• Chris Wilson's avatar
    drm/i915/ppgtt: Pin page directories before allocation · 751b01cb
    Chris Wilson authored
    Commit e2b763ca ("drm/i915: Remove bitmap tracking for used-pdpes")
    believed that because it did not insert its freshly allocated page
    directory into the pd tree, it was safe from the shrinker. I failed to
    heed the lesson learnt from commit dd19674b ("drm/i915: Remove bitmap
    tracking for used-ptes") that we need to pin all the levels in the tree
    before hitting the shrinker or else the shrinker may free an upper layer
    as we proceed to allocate the tree. Thus leaving dangling pointers
    everywhere and a GPF should we hit direct reclaim at just the wrong
    moment.
    
    CPU: 0 PID: 7374 Comm: chromium Tainted: P           O    4.14.13-1-ARCH #1
    Hardware name: Apple Inc. MacBookPro12,1/Mac-E43C1C25D4880AD6, BIOS MBP121.88Z.0167.B33.1706181928 06/18/2017
    task: ffff994f696c2c40 task.stack: ffffb1a789d4c000
    RIP: 0010:gen8_ppgtt_set_pde.isra.40+0x48/0x70 [i915]
    RSP: 0018:ffffb1a789d4f940 EFLAGS: 00010206
    RAX: 81c1788cc4f68138 RBX: ffff994f54db8000 RCX: ffff994f696c2c40
    RDX: 000000023bc73003 RSI: ffff994d598b6b80 RDI: ffff994f54db8000
    RBP: ffff994d598b6b80 R08: 0000000000000000 R09: 0000000000000000
    R10: ffffb1a789d4f550 R11: ffff994eaf3c3208 R12: 0000000000000027
    R13: 0000000000005000 R14: 0000000004e8f000 R15: ffff994f54dba000
    FS:  00007f585886aa00(0000) GS:ffff994faec00000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 00000000004ac8e8 CR3: 00000002552c8004 CR4: 00000000003606f0
    Call Trace:
     gen8_ppgtt_alloc_pdp+0x178/0x320 [i915]
     gen8_ppgtt_alloc_4lvl+0x5f/0x150 [i915]
     ppgtt_bind_vma+0x30/0x70 [i915]
     i915_vma_bind+0x68/0xd0 [i915]
     __i915_vma_do_pin+0x2d6/0x3a0 [i915]
     eb_lookup_vmas+0x7a2/0xb50 [i915]
     i915_gem_do_execbuffer+0x4d7/0x10e0 [i915]
     ? sock_wfree+0x34/0x60
     ? unix_stream_read_generic+0x1f9/0x7e0
     ? import_iovec+0x37/0xd0
     ? i915_gem_execbuffer2+0x5d/0x390 [i915]
     i915_gem_execbuffer2+0x1b7/0x390 [i915]
     ? i915_gem_execbuffer+0x2d0/0x2d0 [i915]
     drm_ioctl_kernel+0x59/0xb0 [drm]
     drm_ioctl+0x2d5/0x370 [drm]
     ? i915_gem_execbuffer+0x2d0/0x2d0 [i915]
     ? __seccomp_filter+0x3b/0x260
     do_vfs_ioctl+0xa1/0x610
     ? syscall_trace_enter+0xdb/0x2b0
     SyS_ioctl+0x74/0x80
     do_syscall_64+0x55/0x110
     entry_SYSCALL64_slow_path+0x25/0x25
    RIP: 0033:0x7f584fa82d27
    RSP: 002b:00007ffee14a7828 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
    RAX: ffffffffffffffda RBX: 000003b0126a1030 RCX: 00007f584fa82d27
    RDX: 00007ffee14a7870 RSI: 0000000040406469 RDI: 0000000000000080
    RBP: 00007ffee14a7870 R08: 0000000000000002 R09: 0000000000000077
    R10: 00007f5839f2b780 R11: 0000000000000246 R12: 0000000040406469
    R13: 0000000000000080 R14: 00007f5842b00040 R15: 0000000000000000
    Code: 01 00 83 81 58 0a 00 00 01 48 2b 05 13 9d fd c9 48 c1 f8 06 48 c1 e0 0c 48 8d 04 d0 48 8b 56 08 48 03 05 0c 9d fd c9 48 83 ca 03 <48> 89 10 83 a9 58 0a 00 00 01 65 ff 0d 37 03 fb 3e 74 02 f3 c3
    RIP: gen8_ppgtt_set_pde.isra.40+0x48/0x70 [i915] RSP: ffffb1a789d4f940
    Reported-by: default avatarEric Blau <eblau@eblau.com>
    Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=104773
    Fixes: e2b763ca ("drm/i915: Remove bitmap tracking for used-pdpes")
    References: dd19674b ("drm/i915: Remove bitmap tracking for used-ptes")
    Testcase: igt/drv_selftest/live_gtt (igt_ppgtt_shrink_boom)
    Signed-off-by: default avatarChris Wilson <chris@chris-wilson.co.uk>
    Cc: Matthew Auld <matthew.auld@intel.com>
    Link: https://patchwork.freedesktop.org/patch/msgid/20180131214440.7141-1-chris@chris-wilson.co.ukReviewed-by: default avatarMatthew Auld <matthew.auld@intel.com>
    (cherry picked from commit b715a2f0)
    Signed-off-by: default avatarRodrigo Vivi <rodrigo.vivi@intel.com>
    751b01cb
i915_gem_gtt.c 106 KB