[PATCH 4.9 097/120] drm: Initialise drm_mm.head_node.allocated
From: Greg Kroah-Hartman
Date: Wed Jan 18 2017 - 05:56:11 EST
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
commit cc98e6ce6abe1c0103cbd7aff1ee586622a9361e upstream.
commit 202b52b7fbf7 ("drm: Track drm_mm nodes with an interval tree")
introduced a requirement that the special drm_mm.head_node was
initialised and marked as not being allocated. It is a very special node
that has no side but has a hole that represents the drm_mm address
space, and holds the list of nodes. Since it is not a real node, it is
not part of the node rbtree and we detect this as it being unallocated.
This presumed that drm_mm_init() was initialising it to zero. It happens
that i915 kzallocs its objects and so it was accidentally setting it,
but for generic use we cannot make that assumption.
[ 22.981519] general protection fault: 0000 [#1] SMP
[ 22.981521] Modules linked in: test_drm_mm(+) ctr ccm arc4 rt2800usb rt2x00usb rt2800lib rt2x00lib crc_ccitt mac80211 cmac rfcomm bnep snd_hda_codec_realtek snd_hda_codec_hdmi snd_hda_codec_generic snd_hda_intel dcdbas snd_hda_codec x86_pkg_temp_thermal intel_powerclamp btusb snd_hda_core coretemp crct10dif_pclmul cfg80211 btrtl btbcm btintel bluetooth crc32_pclmul ghash_clmulni_intel aesni_intel snd_pcm i2c_hid aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd snd_timer hid_multitouch snd joydev serio_raw lpc_ich mfd_core i2c_designware_platform i2c_designware_core 8250_dw binfmt_misc soundcore acpi_pad nls_iso8859_1 usbhid hid psmouse ahci libahci [last unloaded: test_drm_mm]
[ 22.981544] CPU: 1 PID: 2088 Comm: drm_mm Tainted: G W 4.9.0-rc7+ #234
[ 22.981545] Hardware name: Dell Inc. XPS 13 9343/0310JH, BIOS A07 11/11/2015
[ 22.981546] task: ffff88020c971cc0 task.stack: ffffc90001728000
[ 22.981547] RIP: 0010:[<ffffffff814050f0>] [<ffffffff814050f0>] drm_mm_interval_tree_add_node+0xa0/0xd0
[ 22.981551] RSP: 0018:ffffc9000172ba98 EFLAGS: 00010202
[ 22.981552] RAX: 0f0000c69cf63d80 RBX: ffff88020be00000 RCX: ffff88020be00000
[ 22.981553] RDX: 0000000000000fff RSI: ffffc9000172bc48 RDI: ffffffff810ac4df
[ 22.981553] RBP: ffffc9000172bb08 R08: ffffc9000172bc70 R09: 0000000000000fff
[ 22.981554] R10: ffffffff810ac4d7 R11: 4dc04d8b4cffffe5 R12: 0000000000001000
[ 22.981555] R13: ffffc9000172bbd0 R14: ffffc9000172bbe0 R15: 0000000002000000
[ 22.981556] FS: 00007f80c9fab740(0000) GS:ffff88021f480000(0000) knlGS:0000000000000000
[ 22.981557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.981558] CR2: 00007f80c9fd5000 CR3: 000000020c191000 CR4: 00000000003406e0
[ 22.981559] Stack:
[ 22.981560] ffffffff81405d09 ffff88020be00000 ffffc9000172bbe0 000000000172bb08
[ 22.981562] ffffffffffffffff 0000000000000000 0000000000000000 0000000000000000
[ 22.981563] 0000000002000000 0000000002000000 ffffffffa02f3000 ffff88020be00000
[ 22.981565] Call Trace:
[ 22.981568] [<ffffffff81405d09>] ? drm_mm_insert_node_generic+0x229/0x310
[ 22.981570] [<ffffffffa02f3000>] ? 0xffffffffa02f3000
[ 22.981572] [<ffffffffa02903c1>] __subtest_insert_range.constprop.7+0xd1/0x5b0 [test_drm_mm]
[ 22.981575] [<ffffffff81081222>] ? default_wake_function+0x12/0x20
[ 22.981576] [<ffffffff81096905>] ? __wake_up_common+0x55/0x90
[ 22.981578] [<ffffffff81085f42>] ? sched_clock_cpu+0x72/0xa0
[ 22.981581] [<ffffffff811308ad>] ? irq_work_queue+0xd/0x80
[ 22.981582] [<ffffffff810abcc4>] ? wake_up_klogd+0x34/0x40
[ 22.981584] [<ffffffff810ac19d>] ? console_unlock+0x4cd/0x530
[ 22.981585] [<ffffffff810ac4d7>] ? vprintk_emit+0x2d7/0x490
[ 22.981587] [<ffffffff810ac82f>] ? vprintk_default+0x1f/0x30
[ 22.981589] [<ffffffff81146e1c>] ? printk+0x4d/0x4f
[ 22.981590] [<ffffffffa02f3000>] ? 0xffffffffa02f3000
[ 22.981592] [<ffffffffa02908b5>] subtest_insert_range+0x15/0x80 [test_drm_mm]
[ 22.981594] [<ffffffffa02f3088>] test_drm_mm_init+0x88/0x1000 [test_drm_mm]
[ 22.981597] [<ffffffff8100043d>] do_one_initcall+0x3d/0x150
[ 22.981600] [<ffffffff8119dfbf>] ? kfree+0x13f/0x180
[ 22.981602] [<ffffffff811471f2>] do_init_module+0x60/0x1f1
[ 22.981606] [<ffffffff810db878>] load_module+0x2228/0x2790
[ 22.981608] [<ffffffff810d8590>] ? __symbol_put+0x40/0x40
[ 22.981612] [<ffffffff811c52b1>] ? kernel_read+0x41/0x60
[ 22.981614] [<ffffffff810dbfb6>] SYSC_finit_module+0x96/0xd0
[ 22.981617] [<ffffffff810dc00e>] SyS_finit_module+0xe/0x10
[ 22.981620] [<ffffffff816e7aa4>] entry_SYSCALL_64_fastpath+0x17/0x98
[ 22.981622] Code: c7 41 30 00 00 00 00 48 89 e5 48 89 3a 48 c7 c2 20 4e 40 81 e8 b2 a1 f0 ff 5d c3 48 8d 56 78 45 31 d2 48 89 d6 eb 25 48 8b 51 58 <48> 39 50 38 73 04 48 89 50 38 4c 8b 58 28 4c 39 59 48 48 8d 50
[ 22.981651] RIP [<ffffffff814050f0>] drm_mm_interval_tree_add_node+0xa0/0xd0
[ 22.981655] RSP <ffffc9000172ba98>
Testcase: igt/drm_mm
Fixes: 202b52b7fbf7 ("drm: Track drm_mm nodes with an interval tree")
Signed-off-by: Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>
Cc: David Herrmann <dh.herrmann@xxxxxxxxx>
Cc: dri-devel@xxxxxxxxxxxxxxxxxxxxx
Cc: Daniel Vetter <daniel.vetter@xxxxxxxx>
Cc: <drm-intel-fixes@xxxxxxxxxxxxxxxxxxxxx> # v4.9-rc1+
Signed-off-by: Daniel Vetter <daniel.vetter@xxxxxxxx>
Link: http://patchwork.freedesktop.org/patch/msgid/20161130205126.31106-1-chris@xxxxxxxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/gpu/drm/drm_mm.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/gpu/drm/drm_mm.c
+++ b/drivers/gpu/drm/drm_mm.c
@@ -839,6 +839,7 @@ void drm_mm_init(struct drm_mm * mm, u64
/* Clever trick to avoid a special case in the free hole tracking. */
INIT_LIST_HEAD(&mm->head_node.node_list);
+ mm->head_node.allocated = 0;
mm->head_node.hole_follows = 1;
mm->head_node.scanned_block = 0;
mm->head_node.scanned_prev_free = 0;