* etnaviv OOPS, NULL pointer dereference on Linux 6.0.2
@ 2022-10-19 16:54 Francesco Dolcini
2022-10-28 7:02 ` Francesco Dolcini
0 siblings, 1 reply; 2+ messages in thread
From: Francesco Dolcini @ 2022-10-19 16:54 UTC (permalink / raw)
To: Lucas Stach, Russell King, Christian Gmeiner, etnaviv
Cc: linaro-mm-sig, dri-devel
Hello all,
I got the following Oops, on a Apalis iMX6 Dual with 512MB RAM,
running glmark2 tests with the system under memory pressure (OOM
Killer!).
It's not something systematic and I cannot tell if this is a regression
or not, any suggestion? The system just froze afterward.
[ 0.000000] Booting Linux on physical CPU 0x0
[ 0.000000] Linux version 6.0.2-6.1.0-devel+git.dab08f7eecdf (oe-user@oe-host) (arm-tdx-linux-gnueabi-gcc (GCC) 11.3.0, GNU ld (GNU Binutils) 2.38.20220708) #1 SMP Sat Oct 15 06:02:59 UTC 2022
[ 0.000000] CPU: ARMv7 Processor [412fc09a] revision 10 (ARMv7), cr=10c5387d
[ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache
[ 0.000000] OF: fdt: Machine model: Toradex Apalis iMX6Q/D Module on Ixora Carrier Board V1.1
...
[ 1.749471] etnaviv etnaviv: bound 130000.gpu (ops gpu_ops)
[ 1.750527] etnaviv etnaviv: bound 134000.gpu (ops gpu_ops)
[ 1.751522] etnaviv etnaviv: bound 2204000.gpu (ops gpu_ops)
[ 1.751566] etnaviv-gpu 130000.gpu: model: GC2000, revision: 5108
[ 1.753141] etnaviv-gpu 134000.gpu: model: GC320, revision: 5007
[ 1.753392] etnaviv-gpu 2204000.gpu: model: GC355, revision: 1215
[ 1.753421] etnaviv-gpu 2204000.gpu: Ignoring GPU with VG and FE2.0
[ 1.756559] [drm] Initialized etnaviv 1.3.0 20151214 for etnaviv on minor 0
...
[ 480.994256] Out of memory: Killed process 1740 (Qt5_CinematicEx) total-vm:242656kB, anon-rss:105212kB, file-rss:9864kB, shmem-rss:1304kB, UID:0 pgtables:192kB oom_score_adj:0
[ 481.068691] 8<--- cut here ---
[ 481.072037] Unable to handle kernel NULL pointer dereference at virtual address 00000004
[ 481.080366] [00000004] *pgd=00000000
[ 481.083994] Internal error: Oops: 805 [#1] SMP ARM
[ 481.088813] Modules linked in: 8021q imx_sdma virt_dma coda_vpu v4l2_jpeg imx_vdoa dw_hdmi_ahb_audio fuse
[ 481.098458] CPU: 1 PID: 1755 Comm: QSGRenderThread Not tainted 6.0.2-6.1.0-devel+git.dab08f7eecdf #1
[ 481.107619] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
[ 481.114157] PC is at etnaviv_gem_free_object+0x40/0x128
[ 481.119412] LR is at lock_is_held_type+0xa4/0x15c
[ 481.124138] pc : [<c0787f90>] lr : [<c0e46250>] psr: 60030113
[ 481.130421] sp : e1155da8 ip : 00000000 fp : 0000000c
[ 481.135670] r10: c34ef400 r9 : c262066c r8 : 00000122
[ 481.140916] r7 : c2153000 r6 : c2153000 r5 : 00000870 r4 : c25f24a0
[ 481.147460] r3 : 00000000 r2 : 00000000 r1 : 00000100 r0 : 00000000
[ 481.153997] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
[ 481.161143] Control: 10c5387d Table: 2caf004a DAC: 00000051
[ 481.166896] Register r0 information: NULL pointer
[ 481.171615] Register r1 information: non-paged memory
[ 481.176694] Register r2 information: NULL pointer
[ 481.181429] Register r3 information: NULL pointer
[ 481.181441] Register r4 information: slab kmalloc-128 start c25f2480 pointer offset 32 size 128
[ 481.186173] Register r5 information: non-paged memory
[ 481.186181] Register r6 information: slab kmalloc-512 start c2153000 pointer offset 0 size 512
[ 481.199953] Register r7 information: slab kmalloc-512 start c2153000 pointer offset 0 size 512
[ 481.199975] Register r8 information: non-paged memory
[ 481.199983] Register r9 information: slab kmalloc-2k start c2620000 pointer offset 1644 size 2048
[ 481.222276] Register r10 information: slab kmalloc-1k start c34ef400 pointer offset 0 size 1024
[ 481.222297] Register r11 information: non-paged memory
[ 481.245038] Register r12 information: NULL pointer
[ 481.245056] Process QSGRenderThread (pid: 1755, stack limit = 0xd30acffa)
[ 481.245070] Stack: (0xe1155da8 to 0xe1156000)
[ 481.245084] 5da0: c0787f50 fffffff4 00000870 c8102400 c212f000 c2620000
[ 481.245094] 5dc0: c262066c c34ef400 0000000c c078693c 00000003 00000000 00000000 c07e2960
[ 481.245103] 5de0: c2153000 042beef1 c2153a00 c2620000 c8102400 c8102940 c34ef5e4 c07324ec
[ 481.245112] 5e00: c262066c c34ef400 0000000c c2153a00 c2620000 c34ef400 e1155e6c c0732a5c
[ 481.245121] 5e20: c00c642e 0000000c c212f000 0000000c c0f6d968 e1155e6c c34ef400 c0723448
[ 481.245130] 5e40: 0000e280 00000001 c12b5820 c212f000 aed13e60 e1155e6c 0000002e c2f39000
[ 481.245138] 5e60: c0732e44 00000051 00000000 00000000 00000000 0000000c c212f000 c212f7a0
[ 481.318348] 5e80: 00000000 c018b61c c212f000 c16e0d20 c03514d8 c156155c 60070013 c0193790
[ 481.318369] 5ea0: b28a3000 00000254 c6d00280 00000001 00000000 042beef1 00000009 00004000
[ 481.318378] 5ec0: c212f000 c3caf280 00000001 c2f39000 00000028 c03514f0 00000000 00000000
[ 481.342916] 5ee0: c03513f0 c212f7a0 00000000 042beef1 aed13e60 c00c642e c2f39001 c0100080
[ 481.342928] 5f00: aed13e60 c212f000 c2f39000 c25b8710 00000009 c0342234 00000000 042beef1
[ 481.342938] 5f20: c36866e0 80000007 c212f000 b28a311c c3686680 c36866e0 e1155fb0 80000007
[ 481.342948] 5f40: c212f000 c0e516b0 aefd7cd0 c01d34b0 000001e0 00000000 00000000 00000000
[ 481.342958] 5f60: 00000193 00000007 c160fd90 b28a311c e1155fb0 c0e51500 0000021c 042beef1
[ 481.342969] 5f80: adf87818 aed13e90 aed13e60 c00c642e 00000036 c01002b4 c212f000 00000036
[ 481.342978] 5fa0: adf87818 c0100080 aed13e90 aed13e60 00000009 c00c642e aed13e60 aed13e40
[ 481.342988] 5fc0: aed13e90 aed13e60 c00c642e 00000036 00000001 0000021c 00870000 adf87818
[ 481.408411] 5fe0: 00000036 aed13e28 b6088089 b6001ae6 60070030 00000009 00000000 00000000
[ 481.408431] etnaviv_gem_free_object from etnaviv_gem_prime_import_sg_table+0x12c/0x160
[ 481.408469] etnaviv_gem_prime_import_sg_table from drm_gem_prime_import_dev+0x98/0x150
[ 481.408509] drm_gem_prime_import_dev from drm_gem_prime_fd_to_handle+0x188/0x1f8
[ 481.408528] drm_gem_prime_fd_to_handle from drm_ioctl+0x1e8/0x3a0
[ 481.408545] drm_ioctl from sys_ioctl+0x530/0xdbc
[ 481.408571] sys_ioctl from ret_fast_syscall+0x0/0x1c
[ 481.408587] Exception stack(0xe1155fa8 to 0xe1155ff0)
[ 481.408599] 5fa0: aed13e90 aed13e60 00000009 c00c642e aed13e60 aed13e40
[ 481.408608] 5fc0: aed13e90 aed13e60 c00c642e 00000036 00000001 0000021c 00870000 adf87818
[ 481.477625] 5fe0: 00000036 aed13e28 b6088089 b6001ae6
[ 481.477641] Code: e5962174 e59f80e0 e3a01c01 e1a07006 (e5823004)
[ 481.477819] ---[ end trace 0000000000000000 ]---
Francesco
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: etnaviv OOPS, NULL pointer dereference on Linux 6.0.2
2022-10-19 16:54 etnaviv OOPS, NULL pointer dereference on Linux 6.0.2 Francesco Dolcini
@ 2022-10-28 7:02 ` Francesco Dolcini
0 siblings, 0 replies; 2+ messages in thread
From: Francesco Dolcini @ 2022-10-28 7:02 UTC (permalink / raw)
To: etnaviv, linaro-mm-sig, dri-devel; +Cc: Russell King, Francesco Dolcini
On Wed, Oct 19, 2022 at 06:54:59PM +0200, Francesco Dolcini wrote:
> Hello all,
> I got the following Oops, on a Apalis iMX6 Dual with 512MB RAM,
> running glmark2 tests with the system under memory pressure (OOM
> Killer!).
>
> It's not something systematic and I cannot tell if this is a regression
> or not, any suggestion? The system just froze afterward.
>
> [ 480.994256] Out of memory: Killed process 1740 (Qt5_CinematicEx) total-vm:242656kB, anon-rss:105212kB, file-rss:9864kB, shmem-rss:1304kB, UID:0 pgtables:192kB oom_score_adj:0
> [ 481.068691] 8<--- cut here ---
> [ 481.072037] Unable to handle kernel NULL pointer dereference at virtual address 00000004
> [ 481.080366] [00000004] *pgd=00000000
> [ 481.083994] Internal error: Oops: 805 [#1] SMP ARM
> [ 481.088813] Modules linked in: 8021q imx_sdma virt_dma coda_vpu v4l2_jpeg imx_vdoa dw_hdmi_ahb_audio fuse
> [ 481.098458] CPU: 1 PID: 1755 Comm: QSGRenderThread Not tainted 6.0.2-6.1.0-devel+git.dab08f7eecdf #1
> [ 481.107619] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
> [ 481.114157] PC is at etnaviv_gem_free_object+0x40/0x128
> [ 481.119412] LR is at lock_is_held_type+0xa4/0x15c
Just hit another OOPS in etnaviv/DRM, but in another function (FWIW kernel
6.0.5 now). Unfortunately I have no systematic reproducer for this
either.
[ 127.887596] Out of memory: Killed process 1358 (weston) total-vm:57820kB, anon-rss:11228kB, file-rss:1836kB, shmem-rss:16456kB, UID:0 pgtables:60kB oom_score_adj:0
[ 127.985396] 8<--- cut here ---
[ 127.988856] Unable to handle kernel NULL pointer dereference at virtual address 00000054
[ 127.997042] [00000054] *pgd=00000000
[ 128.000660] Internal error: Oops: 5 [#1] SMP ARM
[ 128.005290] Modules linked in: 8021q cfg80211 imx_sdma virt_dma coda_vpu v4l2_jpeg imx_vdoa dw_hdmi_ahb_audio fuse
[ 128.015690] CPU: 1 PID: 1358 Comm: weston Not tainted 6.0.5-6.1.0-devel+git.3829606fc5df #1
[ 128.024056] Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
[ 128.030591] PC is at drm_sched_job_cleanup+0x1c/0x13c
[ 128.035663] LR is at etnaviv_ioctl_gem_submit+0x9ac/0x1364
[ 128.041164] pc : [<c07716c0>] lr : [<c0785334>] psr: a00d0013
[ 128.047438] sp : e0f69d78 ip : 00000003 fp : fffffff4
[ 128.052670] r10: c2d07000 r9 : dd581a00 r8 : c1bf2298
[ 128.057901] r7 : dd581a00 r6 : c2d07000 r5 : c37fe500 r4 : e0f69e6c
[ 128.064435] r3 : 7ff302d8 r2 : 7ff302d8 r1 : 00000000 r0 : 00000000
[ 128.070970] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
[ 128.078115] Control: 10c5387d Table: 1337404a DAC: 00000051
[ 128.083866] Register r0 information: NULL pointer
[ 128.088585] Register r1 information: NULL pointer
[ 128.093300] Register r2 information: non-paged memory
[ 128.098361] Register r3 information: non-paged memory
[ 128.103422] Register r4 information: 2-page vmalloc region starting at 0xe0f68000 allocated at kernel_clone+0x50/0x40c
[ 128.114167] Register r5 information: slab kmalloc-128 start c37fe500 pointer offset 0 size 128
[ 128.122826] Register r6 information: slab task_struct start c2d07000 pointer offset 0
[ 128.130706] Register r7 information: slab kmalloc-512 start dd581a00 pointer offset 0 size 512
[ 128.139357] Register r8 information: non-slab/vmalloc memory
[ 128.145039] Register r9 information: slab kmalloc-512 start dd581a00 pointer offset 0 size 512
[ 128.153733] Register r10 information: slab task_struct start c2d07000 pointer offset 0
[ 128.161683] Register r11 information: non-paged memory
[ 128.166845] Register r12 information: non-paged memory
[ 128.172007] Process weston (pid: 1358, stack limit = 0x9a050b52)
[ 128.178036] Stack: (0xe0f69d78 to 0xe0f6a000)
[ 128.182405] 9d60: c1bf2298 7ff302d8
[ 128.190592] 9d80: 00000cc0 e0f69e6c c37fe500 00000010 c2aff800 c0785334 0000000a 00000000
[ 128.198783] 9da0: c0721238 00000000 c308b600 00000010 c37fe500 e0f69e6c 00000005 00000001
[ 128.206972] 9dc0: 00000028 c3467078 00000010 c37fe500 c25e0380 e0f69e6c c25f8000 c2d07000
[ 128.215158] 9de0: 00000aab 00000005 00010000 00000001 c156b860 00000000 c156b864 c1a4c018
[ 128.223345] 9e00: 00000000 c119fe5c c3000000 00000001 00000007 7ff302d8 00000000 c0486446
[ 128.231531] 9e20: 00000048 c2d07000 00000048 c0e87b40 e0f69e6c c3467000 00000048 c0721238
[ 128.239717] 9e40: 0000e280 00000001 c1197448 c2d07000 be9d0fb0 e0f69e6c 00000046 c37f0c80
[ 128.247903] 9e60: c0784988 00000051 00000000 00000000 00000000 00000000 00000005 0000000a
[ 128.256089] 9e80: 000005b8 01fd0bf8 00000000 01fd0a10 00000000 01b72868 00000000 00000004
[ 128.264274] 9ea0: 00000000 00000000 00000000 00000000 00000000 7ff302d8 00000013 00004000
[ 128.272460] 9ec0: c2d07000 c2d22dc0 00000001 c37f0c80 00000005 c0351d6c 00000000 00000000
[ 128.280651] 9ee0: c0351c6c 00000000 00000000 7ff302d8 be9d0fb0 c0486446 c37f0c81 c0100080
[ 128.288840] 9f00: be9d0fb0 c2d07000 c37f0c80 c25a8710 00000013 c0342ab0 00000000 c2d07000
[ 128.297026] 9f20: e0f69fb0 c022e258 c2d07000 e0f69fb0 00000000 c01002b4 c01002b4 c010b924
[ 128.305212] 9f40: c03511c4 c136055c 60070013 c01936d0 00000028 c2d22dc0 c3972b00 00000001
[ 128.313413] 9f60: 00000000 7ff302d8 c2d07000 c15e4ea0 01fd1d98 c2d07000 c136629c 7ff302d8
[ 128.321616] 9f80: b6e9048c 01b72380 be9d0fb0 c0486446 00000036 c01002b4 c2d07000 00000036
[ 128.329821] 9fa0: 00000000 c0100080 01b72380 be9d0fb0 00000013 c0486446 be9d0fb0 be9d0f78
[ 128.338020] 9fc0: 01b72380 be9d0fb0 c0486446 00000036 be9d1028 be9d0fb0 01b176e8 00000000
[ 128.346220] 9fe0: 00000036 be9d0f60 b6ec8089 b6e41ae6 00070030 00000013 00000000 00000000
[ 128.354428] drm_sched_job_cleanup from etnaviv_ioctl_gem_submit+0x9ac/0x1364
[ 128.361611] etnaviv_ioctl_gem_submit from drm_ioctl+0x1e8/0x3a0
[ 128.367660] drm_ioctl from sys_ioctl+0x530/0xdbc
[ 128.372409] sys_ioctl from ret_fast_syscall+0x0/0x1c
[ 128.377504] Exception stack(0xe0f69fa8 to 0xe0f69ff0)
[ 128.382585] 9fa0: 01b72380 be9d0fb0 00000013 c0486446 be9d0fb0 be9d0f78
[ 128.390775] 9fc0: 01b72380 be9d0fb0 c0486446 00000036 be9d1028 be9d0fb0 01b176e8 00000000
[ 128.398979] 9fe0: 00000036 be9d0f60 b6ec8089 b6e41ae6
[ 128.404053] Code: e24dd00c ee1d6f70 e5963530 e58d3004 (e5903054)
[ 128.410383] ---[ end trace 0000000000000000 ]---
Francesco
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-10-28 7:14 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-19 16:54 etnaviv OOPS, NULL pointer dereference on Linux 6.0.2 Francesco Dolcini
2022-10-28 7:02 ` Francesco Dolcini
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).