0 [] __blocking_notifier_call_chain+0x4d/0x70 [] blocking_notifier_call_chain+0x16/0x20 [] fb_notifier_call_chain+0x1b/0x20 [] register_framebuffer+0x1e7/0x300 [] drm_fb_helper_initial_config+0x252/0x3e0 [] intel_fbdev_initial_config+0x1b/0x20 [] async_run_entry_fn+0x4a/0x140 [] process_one_work+0x1fd/0x670 [] ? process_one_work+0x16c/0x670 [] worker_thread+0x4e/0x450 [] ? process_one_work+0x670/0x670 [] kthread+0x101/0x120 [] ? kthread_create_on_node+0x250/0x250 [] ret_from_fork+0x3f/0x70 [] ? kthread_create_on_node+0x250/0x250 ---[ end trace 54cab2e0c772d5d9 ]--- 00:02.0 VGA compatible controller: Intel Corporation Xeon E3-1200 v3 Processor Integrated Graphics Controller (rev 06) ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
[Intel-gfx] i915/kasan: out of bounds access in i915_cmd_parser_init_ring
I finally got around to playing with kasan. It didn't end well. I added some debugging to validate_cmds_sorted to print out the table sizes right before the stack traces. Dave validate_cmds_sorted: table:a1fb4220 cmd_table_count:3 validate_cmds_sorted: table:a1fb4220 table-count:12 validate_cmds_sorted: table:a1fb4230 table-count:20 validate_cmds_sorted: table:a1fb4230 table-count:20 validate_cmds_sorted: table:a1fb4240 table-count:18 validate_cmds_sorted: table:a1fb41e0 cmd_table_count:2 validate_cmds_sorted: table:a1fb41e0 table-count:12 validate_cmds_sorted: table:a1fb41f0 table-count:7 validate_cmds_sorted: table:a1fb4100 cmd_table_count:3 validate_cmds_sorted: table:a1fb4100 table-count:12 validate_cmds_sorted: table:a1fb4110 table-count:6 == BUG: KASan: out of bounds access in i915_cmd_parser_init_ring+0x66b/0x760 at addr a1fb4374 Read of size 4 by task swapper/0/1 Address belongs to variable hsw_blt_cmds+0xb4/0xe0 CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.2.0-rc6-firewall+ #4 0002 8801d6baf478 a1c0b4fb 0032 8801d6baf510 8801d6baf4f8 a123198f 8801d6baf5a8 ed003ad75e9b 0246 a1fb4110 1000 Call Trace: [a1c0b4fb] dump_stack+0x4f/0x7b [a123198f] kasan_report_error+0x3bf/0x3f0 [a1231a9b] kasan_report+0x3b/0x40 [a166d7ab] ? i915_cmd_parser_init_ring+0x66b/0x760 [a1230e06] __asan_load4+0x66/0xa0 [a166d7ab] i915_cmd_parser_init_ring+0x66b/0x760 [a16c0459] intel_init_ring_buffer+0x449/0x680 [a16c61de] intel_init_blt_ring_buffer+0x38e/0x520 [a1687744] i915_gem_init_rings+0x74/0x220 [a168c292] i915_gem_init+0x1e2/0x320 [a1768ff1] i915_driver_load+0x1571/0x2310 [a11090ee] ? debug_lockdep_rcu_enabled+0x4e/0x70 [a10e98ce] ? __lock_acquire+0x97e/0x2710 [a14c8b87] ? debug_smp_processor_id+0x17/0x20 [a10e8f50] ? debug_show_all_locks+0x280/0x280 [a1c1279b] ? __mutex_unlock_slowpath+0x11b/0x1e0 [a10e6bb2] ? trace_hardirqs_on_caller+0x192/0x2a0 [a1767a80] ? i915_getparam+0x390/0x390 [a10e69f4] ? mark_held_locks+0xa4/0xd0 [a1c19538] ? _raw_spin_unlock_irqrestore+0x58/0x70 [a10e6bb2] ? trace_hardirqs_on_caller+0x192/0x2a0 [a10b8431] ? preempt_count_sub+0xc1/0x130 [a1c19523] ? _raw_spin_unlock_irqrestore+0x43/0x70 [a1612811] drm_dev_register+0xd1/0x170 [a16166a1] drm_get_pci_dev+0xf1/0x350 [a10e6bb2] ? trace_hardirqs_on_caller+0x192/0x2a0 [a163df43] i915_pci_probe+0x83/0xb0 [a14f522f] pci_device_probe+0xcf/0x130 [a17756f1] driver_probe_device+0x1e1/0x410 [a1775920] ? driver_probe_device+0x410/0x410 [a1775920] ? driver_probe_device+0x410/0x410 [a17759f6] __driver_attach+0xd6/0xe0 [a17725e5] bus_for_each_dev+0xf5/0x160 [a17724f0] ? bus_remove_file+0xa0/0xa0 [a10f2ee4] ? do_raw_spin_unlock+0xa4/0x140 [a10b8431] ? preempt_count_sub+0xc1/0x130 [a1775b80] driver_attach+0x30/0x40 [a17738e1] bus_add_driver+0x2b1/0x330 [a17763ce] driver_register+0xde/0x1b0 [a14f579c] __pci_register_driver+0xbc/0xd0 [a1616ae7] drm_pci_init+0x1e7/0x210 [a2975265] ? do_one_initcall+0x108/0x242 [a2975265] ? do_one_initcall+0x108/0x242 [a29b732f] i915_init+0xdb/0xe3 [a29b7254] ? mipi_dsi_bus_init+0x12/0x12 [a2975384] do_one_initcall+0x227/0x242 [a297515d] ? start_kernel+0x4ed/0x4ed [a10a38db] ? parse_args+0x5b/0x4f0 [a297562f] kernel_init_freeable+0x290/0x321 [a1c03ce0] ? rest_init+0x150/0x150 [a1c03cf4] kernel_init+0x14/0x100 [a1c03ce0] ? rest_init+0x150/0x150 [a1c1a3bf] ret_from_fork+0x3f/0x70 [a1c03ce0] ? rest_init+0x150/0x150 Memory state around the buggy address: a1fb4200: fa fa fa fa 00 00 00 00 00 00 fa fa fa fa fa fa a1fb4280: 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 00 00 a1fb4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa ^ a1fb4380: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 00 00 a1fb4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 == == BUG: KASan: out of bounds access in i915_cmd_parser_init_ring+0x67e/0x760 at addr a1fb4378 Read of size 4 by task swapper/0/1 Address belongs to variable hsw_blt_cmds+0xb8/0xe0 CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.2.0-rc6-firewall+ #4 0002 8801d6baf478 a1c0b4fb 0032
Re: [Intel-gfx] [git pull] drm fixes
On Mon, Mar 23, 2015 at 11:33:42AM -0400, Josh Boyer wrote: I have a machine that no longer boots in a headless manner with -rc5. It's an Celeron based NUC device. I blacklisted the i915 driver and it boots fine, then I ran insmod manually and got the backtrace below. This machine only has HDMI output on it. If I have it connected (even if the monitor is set to display some other input) it will boot fine, but the backtrace is still present. I'm going to guess the machine hangs in headless because X causes some further issues in the headless case. Linux v4.0-rc4-199-gb314acaccd7e gets this splat in the headless state: [ +0.39] WARNING: CPU: 0 PID: 63 at drivers/gpu/drm/i915/i915_gem.c:4525 i915_gem_free_object+0x2e5/0x320 [i915]() [ +0.02] WARN_ON(obj-frontbuffer_bits) which is what I thought one of these commits was supposed to fix. I don't see that in -rc5, but then we have these other issues. [ +0.37] WARNING: CPU: 1 PID: 1486 at include/linux/kref.h:47 drm_framebuffer_reference+0x7a/0x90 [drm]() .. [ +0.37] WARNING: CPU: 0 PID: 563 at drivers/gpu/drm/drm_atomic.c:482 drm_atomic_check_only+0x33d/0x500 [drm]() I've started seeing this one too as of rc5. Along with.. = BUG kmalloc-192 (Tainted: GW ): Poison overwritten - Disabling lock debugging due to kernel taint INFO: 0x8804277e5c78-0x8804277e5c78. First byte 0x6a instead of 0x6b INFO: Allocated in ironlake_get_initial_plane_config+0x86/0x390 [i915] age=175 cpu=5 pid=313 __slab_alloc.constprop.79+0x5a9/0x670 kmem_cache_alloc_trace+0x21f/0x300 ironlake_get_initial_plane_config+0x86/0x390 [i915] intel_modeset_init+0x9d9/0x1a50 [i915] i915_driver_load+0xebf/0x1150 [i915] drm_dev_register+0xb5/0x110 [drm] drm_get_pci_dev+0x8d/0x200 [drm] i915_pci_probe+0x3b/0x60 [i915] pci_device_probe+0x8c/0xf0 driver_probe_device+0x90/0x3e0 __driver_attach+0xa3/0xb0 bus_for_each_dev+0x73/0xc0 driver_attach+0x1e/0x20 bus_add_driver+0x188/0x260 driver_register+0x64/0xf0 __pci_register_driver+0x64/0x70 INFO: Freed in intel_user_framebuffer_destroy+0x65/0xa0 [i915] age=40 cpu=0 pid=128 __slab_free+0x19e/0x2c0 kfree+0x2c1/0x310 intel_user_framebuffer_destroy+0x65/0xa0 [i915] drm_framebuffer_free+0x50/0x60 [drm] drm_framebuffer_unreference+0x35/0x70 [drm] drm_atomic_helper_plane_destroy_state+0x1f/0x30 [drm_kms_helper] intel_plane_destroy_state+0xe/0x10 [i915] drm_plane_helper_commit+0xb2/0x2e0 [drm_kms_helper] drm_plane_helper_update+0x9a/0xf0 [drm_kms_helper] __intel_set_mode+0x8b5/0xb70 [i915] intel_crtc_set_config+0xc4b/0x1030 [i915] drm_mode_set_config_internal+0x69/0x120 [drm] restore_fbdev_mode+0xc8/0xf0 [drm_kms_helper] drm_fb_helper_restore_fbdev_mode_unlocked+0x29/0x80 [drm_kms_helper] drm_fb_helper_set_par+0x22/0x50 [drm_kms_helper] intel_fbdev_set_par+0x1a/0x60 [i915] INFO: Slab 0xea00109df900 objects=31 used=31 fp=0x (null) flags=0x80004080 INFO: Object 0x8804277e5c70 @offset=7280 fp=0x8804277e6288 Bytes b4 8804277e5c60: 54 7a fb ff 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a Tz.. Object 8804277e5c70: 6b 6b 6b 6b 6b 6b 6b 6b 6a 6b 6b 6b 6b 6b 6b 6b jkkk Object 8804277e5c80: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5c90: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5ca0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5cb0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5cc0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5cd0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5ce0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5cf0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5d00: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5d10: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 8804277e5d20: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkk. Redzone 8804277e5d30: bb bb bb bb bb bb bb bb Padding 8804277e5e70: 5a 5a 5a 5a 5a 5a 5a 5a CPU: 4 PID: 128 Comm: kworker/u16:4 Tainted: GB W 4.0.0-rc5-backupdebug+ #1 Workqueue: events_unbound async_run_entry_fn 8804277e5c70 2ebc2945 8800b780f578
Re: [Intel-gfx] [git pull] drm fixes
On Wed, Mar 25, 2015 at 09:56:28AM +0100, Daniel Vetter wrote: I've started seeing this one too as of rc5. Along with.. Yeah we're freeing memory too early with these bugs. To get up to the current debug state can you please cherry-pick commit f55548b5af87ebfc586ca75748947f1c1b1a4a52 Author: Damien Lespiau damien.lesp...@intel.com Date: Thu Feb 5 18:30:20 2015 + drm/i915: Don't try to reference the fb in get_initial_plane_config() and commit fb9981aa675eb7b398849915364916fd98833cfa Author: Damien Lespiau damien.lesp...@intel.com Date: Thu Feb 5 19:24:25 2015 + drm/i915: Fix atomic state when reusing the firmware fb from linux-next and then check what's left? I'm probably not going to get time to look at this again until the weekend. If things are still awry in rc6, I'll holler. Dave ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
[Intel-gfx] dmar messages caused by graphics.
Just hit this while fuzz-testing, (curiously, no graphics related stuff was happening, X isn't even loaded on that box). dmar: DRHD: handling fault status reg 2 dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 7ff000 DMAR:[fault reason 05] PTE Write access is not set 00:02:0 is.. 00:02.0 VGA compatible controller: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller (rev 06) (prog-if 00 [VGA controller]) 00: 86 80 12 04 07 04 90 00 06 00 00 03 00 00 00 00 10: 04 00 00 c0 00 00 00 00 0c 00 00 b0 00 00 00 00 20: 01 30 00 00 00 00 00 00 00 00 00 00 86 80 12 22 30: 00 00 00 00 90 00 00 00 00 00 00 00 0b 01 00 00 So then I rebooted, and noticed it spewed the exact same message on boot up too. I power cycled, and this time got [0.576231] dmar: Host address width 39 [0.576336] dmar: DRHD base: 0x00fed9 flags: 0x0 [0.576491] dmar: IOMMU 0: reg_base_addr fed9 ver 1:0 cap c020660462 ecap f0101a [0.576659] dmar: DRHD base: 0x00fed91000 flags: 0x1 [0.576793] dmar: IOMMU 1: reg_base_addr fed91000 ver 1:0 cap d2008020660462 ecap f010da [0.576961] dmar: RMRR base: 0x00a2a1f000 end: 0x00a2a32fff [0.577075] dmar: RMRR base: 0x00ad80 end: 0x00af9f [6.715745] DMAR: No ATSR found [8.081845] [drm] DMAR active, disabling use of stolen memory [9.927343] dmar: DRHD: handling fault status reg 2 [9.928335] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 3c11284000 DMAR:[fault reason 05] PTE Write access is not set [ 11.916211] dmar: DRHD: handling fault status reg 2 [ 11.917105] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 3c11284000 DMAR:[fault reason 05] PTE Write access is not set Same thing, different fault address. It seems to change every time I boot. Looking in the logs, this started happening on the 15th. The first instance was this during boot.. [9.917240] dmar: DRHD: handling fault status reg 2 [9.918150] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 73 [9.918150] DMAR:[fault reason 05] PTE Write access is not set [9.919582] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 7ff000 [9.919582] DMAR:[fault reason 05] PTE Write access is not set [ 10.157240] dmar: DRHD: handling fault status reg 3 [ 10.158017] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 3579736000 [ 10.158017] DMAR:[fault reason 05] PTE Write access is not set [ 11.926114] dmar: DRHD: handling fault status reg 3 [ 11.927117] dmar: DMAR:[DMA Write] Request device [00:02.0] fault addr 73 [ 11.927117] DMAR:[fault reason 05] PTE Write access is not set That time, the 'reg 3' showed up. Dying hardware ? Or bug ? Dave ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] [PATCH] drm: Fix use-after-free in the shadow-attache exit code
On Thu, Jan 30, 2014 at 05:58:38PM +0100, Daniel Vetter wrote: This regression has been introduced in commit b3f2333de8e81b089262b26d52272911523e605f Author: Daniel Vetter daniel.vet...@ffwll.ch Date: Wed Dec 11 11:34:31 2013 +0100 drm: restrict the device list for shadow attached drivers btw, I noticed this because it got flagged in the nightly coverity runs. Of the 18 new issues added yesterday 14 were from drivers/gpu/ If drm developers want to sign up at http://scan.coverity.com to help out looking over those (and the backlog: stats below) I can get those accounts approved quickly. I've been going through trying to clear out as much of the 'noise' as possible, but it's a huge job. There's a bunch of cases where the checker can't figure out if it's a real bug or not because it doesn't know things like the hardware will only ever return these values, but the majority look like actual coding flaws. Dave Currently outstanding issues: Radeon: 64 Nouveau: 36 i915: 32 misc drm: 24 gma500: 11 qxl: 7 ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
[Intel-gfx] 'power well on' trace in Linus current tree.
I left this on overnight, and this morning this was in the log. Dave WARNING: CPU: 1 PID: 131 at drivers/gpu/drm/i915/intel_display.c:6309 hsw_enable_pc8_work+0x6a9/0x6d0() Power well on Modules linked in: tun hidp bnep rfcomm can_raw can_bcm caif_socket caif phonet af_rxrpc bluetooth can llc2 pppoe pppox ppp_generic slhc af_key rose netrom snd_seq_dummy ipt_ULOG nfnetlink nfc af_802154 irda crc_ccitt rds scsi_transport_iscsi x25 atm appletalk ipx p8023 psnap p8022 llc ax25 cfg80211 rfkill snd_hda_codec_hdmi xfs snd_hda_codec_realtek snd_hda_intel snd_hda_codec coretemp snd_hwdep hwmon snd_seq snd_seq_device x86_pkg_temp_thermal snd_pcm libcrc32c snd_page_alloc e1000e snd_timer snd kvm_intel kvm crct10dif_pclmul crc32c_intel ghash_clmulni_intel shpchp serio_raw pcspkr ptp usb_debug soundcore microcode pps_core CPU: 1 PID: 131 Comm: kworker/1:2 Not tainted 3.13.0-rc3+ #3 Workqueue: events hsw_enable_pc8_work 81a98b80 88023d185c98 8174cfd8 88023d185ce0 88023d185cd0 8105414d 88023e28d5f8 88023e288000 88024155ef50 88024155ef58 0080 88023d185d30 Call Trace: [8174cfd8] dump_stack+0x4e/0x7a [8105414d] warn_slowpath_common+0x7d/0xa0 [810541bc] warn_slowpath_fmt+0x4c/0x50 [81493339] hsw_enable_pc8_work+0x6a9/0x6d0 [81076611] process_one_work+0x211/0x6f0 [810765a5] ? process_one_work+0x1a5/0x6f0 [81076c0b] worker_thread+0x11b/0x3a0 [81076af0] ? process_one_work+0x6f0/0x6f0 [8107f55f] kthread+0xff/0x120 [8107f460] ? insert_kthread_work+0x80/0x80 [817608ac] ret_from_fork+0x7c/0xb0 [8107f460] ? insert_kthread_work+0x80/0x80 ---[ end trace 23d69c0f014b7eb8 ]--- 00:02.0 8086:0412 VGA compatible controller: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller (rev 06) ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
[Intel-gfx] pipe_off wait timed out
This is new to me as of 3.10-rc2. WARNING: at drivers/gpu/drm/i915/intel_display.c:997 intel_wait_for_pipe_off+0x194/0x1a0 [i915]() pipe_off wait timed out Modules linked in: ipt_MASQUERADE iptable_nat nf_nat_ipv4 nf_nat xt_LOG xt_limit ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter nf_conntrack_ipv4 nf_defrag_ipv4 ip6_tables xt_conntrack nf_conntrack microcode pcspkr r8169 mii nfsd auth_rpcgss nfs_acl lockd sunrpc i915 video backlight i2c_algo_bit drm_kms_helper drm CPU: 3 PID: 1414 Comm: kworker/3:1 Not tainted 3.10.0-rc2+ #3 Hardware name: /D510MO, BIOS MOPNV10J.86A.0175.2010.0308.0620 03/08/2010 Workqueue: events console_callback a00d1c08 8800753c7988 8151fd9f 8800753c79c8 8103ca8b 08dd 880076738000 031f 1fff 00071000 000100086e1b 8800753c7a28 Call Trace: [8151fd9f] dump_stack+0x19/0x1b [8103ca8b] warn_slowpath_common+0x6b/0xa0 [8103cb61] warn_slowpath_fmt+0x41/0x50 [a008d414] intel_wait_for_pipe_off+0x194/0x1a0 [i915] [a008d5a5] intel_disable_pipe+0x185/0x210 [i915] [a008dcef] i9xx_crtc_disable+0xcf/0x230 [i915] [a009245f] intel_crtc_update_dpms+0x6f/0xa0 [i915] [a0092515] intel_encoder_dpms+0x15/0x30 [i915] [a0097207] intel_connector_dpms+0x37/0x70 [i915] [a00520b0] drm_fb_helper_dpms.isra.17+0xc0/0x110 [drm_kms_helper] [a0052131] drm_fb_helper_blank+0x31/0x80 [drm_kms_helper] [812a6f51] fb_blank+0x51/0xc0 [812b5c3b] fbcon_blank+0x22b/0x2e0 [81526d95] ? _raw_spin_unlock_irqrestore+0x65/0x80 [8109a475] ? trace_hardirqs_on_caller+0x105/0x1d0 [8109a54d] ? trace_hardirqs_on+0xd/0x10 [81526d6d] ? _raw_spin_unlock_irqrestore+0x3d/0x80 [8104b3c6] ? try_to_del_timer_sync+0x56/0x70 [8104b48a] ? del_timer_sync+0xaa/0xd0 [8104b3e0] ? try_to_del_timer_sync+0x70/0x70 [81324618] do_blank_screen+0x1d8/0x280 [813269bf] console_callback+0x5f/0x150 [8105a7f1] process_one_work+0x1f1/0x490 [8105a78c] ? process_one_work+0x18c/0x490 [8105aef3] worker_thread+0x113/0x370 [8105ade0] ? rescuer_thread+0x310/0x310 [81062798] kthread+0xe8/0xf0 [81094732] ? get_lock_stats+0x22/0x70 [810626b0] ? kthread_create_on_node+0x150/0x150 [8152d02c] ret_from_fork+0x7c/0xb0 [810626b0] ? kthread_create_on_node+0x150/0x150 ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] pipe_off wait timed out
On Wed, May 22, 2013 at 01:10:36AM +0200, Daniel Vetter wrote: On Wed, May 22, 2013 at 1:01 AM, Dave Jones da...@redhat.com wrote: This is new to me as of 3.10-rc2. If this is an ironlake with a DP output it's a know issue which seems to pop up every once in a while. 00:02.0 VGA compatible controller: Intel Corporation Atom Processor D4xx/D5xx/N4xx/N5xx Integrated Graphics Controller (rev 02) Otherwise we need to take a look here. If so can you please boot with drm.debug=0xe, reproduce the issue and attach the complete dmesg? Also does 3.10-rc1 work (since you mention -rc2 specifically and there wasn't really a lot going into that for drm/i915). It had been running rc1 for the last week or so without incident. Though I've been away, with the monitor turned off. Judging by the trace, this seems to be related to console blanking ? (this is my home firewall, so spends most of its time with the screen turned off) I've added that debug option to my command line, I'll keep an eye on it and try to reproduce over the next few days. Dave ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
Re: [Intel-gfx] [PATCH] drm/i915: Sanity check incoming ioctl data for a NULL pointer
On Sun, Mar 17, 2013 at 08:50:03PM +0100, Daniel Vetter wrote: Doesn't that mean that we need these checks everywhere? Or at least a fixup in drm core proper? And I think we need to add trinity to our test setup eventually ;-) Note that trinity's ioctl fuzzing is still very new (added in just the last few weeks), and for drm isn't very advanced at all yet. I was pretty surprised when Tommi's changes started turning up bugs so quickly, but I guess a lot of the ioctl paths have just never been audited for these kinds of bugs. As you can see at https://github.com/kernelslacker/trinity/blob/master/ioctls/drm.c It's literally just enumerating the known ioctl's, and using the generic fuzzing routines (so it just guesses what the argument is, and hence passes crap like NULL, or a page of garbage). Eventually I'd like to have routines for each of the individual ioctl cases to pass something that looks slightly more realistic to what it's expecting to see. (Compare to say, the SCSI SG_IO routines here: https://github.com/kernelslacker/trinity/blob/master/ioctls/scsi.c [still kinda dumb, but gives an idea of the direction]) Lots of work ahead. Dave ___ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/intel-gfx
