[Bug 1101822] New: cirrus.bpp=16 boot option leads to kernel Oops
http://bugzilla.suse.com/show_bug.cgi?id=1101822 Bug ID: 1101822 Summary: cirrus.bpp=16 boot option leads to kernel Oops Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-maintainers@forge.provo.novell.com Reporter: tiwai@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- When booting with cirrus.bpp=16 option, KVM with cirrus VGA leads to an Oops like below: [ 2.449554] [drm:cirrusfb_create [cirrus]] *ERROR* failed to create fbcon backing object -22 [ 2.450731] [drm:cirrus_modeset_init [cirrus]] *ERROR* cirrus_fbdev_init failed [ 2.451729] cirrus 0000:00:02.0: Fatal error during modeset init: -22 [ 2.453327] BUG: unable to handle kernel NULL pointer dereference at 0000000000000258 [ 2.454452] IP: mutex_lock+0x10/0x20 [ 2.454945] PGD 0 P4D 0 [ 2.455296] Oops: 0002 [#1] PREEMPT SMP PTI [ 2.455871] Modules linked in: cirrus(+) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm serio_raw floppy drm virtio_scsi(+) button sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua [ 2.458380] CPU: 0 PID: 256 Comm: systemd-udevd Not tainted 4.16.12-2-default #1 openSUSE Tumbleweed (unreleased) [ 2.459759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 [ 2.461152] RIP: 0010:mutex_lock+0x10/0x20 [ 2.461716] RSP: 0018:ffffa944404c3aa0 EFLAGS: 00010246 [ 2.462427] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffd611c0d13cdf [ 2.463393] RDX: ffff9457b60b0100 RSI: ffff9457bdaf1528 RDI: 0000000000000258 [ 2.464361] RBP: 0000000000000258 R08: 0000000000000000 R09: 000000000000002c [ 2.465326] R10: ffff9457bce5dda8 R11: 000000000000002d R12: ffff9457bdaf1528 [ 2.466305] R13: ffffffffc042e120 R14: 0000000000000000 R15: ffff9457b56e4620 [ 2.467004] FS: 00007ffae0f61940(0000) GS:ffff9457bfc00000(0000) knlGS:0000000000000000 [ 2.467959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2.468498] CR2: 0000000000000258 CR3: 000000003607a000 CR4: 00000000000006f0 [ 2.469135] Call Trace: [ 2.469384] drm_mode_object_unregister+0x1e/0x50 [drm] [ 2.469858] cirrus_fbdev_fini+0x5a/0x80 [cirrus] [ 2.470275] cirrus_modeset_fini+0xe/0x30 [cirrus] [ 2.470699] cirrus_driver_unload+0x1b/0x40 [cirrus] [ 2.471136] cirrus_driver_load+0x7f/0xf0 [cirrus] [ 2.471566] drm_dev_register+0x132/0x1c0 [drm] [ 2.471974] drm_get_pci_dev+0x93/0x170 [drm] [ 2.472362] local_pci_probe+0x42/0xa0 [ 2.472759] ? pci_match_device+0xde/0x110 [ 2.473122] pci_device_probe+0x125/0x190 [ 2.473479] driver_probe_device+0x30b/0x480 [ 2.473864] __driver_attach+0xb8/0xe0 [ 2.474193] ? driver_probe_device+0x480/0x480 [ 2.474582] ? driver_probe_device+0x480/0x480 [ 2.474971] bus_for_each_dev+0x65/0x90 [ 2.475308] bus_add_driver+0x161/0x260 [ 2.475644] ? 0xffffffffc0431000 [ 2.475938] driver_register+0x57/0xc0 [ 2.476270] ? 0xffffffffc0431000 [ 2.476565] do_one_initcall+0x4e/0x192 [ 2.476934] ? __vunmap+0x6d/0xb0 [ 2.477229] do_init_module+0x5b/0x20a [ 2.477567] load_module+0x19ad/0x1f30 [ 2.477906] ? SYSC_finit_module+0xb7/0xd0 [ 2.478257] SYSC_finit_module+0xb7/0xd0 [ 2.478595] do_syscall_64+0x76/0x140 [ 2.478911] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2.479340] RIP: 0033:0x7ffadfd8c529 [ 2.479648] RSP: 002b:00007ffcfde7c0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 2.480310] RAX: ffffffffffffffda RBX: 000055a10ac5e9d0 RCX: 00007ffadfd8c529 [ 2.480935] RDX: 0000000000000000 RSI: 000055a10ac8afc0 RDI: 0000000000000014 [ 2.481546] RBP: 000055a10ac8afc0 R08: 0000000000000000 R09: 000055a10ac748a0 [ 2.482192] R10: 0000000000000014 R11: 0000000000000246 R12: 0000000000020000 [ 2.482810] R13: 000055a10ac82960 R14: 0000000000000000 R15: 0000000000000000 [ 2.483756] Code: 6d fc ff ff 0f 1f 80 00 00 00 00 0f 1f 44 00 00 be 02 00 00 00 e9 01 fb ff ff 90 0f 1f 44 00 00 65 48 8b 14 25 00 5c 01 00 31 c0 <f0> 48 0f b1 17 48 85 c0 75 02 f3 c3 eb d2 66 90 0f 1f 44 00 00 [ 2.485623] RIP: mutex_lock+0x10/0x20 RSP: ffffa944404c3aa0 [ 2.486108] CR2: 0000000000000258 [ 2.487158] ---[ end trace 79527e8c9ce260a5 ]--- The example is from a slightly old kernel, but the same happens with the latest 4.18. Also it happens with SLE12-SP2/SP3 kernel as well, maybe older ones, too. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1101822
Takashi Iwai
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c1
--- Comment #1 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c2
--- Comment #2 from Takashi Iwai
I will take a look at this. Just need a bit to set up qemu.
Thanks! FWIW, the culprit is about the unconditional call of drm_mode_object_register(). It's called from cirrus_fbdev_fini() -> cirrus_fbdev_destroy() -> drm_framebuffer_unregister_private() -> drm_mode_object_unregister(). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c3
--- Comment #3 from Takashi Iwai
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c4
Stefan Dirsch
http://bugzilla.suse.com/show_bug.cgi?id=1101822
Takashi Iwai
http://bugzilla.suse.com/show_bug.cgi?id=1101822
Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c5
--- Comment #5 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
Stefan Dirsch
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c7
--- Comment #7 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c8
Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c9
Takashi Iwai
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c10
Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c11
Takashi Iwai
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c12
--- Comment #12 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c13
--- Comment #13 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c14
--- Comment #14 from Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c15
Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c17
Thomas Zimmermann
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c18
--- Comment #18 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c21
--- Comment #21 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c22
--- Comment #22 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c23
--- Comment #23 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c25
--- Comment #25 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c27
--- Comment #27 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c28
--- Comment #28 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c29
--- Comment #29 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c30
--- Comment #30 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c31
--- Comment #31 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1101822
http://bugzilla.suse.com/show_bug.cgi?id=1101822#c32
--- Comment #32 from Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com