Bug 102338

Summary: QXL driver causes oops on boot, kernel 4.12
Product: DRI Reporter: Chuck Ebbert <chuckebbert.lk>
Component: DRM/otherAssignee: krisman
Status: RESOLVED INVALID QA Contact:
Severity: major    
Priority: medium CC: krisman, tiwai
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description Chuck Ebbert 2017-08-21 15:15:59 UTC 
This is from 4.12-rc6, still happening on 4.12.5.

Taken from https://bugzilla.redhat.com/show_bug.cgi?id=1465148

int ttm_bo_kmap(struct ttm_buffer_object *bo,
                unsigned long start_page, unsigned long num_pages,
                struct ttm_bo_kmap_obj *map)
{
        struct ttm_mem_type_manager *man =
                &bo->bdev->man[bo->mem.mem_type];
        unsigned long offset, size;
        int ret;

589->   BUG_ON(!list_empty(&bo->swap));

Jun 26 10:51:00 bld-fedora27 kernel: ------------[ cut here ]------------
Jun 26 10:51:00 bld-fedora27 kernel: kernel BUG at drivers/gpu/drm/ttm/ttm_bo_util.c:589!
Jun 26 10:51:00 bld-fedora27 kernel: invalid opcode: 0000 [#1] SMP
Jun 26 10:51:00 bld-fedora27 kernel: Modules linked in: sunrpc crct10dif_pclmul crc32_pclmul ghash_clmulni_intel ppdev snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_seq
Jun 26 10:51:00 bld-fedora27 kernel: CPU: 1 PID: 339 Comm: plymouthd Not tainted 4.12.0-0.rc6.git3.1.fc27.x86_64 #1
Jun 26 10:51:00 bld-fedora27 kernel: Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
Jun 26 10:51:00 bld-fedora27 kernel: task: ffff91dd77990000 task.stack: ffffb69e00720000
Jun 26 10:51:00 bld-fedora27 kernel: RIP: 0010:ttm_bo_kmap+0x1af/0x250 [ttm]
Jun 26 10:51:00 bld-fedora27 kernel: RSP: 0018:ffffb69e00723ba8 EFLAGS: 00010206
Jun 26 10:51:00 bld-fedora27 kernel: RAX: ffff91dd77987b50 RBX: ffff91dd779dc858 RCX: ffff91dd779dcc08
Jun 26 10:51:00 bld-fedora27 kernel: RDX: 0000000000000300 RSI: 0000000000000000 RDI: ffff91dd77430d90
Jun 26 10:51:00 bld-fedora27 kernel: RBP: ffffb69e00723be0 R08: 0000000000010004 R09: ffff91dd779dc928
Jun 26 10:51:00 bld-fedora27 kernel: R10: 0000000000000008 R11: 0000000000000000 R12: ffffb69e00723c48
Jun 26 10:51:00 bld-fedora27 kernel: R13: 0000000000000000 R14: ffff91dd77430d70 R15: 0000000000000000
Jun 26 10:51:00 bld-fedora27 kernel: FS:  00007fa4e051fd00(0000) GS:ffff91dd7d400000(0000) knlGS:0000000000000000
Jun 26 10:51:00 bld-fedora27 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jun 26 10:51:00 bld-fedora27 kernel: CR2: 00005616290356f8 CR3: 0000000035b8b000 CR4: 00000000001406e0
Jun 26 10:51:00 bld-fedora27 kernel: Call Trace:
Jun 26 10:51:00 bld-fedora27 kernel:  qxl_bo_kmap+0x42/0x70 [qxl]
Jun 26 10:51:00 bld-fedora27 kernel:  qxl_draw_dirty_fb+0x1f5/0x420 [qxl]
Jun 26 10:51:00 bld-fedora27 kernel:  qxl_framebuffer_surface_dirty+0xa0/0xf0 [qxl]
Jun 26 10:51:00 bld-fedora27 kernel:  drm_mode_dirtyfb_ioctl+0x190/0x1d0 [drm]
Jun 26 10:51:00 bld-fedora27 kernel:  drm_ioctl+0x232/0x500 [drm]
Jun 26 10:51:00 bld-fedora27 kernel:  ? drm_mode_getfb+0x110/0x110 [drm]
Jun 26 10:51:00 bld-fedora27 kernel:  ? __might_sleep+0x4a/0x80
Jun 26 10:51:00 bld-fedora27 kernel:  ? selinux_file_ioctl+0x124/0x1e0
Jun 26 10:51:00 bld-fedora27 kernel:  do_vfs_ioctl+0xa6/0x720
Jun 26 10:51:00 bld-fedora27 kernel:  ? getnstimeofday64+0xe/0x20
Jun 26 10:51:00 bld-fedora27 kernel:  ? security_file_ioctl+0x43/0x60
Jun 26 10:51:00 bld-fedora27 kernel:  SyS_ioctl+0x79/0x90
Jun 26 10:51:00 bld-fedora27 kernel:  do_syscall_64+0x6c/0x1c0
Jun 26 10:51:00 bld-fedora27 kernel:  entry_SYSCALL64_slow_path+0x25/0x25
Jun 26 10:51:00 bld-fedora27 kernel: RIP: 0033:0x7fa4df504eb7
Jun 26 10:51:00 bld-fedora27 kernel: RSP: 002b:00007ffca83efbc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
Jun 26 10:51:00 bld-fedora27 kernel: RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 00007fa4df504eb7
Jun 26 10:51:00 bld-fedora27 kernel: RDX: 00007ffca83efc00 RSI: 00000000c01864b1 RDI: 0000000000000009
Jun 26 10:51:00 bld-fedora27 kernel: RBP: 00007ffca83efc00 R08: 00007fa4dd42577c R09: 0000000000000010
Jun 26 10:51:00 bld-fedora27 kernel: R10: 00007fa4dd424884 R11: 0000000000000246 R12: 00000000c01864b1
Jun 26 10:51:00 bld-fedora27 kernel: R13: 0000000000000009 R14: 0000555e394ef330 R15: 00007fa4ddf8278c
Jun 26 10:51:00 bld-fedora27 kernel: Code: d0 48 8b bb 80 00 00 00 48 c1 e6 0c f6 43 62 04 74 44 48 03 7b 70 4c 01 ef e8 8e 21 bd ef 49 89 04 24 44 8b 45 d0 e9 18 ff ff ff <0f> 0b 4b 8d 7c 3e 58 89 4
Jun 26 10:51:00 bld-fedora27 kernel: RIP: ttm_bo_kmap+0x1af/0x250 [ttm] RSP: ffffb69e00723ba8
Jun 26 10:51:00 bld-fedora27 kernel: ---[ end trace 13b661e538049e06 ]---
Comment 1 Chuck Ebbert 2017-08-21 15:18:16 UTC 
Note this is happening in a kvm guest. Removing "rhgb" from Fedora boot options (disables Plymouth boot graphics) lets the driver reach a gdm login screen. Then another bug hits after logging in.
Comment 2 Takashi Iwai 2017-09-05 15:57:08 UTC 
Now we hit this on openSUSE Tumbleweed, 4.12.9 & later, too.
  https://bugs.freedesktop.org/show_bug.cgi?id=102338

I quickly bisected and it pointed to the commit
3538e80a869be74764ae7db484b371894f04d0f8
    drm: qxl: Atomic phase 1: Implement mode_set_nofb
Comment 3 Takashi Iwai 2017-09-05 16:14:16 UTC 
(In reply to Takashi Iwai from comment #2)
> Now we hit this on openSUSE Tumbleweed, 4.12.9 & later, too.
>   https://bugs.freedesktop.org/show_bug.cgi?id=102338

Doh, a recursive call.  The right one is:
  https://bugzilla.opensuse.org/show_bug.cgi?id=1057241
Comment 4 Kristian Klausen 2017-10-01 21:52:35 UTC 
I'm still seeing this with 4.13.2 and Plymouth.
Takashi Iwai: How did OpenSuse fix it? Is there some publish patch I can use/see?
Comment 5 Takashi Iwai 2017-10-02 20:19:10 UTC 
The bug is debugged / discussed on bugzilla.kernel.org, too:
  https://bugzilla.kernel.org/show_bug.cgi?id=196777

We took the fix patch there tentatively for SUSE kernels.
Comment 6 Martin Peres 2019-10-14 13:20:12 UTC 
Hi,

Freedesktop's Bugzilla instance is EOLed and open bugs are about to be migrated to http://gitlab.freedesktop.org.

To avoid migrating out of date bugs, I am now closing all the bugs that did not see any activity in the past year. If the issue is still happening, please create a new bug in the relevant project at https://gitlab.freedesktop.org/drm (use misc by default).

Sorry about the noise!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.