Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754807AbcDTKpK (ORCPT ); Wed, 20 Apr 2016 06:45:10 -0400 Received: from eu-smtp-delivery-143.mimecast.com ([207.82.80.143]:52852 "EHLO eu-smtp-delivery-143.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932117AbcDTKpF convert rfc822-to-8bit (ORCPT ); Wed, 20 Apr 2016 06:45:05 -0400 Subject: Re: Nouveau crashes in 4.6-rc on arm64 To: Alexandre Courbot , , , References: <57064992.1060509@arm.com> <570737F5.30105@nvidia.com> <5707FC9F.50905@arm.com> <570B50B4.4020304@nvidia.com> <571706FF.1010300@nvidia.com> CC: From: Robin Murphy Message-ID: <57175DA7.3000505@arm.com> Date: Wed, 20 Apr 2016 11:44:55 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <571706FF.1010300@nvidia.com> X-Originating-IP: [217.140.96.140] X-ClientProxiedBy: AM4PR01CA0036.eurprd01.prod.exchangelabs.com (10.164.74.174) To VI1PR08MB1199.eurprd08.prod.outlook.com (10.166.45.152) X-MS-Office365-Filtering-Correlation-Id: bf97192d-0ee3-420c-3679-08d36908d1d9 X-Microsoft-Exchange-Diagnostics: 1;VI1PR08MB1199;2:BjkDn4HY5oH0ZSq7zcSZYVEeBpt8juoxKZ+EsteQN1ARApJYTz0mzoIeVCvuaqSAGX5HxnOyimim+kF0BDvoqrx5qSkXcFD8O5I640uzvcRK6zpwAB3EVdQ4m9Mxsa2ggtjT7oRnN2knzrfk2ivxkG6fbqE64Dg7aTqo8DYPVSCznMa1S573WNil7Sj20S1v;3:hMvbfIEp825EMNiYgasmMA6z1+2NhiHBtPlhGvdjFCNfDpT8+Er270nctFS423tXhOUfjoAWDRjoKkFpq24lPFFSGHn7DDfREx4ePVMjq346ujJB4PrdPSFzUg3Zxn+e X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR08MB1199; X-Microsoft-Exchange-Diagnostics: 1;VI1PR08MB1199;25:dmLc71VcwPDoKxJ6bu8iB6L4Swx78wunfvkCzhZSD0sL50ZXARtm1wsLWuj264PDsJWP5HVSbaTWGycD6TUpW2/o/0yz7+f2mQDXwN9XBWUgj7M8YczH+7ftSz87Idx71sTOfwVH/b31ocHNlby9pl8QpqyyMw7zSWLHCVdKpLPBWLjx5I8e/og9ha65hY0d08QYIQF3+QRLPsezVrW+0JLeHgCvJ4Ba2Vi7itLfY8Czko2LY7/wsOzs8c13So+HiUg6TLqNHd0pNPzCgvIhfOlWz0hQ8NWHryvOsLp+TSRMTocyXJz3kY3lPtJM2kTxaVsMJ0Y3PZ6t2EJQr2AjpY0ZZaruDcvW2038ALnJF9WSQYUZ947+RWVG6MlW8znGE5o9yr+Lw70kEDJFhCQIm7YUjcjZkGg5jQP+OgvWord3dBJv61Jcihtw/BE6/zQwQ9NQfdZpLVTlk95Uq5JdT3rirVMIK6u5d14RZpLyfQYGI0/uogZCFozFV/+OQAJYJgubADf+duMHdnih9ufzT8AoIu+P3/yGFjfGOCcgjJEm4g6GLlHbfBgu+tKbZWszaw5JgnmmI3EtoTlWumQz8/93zJpaQfQSGHsy3O7jMSczyl3HGUDxT03V6oGee8G8XQz/68wwwDSkZjq9C680CtBO4IBW6VjIz2LNxNS/lJRz5yiGPQs/l8IGaXm+941M;20:QGjWZGJU1qka9QtCp9rkiy4zLO/YGapGpvnW1Vs+l+pR1wNsInxNOFSgsJgfy1iy0t03QBoW9UpKgsxE4VoIuCip4BVX0OzHQeI/+FjhfEcalILx3pa59pWki6l6uF41puHKpo+2/9oZxxZihmZDAFHrXwUMUnSH+9zb4QBwIukk/BcNvZc651/32Nl1WYzCuvyVL182czocxTvjmKfIj4Zj1pWDCL6rn4p5s3cy77L9niwApOaiE3qSIHQ9h0xq X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(9101521026)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046);SRVR:VI1PR08MB1199;BCL:0;PCL:0;RULEID:;SRVR:VI1PR08MB1199; X-Microsoft-Exchange-Diagnostics: 1;VI1PR08MB1199;4:pBzvnUfsZzMCvOFYz5QxoABqYilepXG+JX8qjHF3MTDv9DaMrdVy7nGTegvGeJElx5oQvQz82v78GuwPD64wAsVOv+vd6jWvmDNfwfCv26S1OwkZ+NfgSnM86S0eotJergMbX+oFws/Bbh4ZixhSuSAk3aGDlNCUZUpTOiz3xCMr8/Gpz9414z1gSb/Go9VuLYV5Kw+AOVwzYMiTxBaOfMpjJ0iWh9VPFo9zG/Q0k3/gwq2vpoxNojXxJ4ckSlza2H8TGksT8iXbgT6DCR82eHDso3/yglk/5YqqKaydToSvdd/2gSFBcdOGucGvK/SYqd55T923gFuXZVTvLbh3MaAULpO5BzQT41TS0+k49d4B0c2nLKJB577BQgzvwf0vV2jaW/MgeYHLEzgSlMvcQA== X-Forefront-PRVS: 0918748D70 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(40434004)(24454002)(42186005)(99136001)(54356999)(65806001)(76176999)(87266999)(93886004)(86362001)(80316001)(1096002)(65816999)(2906002)(189998001)(64126003)(5008740100001)(2201001)(4326007)(81166005)(23746002)(3846002)(77096005)(92566002)(5001770100001)(586003)(2950100001)(66066001)(83506001)(36756003)(5890100001)(5004730100002)(6116002)(50986999)(4001350100001)(50466002)(65956001)(33656002)(2101003);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR08MB1199;H:[10.1.205.154];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;VI1PR08MB1199;23:YZxbEo7x/pFsSUHOz+JU01a4GCaL8Vb96gOzs?= =?Windows-1252?Q?jcxBzZP/Ojb30nS0+JAb4luT2eEhDS3Q7YhpRZhCrYeYLGoynEEGvveb?= =?Windows-1252?Q?Bg/rGu/yI+lyrgAM2rjhl/NBGRG9mWoF6NcvqpGz21+7G+SDlh7YJKLA?= =?Windows-1252?Q?mzHyQvogOzUswhhcOXnFwLYY9LB6+JgvrRetjQcWDqJI4LRy6cOtOev9?= =?Windows-1252?Q?MjSJToNOtcARSr6/fb33gqNpAzdA38N1T0h/7yoZONEfld8VMDNsZiFb?= =?Windows-1252?Q?VJo23fiL2sjC/E5ZbSaO7lFRyYW0vWAXudZQBe/eRYKxw8HFTk14/VGw?= =?Windows-1252?Q?aIgo3ux3LHU6bUtvTez16/sw2ErhFBoQfkqlVqEhPC7LxR6x6klfmfux?= =?Windows-1252?Q?nwMrp3JJKz7GZoGzBcFfAC9F5xjBN9CBI2H+x961QN5TZvPHoQPdNhsr?= =?Windows-1252?Q?FccGJ0vWthkNs+3Xtt48MIx3KxOyhUS0JNCToFqsbrXC5+YiqSCRvSa4?= =?Windows-1252?Q?xZ84rSEV1u+LR2zzQK9wc+PNHPFPzwpiR/ACQIsZotPGDfbcFXJ2lyRG?= =?Windows-1252?Q?s9QM+tQmprXaB4/QTrYgHsPArS5xmLWgdX+4EhwYzS/k8TvvDV9Z5Ic7?= =?Windows-1252?Q?juVriV9VcspAwc001XEt3r4iowd1lP9ApPldn7kBVxHHhj4ipGh1cVZM?= =?Windows-1252?Q?N0P6fVinzvZCiZ+9AOYcdeEGM11xbroZvXx24ga/DeaUpia7gXYJc8T6?= =?Windows-1252?Q?e9wifnrjIj+7uR186FVEAnrlWPSnbvMcUCUvRED+MUhZZfdV6mbqukoe?= =?Windows-1252?Q?XzhizU9fKhNZiKlbEB8ouyXBgAETDUumHqCecFwukS0pskkJ2HKH+uVe?= =?Windows-1252?Q?nnMwujsi5j3NZ7KzPVkDbziKT8cZPnUMBTvY23hE3jdAwqqTNiomX1oP?= =?Windows-1252?Q?umaK226irgmJ6P7qZrXikraUJNFcgJ7OOSbkfjQBS2HYR5cncawur7ZK?= =?Windows-1252?Q?Jnuc68DU05LClrcGcEKNjYSDDzLie1WlLg4hGzFB4nqyE77FV2WtLM/T?= =?Windows-1252?Q?BSzq9YuM2kFNmc69Wsz0AQLZyMsFWZc9gjI+r6VvRqTV008hWEe5Y4wI?= =?Windows-1252?Q?LEPUb5W/a2O29ksDKAJbHKHximfXDuoGVuVzLP/raG5F1Ue0q3oXhys8?= =?Windows-1252?Q?6KB3cvtpQ=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;VI1PR08MB1199;5:8JnRHqA19x1D4E3h6yWuqF7DkKXwWXGFqEGIeiXCDbBRN12HcbyvZev4JqZqwHtOnUzXC16bPn0zd7wJgJZBkIFfjayQaBlwEk1TN0tyQEPxkQBj5x2AISlZGkS50iM4uiRhx3dDbt/5bl/7t3OMxokJhlQVr8LnT5z/6hwpTHtkKRJmu7Dlzq0/5jjr7Yde;24:IutC86qhNGqDbDtokkYfYGGIIQGRXUSr5jA/zRc2oIiOIIjV4PBrHzyirt2v90TlF+3LnOsvTHrgYs99SMyXTCcgXt1cyxhYWd6K32FwJy4=;7:g5RCFr8ugmjeICTSoaSlLOT2la2G9lqy+bxYdo6/6i2sbqUCCSX3ykyQSiVSvWtygRgCf00a2Q5cH3CbBWIvdExzh1H+NptnDQVH4SA8OwyPOcKeYexoM0N2ldDYCmIkpngrx6wLD1HpnV+JclqOrHF6sl9kpFdbvXJfoG1xFuS2bwHAa4zpLSpY5r6+gUjCpmywmNHl556kKKZreF/O8ATV069JXxDhvVXXhraWGas=;20:NDcBatnH4AOqHXYV5dLuI1mTATFdovYx3mZy++fVAHhDsgkx7tYmTRJyQWkUvWK8+OlsWliX85oTPd/q4i6Cv37I4QXKng9TOJ1JDbqk5S9POsxnWKrkeCDpqL2Bol8KQcufK06/gJWY1FKWgEs5MTXzD6dMs1CXXaRPoAqWBck= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2016 10:44:58.7887 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB1199 X-MC-Unique: rD2i-pq8RGyn3Lym8ichWg-1 Content-Type: text/plain; charset=WINDOWS-1252; format=flowed Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2302 Lines: 43 Hi Alex, On 20/04/16 05:35, Alexandre Courbot wrote: [...] >>> Bisection came down to 1733a2ad3674("drm/nouveau/device/pci: set as >>> non-CPU-coherent on ARM64"), and sure enough reverting that removes the >>> crash. >> >> Thanks for taking the time to bisect this. And apologies as it seems my >> commit is the reason for your troubles. >> >> The CPU coherency flag is used for two things: explicitly sync buffers >> pages when required, and allocating buffers that are not explicitly >> synced (like fences or pushbuffers) using the DMA API. For this latter >> use, it also accesses the buffer's content using the mapping provided by >> dma_alloc_coherent() instead of creating a new one. All nouveau_bos are >> supposed to be written using nouveau_bo_rd32(), and this function >> handles the case of an DMA-API allocated object by detecting that the >> result of ttm_kmap_obj_virtual() is NULL. >> >> But as it turns out, OUT_RINGp() also calls ttm_kmap_obj_virtual() in >> order to perform a memcpy and uses its result directly - which means we >> are doing memcpy on a NULL pointer. We never caught this because we >> typically do not use Nouveau's fbcon with an ARM setup. >> >> I don't really like this special access for coherent objects, and >> actually had a patch in my tree to attempt to remove it (attached). >> Although it is not the whole solution (see below), the issue should at >> least not be visible with it applied - could you confirm? > > Hi Robin, could you confirm whether the attached patch in my previous > mail helps with your problem? With that patch on top of -rc4, it's conjuring up something that looks somewhat more like a real address on top of the offset, as it now crashes with "Unable to handle kernel paging request at virtual address ffffff8008f841ac", rather than the previous "Unable to handle kernel NULL pointer dereference at virtual address 000001ac". That does of course mean it still crashes in the same place, though :( Robin. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.