chromeos-4.14: i915: BUG: sleeping function called from invalid context |
||||
Issue descriptionSeen when running cbuildbot for reef-paladin. [ 16.929813] BUG: sleeping function called from invalid context at ../../../../../tmp/portage/sys-kernel/chromeos-kernel-experimental-4.14-r7/work/chromeos-kernel-experimental-4.14/mm/vmalloc.c:1093 [ 16.929825] in_atomic(): 0, irqs_disabled(): 0, pid: 1613, name: chrome [ 16.929831] CPU: 1 PID: 1613 Comm: chrome Not tainted 4.14.0-01611-g31b04e605374 #1 [ 16.929833] Hardware name: Google Reef/Reef, BIOS Google_Reef.9042.110.0 05/16/2017 [ 16.929837] Call Trace: [ 16.929850] dump_stack+0x4d/0x63 [ 16.929856] ___might_sleep+0x11f/0x12d [ 16.929859] __might_sleep+0x97/0x9e [ 16.929864] vm_unmap_aliases+0x48/0x167 [ 16.929870] change_page_attr_set_clr+0xfc/0x31b [ 16.929874] set_pages_array_wb+0x30/0x73 [ 16.929879] vm_free_pages_release+0x28/0x37 [ 16.929883] cleanup_page_dma+0x6f/0x78 [ 16.929886] gen8_ppgtt_clear_pd+0x12d/0x151 [ 16.929890] gen8_ppgtt_clear_pdp+0x61/0xcb [ 16.929893] gen8_ppgtt_clear_4lvl+0x69/0xef [ 16.929896] ppgtt_unbind_vma+0x24/0x26 [ 16.929901] i915_vma_unbind+0x185/0x264 [ 16.929905] i915_vma_close+0x76/0x94 [ 16.929909] context_close+0xe5/0x1aa [ 16.929913] i915_gem_context_destroy_ioctl+0x68/0x8b [ 16.929917] ? i915_gem_context_create_ioctl+0xf7/0xf7 [ 16.929921] drm_ioctl_kernel+0x69/0xa2 [ 16.929925] drm_ioctl+0x267/0x353 [ 16.929929] ? i915_gem_context_create_ioctl+0xf7/0xf7 [ 16.929932] ? __might_sleep+0x97/0x9e [ 16.929937] ? __inode_security_revalidate+0x34/0x67 [ 16.929942] vfs_ioctl+0x1e/0x2c [ 16.929945] do_vfs_ioctl+0x485/0x4a8 [ 16.929950] ? security_file_ioctl+0x35/0x49 [ 16.929953] SyS_ioctl+0x57/0x79 [ 16.929958] do_syscall_64+0x52/0x61 [ 16.929963] entry_SYSCALL64_slow_path+0x25/0x25 [ 16.929967] RIP: 0033:0x7e80384f4967 [ 16.929970] RSP: 002b:00007ffe2998f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 16.929973] RAX: ffffffffffffffda RBX: 00002c56b6276030 RCX: 00007e80384f4967 [ 16.929976] RDX: 00007ffe2998f1a8 RSI: 000000004008646e RDI: 0000000000000009 [ 16.929979] RBP: 00007ffe2998f190 R08: 0000000000000000 R09: 00007ffe2998f340 [ 16.929981] R10: 00002c56b5eac140 R11: 0000000000000246 R12: 0000000000000009 [ 16.929984] R13: 00002c56b541ee00 R14: 00007ffe2998f1a8 R15: 000000004008646e
,
Nov 21 2017
Looks like this is a known problem. https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_3321/shard-apl1/igt@gem_exec_reuse@contexts.html
,
Mar 7 2018
Problem is still seen. Instance with v4.14.24 on banon-paladin. [ 88.792958] BUG: sleeping function called from invalid context at ../../../../../tmp/portage/sys-kernel/chromeos-kernel-4_14-4.14.24-r169/work/chromeos-kernel-4_14-4.14.24/mm/vmalloc.c:1093 [ 88.792971] in_atomic(): 0, irqs_disabled(): 0, pid: 3207, name: chrome [ 88.792978] CPU: 1 PID: 3207 Comm: chrome Tainted: G W 4.14.24-04092-gce9a229f47af #1 [ 88.792981] Hardware name: GOOGLE Banon, BIOS Google_Banon.7287.373.0 08/13/2017 [ 88.792984] Call Trace: [ 88.793002] dump_stack+0x4d/0x63 [ 88.793011] ___might_sleep+0x11f/0x12e [ 88.793019] vm_unmap_aliases+0x48/0x167 [ 88.793027] change_page_attr_set_clr+0xfc/0x31b [ 88.793033] set_pages_array_wb+0x30/0x73 [ 88.793041] vm_free_pages_release+0x38/0x9b [ 88.793046] gen8_ppgtt_clear_pd+0x12d/0x151 [ 88.793052] gen8_ppgtt_clear_pdp+0x61/0xcb [ 88.793058] i915_vma_unbind+0x199/0x273 [ 88.793063] i915_vma_close+0x77/0x95 [ 88.793069] context_close+0xe3/0x1ad [ 88.793075] i915_gem_context_destroy_ioctl+0x67/0x88 [ 88.793080] ? i915_gem_context_create_ioctl+0xf7/0xf7 [ 88.793085] drm_ioctl_kernel+0x6c/0xa8 [ 88.793090] drm_ioctl+0x267/0x353 [ 88.793095] ? i915_gem_context_create_ioctl+0xf7/0xf7 [ 88.793102] ? __inode_security_revalidate+0x34/0x67 [ 88.793108] vfs_ioctl+0x21/0x2f [ 88.793113] do_vfs_ioctl+0x4c4/0x4e7 [ 88.793119] ? security_file_ioctl+0x3b/0x4f [ 88.793123] SyS_ioctl+0x57/0x79 [ 88.793129] do_syscall_64+0x6e/0x74 [ 88.793136] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 88.793142] RIP: 0033:0x78ee4c854967 [ 88.793145] RSP: 002b:00007fff2e49b3d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.793150] RAX: ffffffffffffffda RBX: 000000c577190030 RCX: 000078ee4c854967 [ 88.793153] RDX: 00007fff2e49b418 RSI: 000000004008646e RDI: 0000000000000009 [ 88.793157] RBP: 00007fff2e49b400 R08: 0000000000000000 R09: 00007fff2e49b5b0 [ 88.793160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 88.793163] R13: 000000c5770b26b8 R14: 00007fff2e49b418 R15: 000000004008646e
,
Mar 8 2018
> https://intel-gfx-ci.01.org/tree/drm-tip/CI_DRM_3321/shard-apl1/igt@gem_exec_reuse@contexts.html This link seems dead. On the other hand I found: https://bugs.freedesktop.org/show_bug.cgi?id=103638 [CI] igt@gem_exec_reuse@contexts - dmesg-warn - BUG: sleeping function called from invalid context at mm/vmalloc.c:1037 and corresponding fix: https://patchwork.freedesktop.org/patch/187309/ [v2] drm/i915: Reorder context-close to avoid calling i915_vma_close() under RCU Submitted by Chris Wilson on Nov. 9, 2017, 8:55 a.m. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=v4.16-rc1~31^2~35^2~101
,
Mar 9 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/a1cc11979068652fedd7280c491471adee019e48 commit a1cc11979068652fedd7280c491471adee019e48 Author: Chris Wilson <chris@chris-wilson.co.uk> Date: Fri Mar 09 03:28:47 2018 UPSTREAM: drm/i915: Reorder context-close to avoid calling i915_vma_close() under RCU When we close the VMA, we unbind it from the ppgtt and tear down the page directory pointing at it. That may trigger us to return WC pages back to the system, requiring conversion back to WB which itself may sleep. That makes i915_vma_close() unsuitable for use inside the RCU read lock, which we need to hold to iterate the radixtree. The fix is quite simple, we can close all the VMA as we close the ppgtt, we only need to do that instead of closing them during destruction of the LUT. v2: Order between closing the LUT and the ppgtt is important; we use the vma inside the LUT as a means of retrieving the object, and so we must clear the LUT before freeing the VMA when closing the ppgtt. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=103638 Fixes: 547da76b5777 ("drm/i915: Hold rcu_read_lock when iterating over the radixtree (vma idr)") Fixes: d1b48c1e7184 ("drm/i915: Replace execbuf vma ht with an idr") Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com> Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> Cc: Matthew Auld <matthew.william.auld@gmail.com> Link: https://patchwork.freedesktop.org/patch/msgid/20171109085540.32264-1-chris@chris-wilson.co.uk Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com> BUG= chromium:786400 TEST=Build and boot Change-Id: I72dc56ea80225184a1b40ce44944bf761d9e4c56 Signed-off-by: Guenter Roeck <groeck@chromium.org> (cherry picked from commit 94dec87159af6f3dcc0b78d3f909aefa9e29c01a) Reviewed-on: https://chromium-review.googlesource.com/955896 Reviewed-by: Stéphane Marchesin <marcheu@chromium.org> [modify] https://crrev.com/a1cc11979068652fedd7280c491471adee019e48/drivers/gpu/drm/i915/i915_gem_context.c
,
Mar 9 2018
|
||||
►
Sign in to add a comment |
||||
Comment 1 by groeck@chromium.org
, Nov 17 2017