| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z18dbfDAiFadsSdg@gallifrey>
Date: Sun, 15 Dec 2024 18:18:21 +0000
From: "Dr. David Alan Gilbert" <dave@...blig.org>
To: kraxel@...hat.com, tzimmermann@...e.de
Cc: virtualization@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: a bochs-drm (?) oops on head
Hey Gerd, Thomas,
I've got the following oops that looks bochs-drm related on the current
HEAD ( 4800575d8c0b2f354ab05ab1c4749e45e213bf73 ) and it's been there
for at least a few days; this is
under qemu with:
qemu-system-x86_64 -M q35 -nographic -cpu host --enable-kvm -smp 4 -m 2G -kernel /discs/fast/kernel/arch/x86/boot/bzImage -append "console=ttyS0 root=/dev/vdb1 single" -drive if=virtio,file=/discs/more/images/debian12-64scan.qcow2
qemu version: qemu-kvm-9.1.2-2.fc41.x86_64 (i.e. Fedora41 build)
I've tried reverting:
4a30d193f0ef7a8c2f6eef4b8b18a498e99db34b (HEAD) Revert "drm/bochs: use devm_ioremap_wc() to map framebuffer"
082362340422eaff688f0d83ecbe71172c033f51 Revert "drm/fbdev-shmem: Remove obsolete setup function"
f814356c3a2f0cc549fcc5ed4b36ec5ac6591cb3 Revert "drm/bochs: Run DRM default client setup"
0e64fa12581e8653d45ed43769b26f4f80a621bb Revert "drm/bochs: Return error from correct pointer"
1ab79b4c32d13559c6dfe6c721794546414456a9 Revert "drm/bochs: Use video aperture helpers"
f822c9f07028c5de45a0bae38f0087696bc1f4cb Revert "drm: Remove DRM aperture helpers"
but that's not helped so far
If I remove -nographic and enable the normal console
(console=tty0 console=ttyS0 ) it still happens.
The oops has :
[ 78.463760][ T1] bochs_pci_driver_init+0x8a/0xc0
in it, hence why I'm blaming that.
(Other odd observation, the Tuxen flicker heavily during booting!)
[ 72.756014][ T1] bochs-drm 0000:00:02.0: vgaarb: deactivate vga console
[ 72.758258][ T1] [drm] Found bochs VGA, ID 0xb0c5.
[ 72.758793][ T1] [drm] Framebuffer size 16384 kB @ 0xfd000000, mmio @ 0xfebf0000.
[ 72.767777][ T1] [drm] Initialized bochs-drm 1.0.0 for 0000:00:02.0 on minor 2
[ 72.839222][ T1] fbcon: bochs-drmdrmfb (fb1) is primary device
[ 72.839311][ T1] fbcon: Remapping primary device, fb1, to tty 1-63
[ 78.402163][ T1] bochs-drm 0000:00:02.0: [drm] fb1: bochs-drmdrmfb frame buffer device
[ 78.459984][ T1] BUG: unable to handle page fault for address: ffff8dd345604004
[ 78.463246][ T1] #PF: supervisor write access in kernel mode
[ 78.463760][ T1] #PF: error_code(0x0002) - not-present page
[ 78.463760][ T1] PGD 72001067 P4D 72001067 PUD 72002067 PMD 7fbe1067 PTE 800ffffffa9fb060
[ 78.463760][ T1] Oops: Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC NOPTI
[ 78.463760][ T1] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W N 6.13.0-rc2+ #363 6c653a430ed30aae3dac648429c492a2726da3d7
[ 78.463760][ T1] Tainted: [W]=WARN, [N]=TEST
[ 78.463760][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014
[ 78.463760][ T1] RIP: 0010:devm_drm_dev_init_release+0x4e/0x140
[ 78.463760][ T1] Code: e8 d7 ba 29 fc 4c 8d 63 04 bf 03 00 00 00 e8 09 e1 58 fc ba 07 00 00 00 be 04 00 00 00 4c 89 e7 bd ff ff ff ff e8 72 8a 58 fc <f0> 0f c1 6b 04 31 ff 89 ee e8 64 bf 29 fc 85 ed 7e 2f e8 9b ba 29
[ 78.463760][ T1] RSP: 0018:ffffa1c240013b70 EFLAGS: 00010246
[ 78.463760][ T1] RAX: 0000000000000000 RBX: ffff8dd345604000 RCX: 0000000000000000
[ 78.463760][ T1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 78.463760][ T1] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[ 78.463760][ T1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8dd345604004
[ 78.463760][ T1] R13: ffff8dd34579b258 R14: ffff8dd34579b260 R15: 0000000000000000
[ 78.463760][ T1] FS: 0000000000000000(0000) GS:ffff8dd3bd200000(0000) knlGS:0000000000000000
[ 78.463760][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.463760][ T1] CR2: ffff8dd345604004 CR3: 0000000064d20000 CR4: 0000000000350ef0
[ 78.463760][ T1] Call Trace:
[ 78.463760][ T1] <TASK>
[ 78.463760][ T1] ? __die+0x23/0x80
[ 78.463760][ T1] ? page_fault_oops+0x21c/0x240
[ 78.463760][ T1] ? kernelmode_fixup_or_oops.isra.0+0xa8/0x100
[ 78.463760][ T1] ? __bad_area_nosemaphore+0x2d9/0x340
[ 78.463760][ T1] ? srso_return_thunk+0x5/0x7f
[ 78.463760][ T1] ? srso_return_thunk+0x5/0x7f
[ 78.463760][ T1] ? spurious_kernel_fault+0x54/0x440
[ 78.463760][ T1] ? do_kern_addr_fault+0x11f/0x180
[ 78.463760][ T1] ? exc_page_fault+0x167/0x180
[ 78.463760][ T1] ? asm_exc_page_fault+0x26/0x40
[ 78.463760][ T1] ? devm_drm_dev_init_release+0x4e/0x140
[ 78.463760][ T1] ? __pfx_devm_drm_dev_init_release+0x40/0x40
[ 78.463760][ T1] devm_action_release+0x3a/0x80
[ 78.463760][ T1] release_nodes+0xdb/0x140
[ 78.463760][ T1] devres_release_all+0xd5/0x140
[ 78.463760][ T1] device_unbind_cleanup+0x28/0x100
[ 78.463760][ T1] ? __pfx_pci_dma_cleanup+0x40/0x40
[ 78.463760][ T1] really_probe+0x2e2/0x780
[ 78.463760][ T1] __driver_probe_device+0x194/0x280
[ 78.463760][ T1] driver_probe_device+0x6f/0x1c0
[ 78.463760][ T1] __driver_attach+0x204/0x380
[ 78.463760][ T1] ? __pfx___driver_attach+0x40/0x40
[ 78.463760][ T1] bus_for_each_dev+0xe3/0x180
[ 78.463760][ T1] driver_attach+0x3a/0x80
[ 78.463760][ T1] bus_add_driver+0x1fd/0x3c0
[ 78.463760][ T1] driver_register+0x11d/0x1c0
[ 78.463760][ T1] __pci_register_driver+0x105/0x140
[ 78.463760][ T1] bochs_pci_driver_init+0x8a/0xc0
[ 78.463760][ T1] ? __pfx_bochs_pci_driver_init+0x40/0x40
[ 78.463760][ T1] do_one_initcall+0xa7/0x500
[ 78.463760][ T1] do_initcalls+0x1d5/0x240
[ 78.463760][ T1] kernel_init_freeable+0x1e4/0x280
[ 78.463760][ T1] ? __pfx_kernel_init+0x40/0x40
[ 78.463760][ T1] kernel_init+0x2a/0x280
[ 78.463760][ T1] ret_from_fork+0x4d/0x80
[ 78.463760][ T1] ? __pfx_kernel_init+0x40/0x40
[ 78.463760][ T1] ret_from_fork_asm+0x22/0x80
[ 78.463760][ T1] </TASK>
[ 78.463760][ T1] Modules linked in:
[ 78.463760][ T1] Modules linked in:
[ 78.463760][ T1] CR2: ffff8dd345604004
[ 78.463760][ T1] ---[ end trace 0000000000000000 ]---
[ 78.463760][ T1] RIP: 0010:devm_drm_dev_init_release+0x4e/0x140
[ 78.463760][ T1] Code: e8 d7 ba 29 fc 4c 8d 63 04 bf 03 00 00 00 e8 09 e1 58 fc ba 07 00 00 00 be 04 00 00 00 4c 89 e7 bd ff ff ff ff e8 72 8a 58 fc <f0> 0f c1 6b 04 31 ff 89 ee e8 64 bf 29 fc 85 ed 7e 2f e8 9b ba 29
[ 78.463760][ T1] RSP: 0018:ffffa1c240013b70 EFLAGS: 00010246
[ 78.463760][ T1] RAX: 0000000000000000 RBX: ffff8dd345604000 RCX: 0000000000000000
[ 78.463760][ T1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 78.463760][ T1] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[ 78.463760][ T1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8dd345604004
[ 78.463760][ T1] R13: ffff8dd34579b258 R14: ffff8dd34579b260 R15: 0000000000000000
[ 78.463760][ T1] FS: 0000000000000000(0000) GS:ffff8dd3bd200000(0000) knlGS:0000000000000000
[ 78.463760][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 78.463760][ T1] CR2: ffff8dd345604004 CR3: 0000000064d20000 CR4: 0000000000350ef0
[ 78.463760][ T1] Kernel panic - not syncing: Fatal exception
[ 78.463760][ T1] Kernel Offset: 0xe000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 78.463760][ T1] ---[ end Kernel panic - not syncing: Fatal exception ]---
The config is a fairly full yes-config ish; see attached.
Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ dave @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
View attachment "full-config" of type "text/plain" (399898 bytes)
Powered by blists - more mailing lists