[Bug 194731] New: drm general protection fault in drm_atomic_init

bugzilla-daemon at bugzilla.kernel.org bugzilla-daemon at bugzilla.kernel.org
Tue Feb 28 08:20:36 UTC 2017 

https://bugzilla.kernel.org/show_bug.cgi?id=194731

            Bug ID: 194731
           Summary: drm general protection fault in drm_atomic_init
           Product: Drivers
           Version: 2.5
    Kernel Version: 4.10.0
          Hardware: x86-64
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: high
          Priority: P1
         Component: Video(DRI - non Intel)
          Assignee: drivers_video-dri at kernel-bugs.osdl.org
          Reporter: janpieter.sollie at dommel.be
        Regression: No

I modified the drm_atomic.c a bit to be more verbose.  the drm_init calls a
general protection fault when allocating my second GPU(does it work this way?)
of the amdgpu module.
afterwards, the system is unable to allocate more kernel memory. init does not
even manage to reboot, I can not do sudo without segfault
dmesg:
[   77.946291] [drm] Cannot find any crtc or sizes - going 1024x768
[   77.946575] [drm] fb mappable at 0xC0CCB000
[   77.946576] [drm] vram apper at 0xC0000000
[   77.946577] [drm] size 786432
[   77.946578] [drm] fb depth is 24
[   77.946578] [drm]    pitch is 1024
[   77.950389] kcalloc called 
[   77.950390] kcalloc2 called 
[   77.950433] kcalloc called 
[   77.950444] general protection fault: 0000 [#1] SMP
[   77.950445] Modules linked in: amdkfd amdgpu(O+) amdttm(O) amdkcl(O)
ipt_MASQUERADE nf_nat_masquerade_ipv4 xt_nat iptable_nat nf_nat_ipv4 nf_nat
l2tp_ppp l2tp_netlink l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox
ppp_generic slhc deflate cmac af_key w83627ehf hwmon_vid k10temp fam15h_power
i2c_piix4 pcspkr
[   77.950462] CPU: 16 PID: 5094 Comm: kworker/16:2 Tainted: G           O   
4.10.0-rc8 #12
[   77.950463] Hardware name: Supermicro H8DG6/H8DGi/H8DG6/H8DGi, BIOS 2.0a    
  01/09/2012
[   77.950470] Workqueue: events work_for_cpu_fn
[   77.950471] task: ffff88183c027000 task.stack: ffffc90020cfc000
[   77.950476] RIP: 0010:__kmalloc+0x6f/0x100
[   77.950477] RSP: 0018:ffffc90020cff6b0 EFLAGS: 00010286
[   77.950478] RAX: 0000000000000000 RBX: ffff8818362628ff RCX:
0000000000000897
[   77.950479] RDX: 0000000000000896 RSI: 0000000000000000 RDI:
0000000000019b70
[   77.950479] RBP: ffffc90020cff6d0 R08: ffff88183fc19b70 R09:
ffffffff81417df1
[   77.950480] R10: 0000000000000300 R11: 0000000000000000 R12:
ff88183626296000
[   77.950481] R13: ffff88083f803a00 R14: 00000000014080c0 R15:
ffff88183602b238
[   77.950483] FS:  0000000000000000(0000) GS:ffff88183fc00000(0000)
knlGS:0000000000000000
[   77.950484] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.950485] CR2: 00005590d5ce93d8 CR3: 0000000001c11000 CR4:
00000000000406e0
[   77.950485] Call Trace:
[   77.950492]  drm_atomic_state_init+0x81/0xf0
[   77.950494]  drm_atomic_state_alloc+0x53/0x80
[   77.950497]  drm_fb_helper_pan_display+0xf4/0x2a0
[   77.950501]  fb_pan_display+0xd6/0x170
[   77.950502]  bit_update_start+0x24/0x60
[   77.950504]  fbcon_switch+0x3e2/0x670
[   77.950507]  redraw_screen+0x15d/0x220
[   77.950510]  ? tty_do_resize+0x4d/0xa0
[   77.950512]  vc_do_resize+0x4c3/0x4f0
[   77.950513]  vc_resize+0x1a/0x20
[   77.950515]  fbcon_init+0x40b/0x660
[   77.950516]  visual_init+0xce/0x130
[   77.950517]  do_bind_con_driver+0x1c1/0x3a0
[   77.950519]  do_take_over_console+0x113/0x180
[   77.950520]  do_fbcon_takeover+0x51/0xb0
[   77.950522]  fbcon_event_notify+0x75a/0x880
[   77.950525]  notifier_call_chain+0x44/0x70
[   77.950526]  __blocking_notifier_call_chain+0x4e/0x80
[   77.950528]  blocking_notifier_call_chain+0x11/0x20
[   77.950529]  fb_notifier_call_chain+0x16/0x20
[   77.950531]  register_framebuffer+0x200/0x340
[   77.950533]  drm_fb_helper_initial_config+0x201/0x390

piece of code that prints the "kcalloc(2) called":
drm_atomic_state_init(struct drm_device *dev, struct drm_atomic_state *state)
{
        kref_init(&(state->ref));

        /* TODO legacy paths should maybe do a better job about
         * setting this appropriately?
         */
        state->allow_modeset = true;

        state->crtcs = kcalloc(dev->mode_config.num_crtc, sizeof(struct
__drm_crtcs_state), GFP_KERNEL);
        printk("kcalloc called \n");
        if (!(state->crtcs))
                goto fail;
        state->planes = kcalloc(dev->mode_config.num_total_plane,
                                sizeof(struct __drm_planes_state), GFP_KERNEL);
        printk("kcalloc2 called \n");
        if (!(state->planes))
                goto fail;
        state->dev = dev;

        DRM_DEBUG_ATOMIC("Allocated atomic state %p\n", state);

        return 0;
fail:
        printk("fail called \n");
        drm_atomic_state_default_release(state);
        return -ENOMEM;
}
EXPORT_SYMBOL(drm_atomic_state_init);

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the dri-devel mailing list