diff mbox series

drm/i915: Only process VCS2 only when supported

Message ID 20190105024001.37629-7-carlos.santa@intel.com (mailing list archive)
State New, archived
Headers show
Series drm/i915: Only process VCS2 only when supported | expand

Commit Message

Santa, Carlos Jan. 5, 2019, 2:39 a.m. UTC
Not checking for BSD2 causes a segfault on GPU revs
with no h/w support for the extra media engines.

Segfault on ULX GT2 (0x591e) follows:

Patch shared by Michel Thierry on IIRC.

[  468.625970] BUG: unable to handle kernel NULL pointer dereference at 00000000000002c0
[  468.625978] IP: gen8_cs_irq_handler+0x8d/0xcf
[  468.625979] PGD 0 P4D 0
[  468.625983] Oops: 0002 [#1] PREEMPT SMP PTI
[  468.625987] Dumping ftrace buffer:
[  468.625990]    (ftrace buffer empty)
[  468.627877] gsmi: Log Shutdown Reason 0x03
[  468.627880] Modules linked in: cmac rfcomm uinput joydev snd_soc_hdac_hdmi snd_soc_dmic snd_soc_skl snd_soc_skl_ipc lzo lzo_compress snd_soc_sst_ipc snd_soc_sst_dsp snd_soc_acpi snd_hda_ext_core snd_hda_core zram snd_soc_max98927 ipt_MASQUERADE nf_nat_masquerade_ipv4 hid_multitouch xt_mark fuse cdc_ether usbnet btusb btrtl btbcm btintel uvcvideo bluetooth videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core ecdh_generic iio_trig_sysfs cros_ec_light_prox cros_ec_sensors_ring cros_ec_sensors cros_ec_activity cros_ec_sensors_core industrialio_triggered_buffer kfifo_buf industrialio iwlmvm iwl7000_mac80211 r8152 mii iwlwifi cfg80211
[  468.627917] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.64 #38
[  468.627919] Hardware name: Google Eve/Eve, BIOS Google_Eve.9584.107.0 11/07/2017
[  468.627922] task: ffff96bf35a13c00 task.stack: ffffa79880070000
[  468.627925] RIP: 0010:gen8_cs_irq_handler+0x8d/0xcf
[  468.627928] RSP: 0018:ffff96bf3ec83df8 EFLAGS: 00010002
[  468.627931] RAX: 0000000001000000 RBX: 0000000000000000 RCX: 0000000000000010
[  468.627933] RDX: 0000000000000010 RSI: 0000000000000040 RDI: 0000000000000000
[  468.627936] RBP: ffff96bf3ec83e20 R08: 0000000000000000 R09: 0000000000000000
[  468.627938] R10: ffffa79880073dc8 R11: ffffffffa2a6453d R12: ffff96bf3ec83e70
[  468.627940] R13: 0000000000000079 R14: 0000000000000000 R15: 0000000000000040
[  468.627943] FS:  0000000000000000(0000) GS:ffff96bf3ec80000(0000) knlGS:0000000000000000
[  468.627945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  468.627948] CR2: 00000000000002c0 CR3: 000000016fe12002 CR4: 00000000003606e0
[  468.627950] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  468.627953] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  468.627955] Call Trace:
[  468.627959]  <IRQ>
[  468.627963]  gen8_gt_irq_handler+0x5e/0xed
[  468.627968]  gen8_irq_handler+0x9f/0x5ce
[  468.627973]  __handle_irq_event_percpu+0xb8/0x1da
[  468.627977]  handle_irq_event_percpu+0x32/0x77
[  468.627980]  handle_irq_event+0x36/0x55
[  468.627984]  handle_edge_irq+0x7d/0xcd
[  468.627988]  handle_irq+0xd9/0x11e
[  468.627992]  do_IRQ+0x4b/0xd0
[  468.627996]  common_interrupt+0x7a/0x7a
[  468.627999]  </IRQ>
[  468.628003] RIP: 0010:cpuidle_enter_state+0xff/0x177
[  468.628005] RSP: 0018:ffffa79880073e78 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff5e
[  468.628008] RAX: ffff96bf3eca09c0 RBX: 000000000002b9c3 RCX: 0000006d1c48c3b5
[  468.628010] RDX: 0000000000000037 RSI: 0000000000000001 RDI: 0000000000000000
[  468.628013] RBP: ffffa79880073ec0 R08: 0000000000000002 R09: 0000000000005000
[  468.628015] R10: 071c71c71c71c71c R11: ffffffffa2e42687 R12: 0000000000000000
[  468.628017] R13: 0000000000000002 R14: 0000000000000002 R15: ffff96bf3eca7d00
[  468.628020]  ? cpu_idle_poll+0x8e/0x8e
[  468.628025]  ? cpuidle_enter_state+0xe3/0x177
[  468.628028]  do_idle+0x10c/0x19d
[  468.628033]  cpu_startup_entry+0x6d/0x6f
[  468.628036]  start_secondary+0x189/0x1a4
[  468.628041]  secondary_startup_64+0xa5/0xb0
[  468.628044] Code: c3 84 db 74 20 f0 41 0f ba ae 98 02 00 00 00 0f 92 45 df 80 7d df 00 75 0c 49 8d be 90 02 00 00 e8 3a 7a c6 ff 41 f6 c7 40 74 23 <f0> 41 0f ba ae c0 02 00 00 00 0f 92 45 de 80 7d de 00 75 0f 49
[  468.628083] RIP: gen8_cs_irq_handler+0x8d/0xcf RSP: ffff96bf3ec83df8
[  468.628085] CR2: 00000000000002c0
[  468.628088] ---[ end trace a7a497ddeb44bcf8 ]---

Tested-by: Carlos Santa <carlos.santa@intel.com>
Cc: Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com>
Cc: Antonio Argenziano <antonio.argenziano@intel.com>
Cc: Michel Thierry <michel.thierry@intel.com>
Signed-off-by: Carlos Santa <carlos.santa@intel.com>
---
 drivers/gpu/drm/i915/i915_irq.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Tvrtko Ursulin Jan. 7, 2019, 12:40 p.m. UTC | #1
On 05/01/2019 02:39, Carlos Santa wrote:
> Not checking for BSD2 causes a segfault on GPU revs
> with no h/w support for the extra media engines.
> 
> Segfault on ULX GT2 (0x591e) follows:
> 
> Patch shared by Michel Thierry on IIRC.
> 
> [  468.625970] BUG: unable to handle kernel NULL pointer dereference at 00000000000002c0
> [  468.625978] IP: gen8_cs_irq_handler+0x8d/0xcf
> [  468.625979] PGD 0 P4D 0
> [  468.625983] Oops: 0002 [#1] PREEMPT SMP PTI
> [  468.625987] Dumping ftrace buffer:
> [  468.625990]    (ftrace buffer empty)
> [  468.627877] gsmi: Log Shutdown Reason 0x03
> [  468.627880] Modules linked in: cmac rfcomm uinput joydev snd_soc_hdac_hdmi snd_soc_dmic snd_soc_skl snd_soc_skl_ipc lzo lzo_compress snd_soc_sst_ipc snd_soc_sst_dsp snd_soc_acpi snd_hda_ext_core snd_hda_core zram snd_soc_max98927 ipt_MASQUERADE nf_nat_masquerade_ipv4 hid_multitouch xt_mark fuse cdc_ether usbnet btusb btrtl btbcm btintel uvcvideo bluetooth videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core ecdh_generic iio_trig_sysfs cros_ec_light_prox cros_ec_sensors_ring cros_ec_sensors cros_ec_activity cros_ec_sensors_core industrialio_triggered_buffer kfifo_buf industrialio iwlmvm iwl7000_mac80211 r8152 mii iwlwifi cfg80211
> [  468.627917] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.64 #38
> [  468.627919] Hardware name: Google Eve/Eve, BIOS Google_Eve.9584.107.0 11/07/2017
> [  468.627922] task: ffff96bf35a13c00 task.stack: ffffa79880070000
> [  468.627925] RIP: 0010:gen8_cs_irq_handler+0x8d/0xcf
> [  468.627928] RSP: 0018:ffff96bf3ec83df8 EFLAGS: 00010002
> [  468.627931] RAX: 0000000001000000 RBX: 0000000000000000 RCX: 0000000000000010
> [  468.627933] RDX: 0000000000000010 RSI: 0000000000000040 RDI: 0000000000000000
> [  468.627936] RBP: ffff96bf3ec83e20 R08: 0000000000000000 R09: 0000000000000000
> [  468.627938] R10: ffffa79880073dc8 R11: ffffffffa2a6453d R12: ffff96bf3ec83e70
> [  468.627940] R13: 0000000000000079 R14: 0000000000000000 R15: 0000000000000040
> [  468.627943] FS:  0000000000000000(0000) GS:ffff96bf3ec80000(0000) knlGS:0000000000000000
> [  468.627945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [  468.627948] CR2: 00000000000002c0 CR3: 000000016fe12002 CR4: 00000000003606e0
> [  468.627950] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [  468.627953] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> [  468.627955] Call Trace:
> [  468.627959]  <IRQ>
> [  468.627963]  gen8_gt_irq_handler+0x5e/0xed
> [  468.627968]  gen8_irq_handler+0x9f/0x5ce
> [  468.627973]  __handle_irq_event_percpu+0xb8/0x1da
> [  468.627977]  handle_irq_event_percpu+0x32/0x77
> [  468.627980]  handle_irq_event+0x36/0x55
> [  468.627984]  handle_edge_irq+0x7d/0xcd
> [  468.627988]  handle_irq+0xd9/0x11e
> [  468.627992]  do_IRQ+0x4b/0xd0
> [  468.627996]  common_interrupt+0x7a/0x7a
> [  468.627999]  </IRQ>
> [  468.628003] RIP: 0010:cpuidle_enter_state+0xff/0x177
> [  468.628005] RSP: 0018:ffffa79880073e78 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff5e
> [  468.628008] RAX: ffff96bf3eca09c0 RBX: 000000000002b9c3 RCX: 0000006d1c48c3b5
> [  468.628010] RDX: 0000000000000037 RSI: 0000000000000001 RDI: 0000000000000000
> [  468.628013] RBP: ffffa79880073ec0 R08: 0000000000000002 R09: 0000000000005000
> [  468.628015] R10: 071c71c71c71c71c R11: ffffffffa2e42687 R12: 0000000000000000
> [  468.628017] R13: 0000000000000002 R14: 0000000000000002 R15: ffff96bf3eca7d00
> [  468.628020]  ? cpu_idle_poll+0x8e/0x8e
> [  468.628025]  ? cpuidle_enter_state+0xe3/0x177
> [  468.628028]  do_idle+0x10c/0x19d
> [  468.628033]  cpu_startup_entry+0x6d/0x6f
> [  468.628036]  start_secondary+0x189/0x1a4
> [  468.628041]  secondary_startup_64+0xa5/0xb0
> [  468.628044] Code: c3 84 db 74 20 f0 41 0f ba ae 98 02 00 00 00 0f 92 45 df 80 7d df 00 75 0c 49 8d be 90 02 00 00 e8 3a 7a c6 ff 41 f6 c7 40 74 23 <f0> 41 0f ba ae c0 02 00 00 00 0f 92 45 de 80 7d de 00 75 0f 49
> [  468.628083] RIP: gen8_cs_irq_handler+0x8d/0xcf RSP: ffff96bf3ec83df8
> [  468.628085] CR2: 00000000000002c0
> [  468.628088] ---[ end trace a7a497ddeb44bcf8 ]---
> 
> Tested-by: Carlos Santa <carlos.santa@intel.com>
> Cc: Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com>
> Cc: Antonio Argenziano <antonio.argenziano@intel.com>
> Cc: Michel Thierry <michel.thierry@intel.com>
> Signed-off-by: Carlos Santa <carlos.santa@intel.com>
> ---
>   drivers/gpu/drm/i915/i915_irq.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c
> index 859bbadb752f..953ebe5c85ce 100644
> --- a/drivers/gpu/drm/i915/i915_irq.c
> +++ b/drivers/gpu/drm/i915/i915_irq.c
> @@ -1554,7 +1554,8 @@ static void gen8_gt_irq_handler(struct drm_i915_private *i915,
>   	if (master_ctl & (GEN8_GT_VCS1_IRQ | GEN8_GT_VCS2_IRQ)) {
>   		gen8_cs_irq_handler(i915->engine[VCS],
>   				    gt_iir[1] >> GEN8_VCS1_IRQ_SHIFT);
> -		gen8_cs_irq_handler(i915->engine[VCS2],
> +		if(HAS_BSD2(i915))
> +			gen8_cs_irq_handler(i915->engine[VCS2],
>   				    gt_iir[1] >> GEN8_VCS2_IRQ_SHIFT);
>   	}
>   
> 

Why would we be getting interrupts from engines which are not there?

Is this just a consequence of the missing shift when programming 
interrupts in an earlier patch?

Regards,

Tvrtko
Santa, Carlos Jan. 24, 2019, 12:20 a.m. UTC | #2
On Mon, 2019-01-07 at 12:40 +0000, Tvrtko Ursulin wrote:
> On 05/01/2019 02:39, Carlos Santa wrote:
> > Not checking for BSD2 causes a segfault on GPU revs
> > with no h/w support for the extra media engines.
> > 
> > Segfault on ULX GT2 (0x591e) follows:
> > 
> > Patch shared by Michel Thierry on IIRC.
> > 
> > [  468.625970] BUG: unable to handle kernel NULL pointer
> > dereference at 00000000000002c0
> > [  468.625978] IP: gen8_cs_irq_handler+0x8d/0xcf
> > [  468.625979] PGD 0 P4D 0
> > [  468.625983] Oops: 0002 [#1] PREEMPT SMP PTI
> > [  468.625987] Dumping ftrace buffer:
> > [  468.625990]    (ftrace buffer empty)
> > [  468.627877] gsmi: Log Shutdown Reason 0x03
> > [  468.627880] Modules linked in: cmac rfcomm uinput joydev
> > snd_soc_hdac_hdmi snd_soc_dmic snd_soc_skl snd_soc_skl_ipc lzo
> > lzo_compress snd_soc_sst_ipc snd_soc_sst_dsp snd_soc_acpi
> > snd_hda_ext_core snd_hda_core zram snd_soc_max98927 ipt_MASQUERADE
> > nf_nat_masquerade_ipv4 hid_multitouch xt_mark fuse cdc_ether usbnet
> > btusb btrtl btbcm btintel uvcvideo bluetooth videobuf2_vmalloc
> > videobuf2_memops videobuf2_v4l2 videobuf2_core ecdh_generic
> > iio_trig_sysfs cros_ec_light_prox cros_ec_sensors_ring
> > cros_ec_sensors cros_ec_activity cros_ec_sensors_core
> > industrialio_triggered_buffer kfifo_buf industrialio iwlmvm
> > iwl7000_mac80211 r8152 mii iwlwifi cfg80211
> > [  468.627917] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.64
> > #38
> > [  468.627919] Hardware name: Google Eve/Eve, BIOS
> > Google_Eve.9584.107.0 11/07/2017
> > [  468.627922] task: ffff96bf35a13c00 task.stack: ffffa79880070000
> > [  468.627925] RIP: 0010:gen8_cs_irq_handler+0x8d/0xcf
> > [  468.627928] RSP: 0018:ffff96bf3ec83df8 EFLAGS: 00010002
> > [  468.627931] RAX: 0000000001000000 RBX: 0000000000000000 RCX:
> > 0000000000000010
> > [  468.627933] RDX: 0000000000000010 RSI: 0000000000000040 RDI:
> > 0000000000000000
> > [  468.627936] RBP: ffff96bf3ec83e20 R08: 0000000000000000 R09:
> > 0000000000000000
> > [  468.627938] R10: ffffa79880073dc8 R11: ffffffffa2a6453d R12:
> > ffff96bf3ec83e70
> > [  468.627940] R13: 0000000000000079 R14: 0000000000000000 R15:
> > 0000000000000040
> > [  468.627943] FS:  0000000000000000(0000)
> > GS:ffff96bf3ec80000(0000) knlGS:0000000000000000
> > [  468.627945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > [  468.627948] CR2: 00000000000002c0 CR3: 000000016fe12002 CR4:
> > 00000000003606e0
> > [  468.627950] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> > 0000000000000000
> > [  468.627953] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
> > 0000000000000400
> > [  468.627955] Call Trace:
> > [  468.627959]  <IRQ>
> > [  468.627963]  gen8_gt_irq_handler+0x5e/0xed
> > [  468.627968]  gen8_irq_handler+0x9f/0x5ce
> > [  468.627973]  __handle_irq_event_percpu+0xb8/0x1da
> > [  468.627977]  handle_irq_event_percpu+0x32/0x77
> > [  468.627980]  handle_irq_event+0x36/0x55
> > [  468.627984]  handle_edge_irq+0x7d/0xcd
> > [  468.627988]  handle_irq+0xd9/0x11e
> > [  468.627992]  do_IRQ+0x4b/0xd0
> > [  468.627996]  common_interrupt+0x7a/0x7a
> > [  468.627999]  </IRQ>
> > [  468.628003] RIP: 0010:cpuidle_enter_state+0xff/0x177
> > [  468.628005] RSP: 0018:ffffa79880073e78 EFLAGS: 00000206
> > ORIG_RAX: ffffffffffffff5e
> > [  468.628008] RAX: ffff96bf3eca09c0 RBX: 000000000002b9c3 RCX:
> > 0000006d1c48c3b5
> > [  468.628010] RDX: 0000000000000037 RSI: 0000000000000001 RDI:
> > 0000000000000000
> > [  468.628013] RBP: ffffa79880073ec0 R08: 0000000000000002 R09:
> > 0000000000005000
> > [  468.628015] R10: 071c71c71c71c71c R11: ffffffffa2e42687 R12:
> > 0000000000000000
> > [  468.628017] R13: 0000000000000002 R14: 0000000000000002 R15:
> > ffff96bf3eca7d00
> > [  468.628020]  ? cpu_idle_poll+0x8e/0x8e
> > [  468.628025]  ? cpuidle_enter_state+0xe3/0x177
> > [  468.628028]  do_idle+0x10c/0x19d
> > [  468.628033]  cpu_startup_entry+0x6d/0x6f
> > [  468.628036]  start_secondary+0x189/0x1a4
> > [  468.628041]  secondary_startup_64+0xa5/0xb0
> > [  468.628044] Code: c3 84 db 74 20 f0 41 0f ba ae 98 02 00 00 00
> > 0f 92 45 df 80 7d df 00 75 0c 49 8d be 90 02 00 00 e8 3a 7a c6 ff
> > 41 f6 c7 40 74 23 <f0> 41 0f ba ae c0 02 00 00 00 0f 92 45 de 80 7d
> > de 00 75 0f 49
> > [  468.628083] RIP: gen8_cs_irq_handler+0x8d/0xcf RSP:
> > ffff96bf3ec83df8
> > [  468.628085] CR2: 00000000000002c0
> > [  468.628088] ---[ end trace a7a497ddeb44bcf8 ]---
> > 
> > Tested-by: Carlos Santa <carlos.santa@intel.com>
> > Cc: Tvrtko Ursulin <tvrtko.ursulin@linux.intel.com>
> > Cc: Antonio Argenziano <antonio.argenziano@intel.com>
> > Cc: Michel Thierry <michel.thierry@intel.com>
> > Signed-off-by: Carlos Santa <carlos.santa@intel.com>
> > ---
> >   drivers/gpu/drm/i915/i915_irq.c | 3 ++-
> >   1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/drivers/gpu/drm/i915/i915_irq.c
> > b/drivers/gpu/drm/i915/i915_irq.c
> > index 859bbadb752f..953ebe5c85ce 100644
> > --- a/drivers/gpu/drm/i915/i915_irq.c
> > +++ b/drivers/gpu/drm/i915/i915_irq.c
> > @@ -1554,7 +1554,8 @@ static void gen8_gt_irq_handler(struct
> > drm_i915_private *i915,
> >   	if (master_ctl & (GEN8_GT_VCS1_IRQ | GEN8_GT_VCS2_IRQ)) {
> >   		gen8_cs_irq_handler(i915->engine[VCS],
> >   				    gt_iir[1] >> GEN8_VCS1_IRQ_SHIFT);
> > -		gen8_cs_irq_handler(i915->engine[VCS2],
> > +		if(HAS_BSD2(i915))
> > +			gen8_cs_irq_handler(i915->engine[VCS2],
> >   				    gt_iir[1] >> GEN8_VCS2_IRQ_SHIFT);
> >   	}
> >   
> > 
> 
> Why would we be getting interrupts from engines which are not there?
> 
> Is this just a consequence of the missing shift when programming 
> interrupts in an earlier patch?
> 
> Regards,
> 
> Tvrtko
> 

You were right, the correct shift was missing and that was causing this
bug, however, that was only affecting Chromium OS as the i915 driver
code base in that kernel is behind drm-tip. Adding "<< test_shift" in
gen8_cs_irq_handler() fixes that crash in the older kernel:

if (iir & (GT_GEN8_WATCHDOG_INTERRUPT) << test_shift)

Regards,
Carlos
diff mbox series

Patch

diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c
index 859bbadb752f..953ebe5c85ce 100644
--- a/drivers/gpu/drm/i915/i915_irq.c
+++ b/drivers/gpu/drm/i915/i915_irq.c
@@ -1554,7 +1554,8 @@  static void gen8_gt_irq_handler(struct drm_i915_private *i915,
 	if (master_ctl & (GEN8_GT_VCS1_IRQ | GEN8_GT_VCS2_IRQ)) {
 		gen8_cs_irq_handler(i915->engine[VCS],
 				    gt_iir[1] >> GEN8_VCS1_IRQ_SHIFT);
-		gen8_cs_irq_handler(i915->engine[VCS2],
+		if(HAS_BSD2(i915))
+			gen8_cs_irq_handler(i915->engine[VCS2],
 				    gt_iir[1] >> GEN8_VCS2_IRQ_SHIFT);
 	}