i915 (ivy bridge) + 4.10.3 + gimp = BUG in list_move_tail()

From: JÃrÃme Carretero
Date: Sun Mar 19 2017 - 18:09:33 EST


Hi,


After a kernel update from v4.9.10 to v4.10.3, any time I bring out the gimp,
the i915 driver NULL-pointer dereferences something in list_move_tail(),
somewhere in i915_gem_evict_for_vma().

I'm providing the kernel log, if more is needed (say you aren't
aware of this regression) I'm available.

xf-86-video-intel is 860c3664fe79c1fe92095ff345068f1fc7e4e651,
mesa is 11.2.1, xorg-server is 1.19.2, but I don't think it matters.


Regards,

--
JÃrÃme


Mar 19 17:32:11 Vantage kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000088
Mar 19 17:32:11 Vantage kernel: IP: list_move_tail+0xb/0x26
Mar 19 17:32:11 Vantage kernel: PGD 1641b8067
Mar 19 17:32:11 Vantage kernel: PUD 1506ba067
Mar 19 17:32:11 Vantage kernel: PMD 0
Mar 19 17:32:11 Vantage kernel:
Mar 19 17:32:11 Vantage kernel: Oops: 0002 [#1] PREEMPT SMP
Mar 19 17:32:11 Vantage kernel: Modules linked in: ccm fuse bnep hid_generic iTCO_wdt iTCO_vendor_support coretemp intel_rapl iosf_mbi x86_pkg_temp_thermal kvm_intel btusb btrtl kvm btbcm iwldvm btintel mac80211 irqbypass dm_mod aesni_intel uvcvideo snd_hda_codec_hdmi aes_x86_64 crypto_simd cryptd videobuf2_vmalloc g
Mar 19 17:32:11 Vantage kernel: CPU: 2 PID: 5559 Comm: gimp Not tainted 4.10.3-Vantage-dirty #107
Mar 19 17:32:11 Vantage kernel: Hardware name: LENOVO 2349L64/2349L64, BIOS G1ETA5WW (2.65 ) 04/15/2014
Mar 19 17:32:11 Vantage kernel: task: ffff880171af5400 task.stack: ffffc9000a784000
Mar 19 17:32:11 Vantage kernel: RIP: 0010:list_move_tail+0xb/0x26
Mar 19 17:32:11 Vantage kernel: RSP: 0018:ffffc9000a787ac8 EFLAGS: 00010296
Mar 19 17:32:11 Vantage kernel: RAX: ffff88040b67be60 RBX: ffff88040b67bcc8 RCX: ffff88040c38e620
Mar 19 17:32:11 Vantage kernel: RDX: 0000000000000080 RSI: ffff88040be2df68 RDI: ffff88040b67be58
Mar 19 17:32:11 Vantage kernel: RBP: ffffc9000a787ac8 R08: ffff880171af5400 R09: 0000000000000000
Mar 19 17:32:11 Vantage kernel: R10: 0000000000000000 R11: 000000007fff0000 R12: ffff88040be2dc10
Mar 19 17:32:11 Vantage kernel: R13: 0000000000000000 R14: 0000000000000000 R15: ffff880165150000
Mar 19 17:32:11 Vantage kernel: FS: 00007f0e85a28d40(0000) GS:ffff88041e280000(0000) knlGS:0000000000000000
Mar 19 17:32:11 Vantage kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Mar 19 17:32:11 Vantage kernel: CR2: 0000000000000088 CR3: 000000015acf5000 CR4: 00000000001406e0
Mar 19 17:32:11 Vantage kernel: Call Trace:
Mar 19 17:32:11 Vantage kernel: i915_vma_unbind+0x1d0/0x274
Mar 19 17:32:11 Vantage kernel: i915_gem_evict_for_vma+0x7d/0x91
Mar 19 17:32:11 Vantage kernel: __i915_vma_do_pin+0x226/0x376
Mar 19 17:32:11 Vantage kernel: i915_gem_execbuffer_reserve_vma.isra.26+0xbc/0x189
Mar 19 17:32:11 Vantage kernel: i915_gem_execbuffer_reserve.isra.27+0x2ac/0x339
Mar 19 17:32:11 Vantage kernel: i915_gem_do_execbuffer.isra.32+0x62a/0x1200
Mar 19 17:32:11 Vantage kernel: ? __radix_tree_lookup+0x2b/0x86
Mar 19 17:32:11 Vantage kernel: ? find_lock_entry+0x36/0x57
Mar 19 17:32:11 Vantage kernel: ? balance_dirty_pages_ratelimited+0x1c/0x9a9
Mar 19 17:32:11 Vantage kernel: ? PageUptodate+0x9/0x17
Mar 19 17:32:11 Vantage kernel: ? shmem_getpage_gfp+0x11f/0x763
Mar 19 17:32:11 Vantage kernel: i915_gem_execbuffer2+0x132/0x1b4
Mar 19 17:32:11 Vantage kernel: drm_ioctl+0x242/0x34a
Mar 19 17:32:11 Vantage kernel: ? i915_gem_execbuffer+0x229/0x229
Mar 19 17:32:11 Vantage kernel: ? handle_mm_fault+0x8b5/0xb97
Mar 19 17:32:11 Vantage kernel: ? vma_merge+0x285/0x2aa
Mar 19 17:32:11 Vantage kernel: vfs_ioctl+0x13/0x2f
Mar 19 17:32:11 Vantage kernel: do_vfs_ioctl+0x49c/0x50a
Mar 19 17:32:11 Vantage kernel: ? recalc_sigpending+0x31/0x41
Mar 19 17:32:11 Vantage kernel: ? __fget+0x66/0x72
Mar 19 17:32:11 Vantage kernel: SyS_ioctl+0x52/0x74
Mar 19 17:32:11 Vantage kernel: entry_SYSCALL_64_fastpath+0x1a/0xa9
Mar 19 17:32:11 Vantage kernel: RIP: 0033:0x7f0e81144107
Mar 19 17:32:11 Vantage kernel: RSP: 002b:00007fffe7e180b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
Mar 19 17:32:11 Vantage kernel: RAX: ffffffffffffffda RBX: 00000000016b3710 RCX: 00007f0e81144107
Mar 19 17:32:11 Vantage kernel: RDX: 00007fffe7e18108 RSI: 0000000040406469 RDI: 000000000000000a
Mar 19 17:32:11 Vantage kernel: RBP: 00007fffe7e182a0 R08: 0000000000000000 R09: 0000000000000000
Mar 19 17:32:11 Vantage kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffe7e180c0
Mar 19 17:32:11 Vantage kernel: R13: 0000000000000001 R14: 00000000000000a0 R15: 00000000012dbf10
Mar 19 17:32:11 Vantage kernel: Code: 87 78 10 00 00 00 00 00 00 48 8b 48 08 ff 70 20 4c 8b 48 18 44 8b 40 10 e8 67 76 c2 ff 5a c9 c3 48 8b 47 08 55 48 8b 17 48 89 e5 <48> 89 42 08 48 89 10 48 8b 46 08 48 89 7e 08 48 89 37 48 89 47
Mar 19 17:32:11 Vantage kernel: RIP: list_move_tail+0xb/0x26 RSP: ffffc9000a787ac8
Mar 19 17:32:11 Vantage kernel: CR2: 0000000000000088
Mar 19 17:32:11 Vantage kernel: ---[ end trace b20a3798f5da98ce ]---