FYI, we noticed the following commit:
commit: f04f7e3e041aab12abbf3ed7b854446af5a624a9 ("drm: bochs: Don't remove uninitialized fbdev framebuffer") url: https://github.com/0day-ci/linux/commits/Gabriel-Krisman-Bertazi/drm-bochs-D... base: git://git.kraxel.org/linux drm-qemu
in testcase: trinity with following parameters:
runtime: 300s
test-description: Trinity is a linux system call fuzz tester. test-url: http://codemonkey.org.uk/projects/trinity/
on test machine: qemu-system-x86_64 -enable-kvm -m 512M
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-----------------------------------------------------------------------+------------+------------+ | | cbf87d6a8b | f04f7e3e04 | +-----------------------------------------------------------------------+------------+------------+ | boot_successes | 0 | 0 | | boot_failures | 6 | 8 | | WARNING:at_drivers/gpu/drm/drm_mode_config.c:#drm_mode_config_cleanup | 6 | | | kernel_BUG_at_mm/slab.c | 6 | | | invalid_opcode:#[##] | 6 | | | Kernel_panic-not_syncing:Fatal_exception | 6 | 8 | | general_protection_fault:#[##] | 0 | 8 | +-----------------------------------------------------------------------+------------+------------+
[ 9.931866] [TTM] Zone kernel: Available graphics memory: 219250 kiB [ 9.932295] [TTM] Initializing pool allocator [ 9.932599] [TTM] Initializing DMA pool allocator [ 9.937917] bochsdrmfb: enable CONFIG_FB_LITTLE_ENDIAN to support this framebuffer [ 9.938724] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 1 [ 9.939428] general protection fault: 0000 [#1] SMP [ 9.939813] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.10.0-rc8-01399-gf04f7e3 #1 [ 9.940310] task: ffff88001e468040 task.stack: ffff88001e46c000 [ 9.940708] RIP: 0010:drm_fb_helper_crtc_free+0x26/0xa0 [ 9.941060] RSP: 0018:ffff88001e46fc28 EFLAGS: 00010202 [ 9.941411] RAX: 6b6b6b6b6b6b6b6b RBX: 0000000000000001 RCX: ffff88001e468ba0 [ 9.941886] RDX: 0000000000000001 RSI: ffff88001e468b68 RDI: ffff88001a7ca058 [ 9.942352] RBP: ffff88001e46fc48 R08: 0000000078532a4d R09: ae27c82000000000 [ 9.942820] R10: 0000000000000000 R11: 00000000f5cb56dd R12: ffff88001a7ca058 [ 9.943284] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 9.943759] FS: 0000000000000000(0000) GS:ffff88001f800000(0000) knlGS:0000000000000000 [ 9.944547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 9.944968] CR2: 00007fb16c28b820 CR3: 0000000002e11000 CR4: 00000000000006f0 [ 9.945441] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 9.945911] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 9.946376] Call Trace: [ 9.946547] drm_fb_helper_fini+0xc6/0x110 [ 9.946822] bochs_fbdev_fini+0x24/0x90 [ 9.947076] bochs_unload+0x16/0x50 [ 9.947309] drm_dev_unregister+0x37/0xd0 [ 9.947577] drm_put_dev+0x2f/0x60 [ 9.947962] bochs_pci_remove+0x10/0x20 [ 9.948475] pci_device_remove+0x34/0xb0 [ 9.948978] driver_probe_device+0xd3/0x390 [ 9.949486] __driver_attach+0x92/0xa0 [ 9.949969] ? driver_probe_device+0x390/0x390 [ 9.950525] bus_for_each_dev+0x61/0xa0 [ 9.951005] driver_attach+0x19/0x20 [ 9.951426] bus_add_driver+0x1a2/0x220 [ 9.951692] driver_register+0x5b/0xe0 [ 9.951970] __pci_register_driver+0x5b/0x60 [ 9.952253] ? qxl_init+0x33/0x33 [ 9.952472] drm_pci_init+0xe3/0xf0 [ 9.952710] ? idr_init+0x46/0x50 [ 9.952929] ? qxl_init+0x33/0x33 [ 9.953148] bochs_init+0x25/0x27 [ 9.953368] do_one_initcall+0x90/0x14f [ 9.953625] kernel_init_freeable+0x1a0/0x22c [ 9.953911] ? rest_init+0xc0/0xc0 [ 9.954136] kernel_init+0x9/0x100 [ 9.954361] ret_from_fork+0x2c/0x40 [ 9.954606] Code: 0f 1f 44 00 00 55 48 89 e5 41 56 41 55 41 54 53 31 db 8b 57 20 49 89 fc 85 d2 7e 30 49 8b 44 24 28 4c 63 eb 83 c3 01 4a 8b 04 e8 <48> 8b 38 48 83 c7 28 e8 8e 0d 02 00 49 8b 44 24 28 4a 8b 3c e8 [ 9.955849] RIP: drm_fb_helper_crtc_free+0x26/0xa0 RSP: ffff88001e46fc28 [ 9.956296] ---[ end trace e4589f787553d11e ]--- [ 9.956618] Kernel panic - not syncing: Fatal exception [ 9.956979] Kernel Offset: disabled
Elapsed time: 10
initrds=(
To reproduce:
git clone https://github.com/01org/lkp-tests.git cd lkp-tests bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks, Xiaolong