Re: [RFC PATCH] fbcon: fix ypos over boundary issue
On Fri, Jul 12, 2019 at 03:13:36AM +, Zenghui Yu wrote: > From: Feng Tiantian > > While using "top" on a CentOS guest's VNC-client, then continuously press > "Shift+PgUp", the guest kernel will get panic! Backtrace is attached below. > We tested it on 5.2.0, and the issue remains. > > [ 66.946362] Unable to handle kernel paging request at virtual address > 0e240840 > [ 66.946363] Mem abort info: > [ 66.946364] Exception class = DABT (current EL), IL = 32 bits > [ 66.946365] SET = 0, FnV = 0 > [ 66.946366] EA = 0, S1PTW = 0 > [ 66.946367] Data abort info: > [ 66.946368] ISV = 0, ISS = 0x0047 > [ 66.946368] CM = 0, WnR = 1 > [ 66.946370] swapper pgtable: 64k pages, 48-bit VAs, pgd = 0966 > [ 66.946372] [0e240840] *pgd=00023ffe0003, > *pud=00023ffe0003, *pmd=00023ffd0003, *pte= > [ 66.946378] Internal error: Oops: 9647 [#1] SMP > [ 66.946379] Modules linked in: vfat fat crc32_ce ghash_ce sg sha2_ce > sha256_arm64 virtio_balloon virtio_net sha1_ce ip_tables ext4 mbcache jbd2 > virtio_gpu drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm > drm i2c_core virtio_scsi virtio_pci virtio_mmio virtio_ring virtio > [ 66.946403] CPU: 0 PID: 1035 Comm: top Not tainted 4.14.0-49.el7a.aarch64 > #1 > [ 66.946404] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 > [ 66.946405] task: 8001c18fdc00 task.stack: 0d4e > [ 66.946409] PC is at sys_imageblit+0x40c/0x1 [sysimgblt] > [ 66.946431] LR is at drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] > [ 66.946433] pc : [] lr : [] pstate: > 0005 > [ 66.946433] sp : 0d4ef7f0 > [ 66.946434] x29: 0d4ef7f0 x28: 01ff > [ 66.946436] x27: 8001c1c88100 x26: 0001 > [ 66.946438] x25: 01f0 x24: 0018 > [ 66.946440] x23: x22: 0d4ef978 > [ 66.946442] x21: 0e240840 x20: > [ 66.946444] x19: 8001c98c9000 x18: f9d56670 > [ 66.946445] x17: x16: > [ 66.946447] x15: 0008 x14: 1b20202020202020 > [ 66.946449] x13: 01f0 x12: 003e > [ 66.946450] x11: 000f x10: 8001c840 > [ 66.946452] x9 : 00aa x8 : 0001 > [ 66.946454] x7 : 020b0090 x6 : 0001 > [ 66.946456] x5 : x4 : > [ 66.946457] x3 : 8001c840 x2 : 0e240840 > [ 66.946459] x1 : 01ef x0 : 0007 > [ 66.946461] Process top (pid: 1035, stack limit = 0x0d4e) > [ 66.946462] Call trace: > [ 66.946464] Exception stack(0x0d4ef6b0 to 0x0d4ef7f0) > [ 66.946465] f6a0: 0007 > 01ef > [ 66.946467] f6c0: 0e240840 8001c840 > > [ 66.946468] f6e0: 0001 020b0090 0001 > 00aa > [ 66.946470] f700: 8001c840 000f 003e > 01f0 > [ 66.946471] f720: 1b20202020202020 0008 > > [ 66.946472] f740: f9d56670 8001c98c9000 > 0e240840 > [ 66.946474] f760: 0d4ef978 0018 > 01f0 > [ 66.946475] f780: 0001 8001c1c88100 01ff > 0d4ef7f0 > [ 66.946476] f7a0: 02202e74 0d4ef7f0 020a040c > 0005 > [ 66.946478] f7c0: 0d4ef7e0 080ea614 0001 > 08152f08 > [ 66.946479] f7e0: 0d4ef7f0 020a040c > [ 66.946481] [] sys_imageblit+0x40c/0x1 [sysimgblt] > [ 66.946501] [] drm_fb_helper_sys_imageblit+0x28/0x4c > [drm_kms_helper] > [ 66.946510] [] virtio_gpu_3d_imageblit+0x2c/0x78 > [virtio_gpu] > [ 66.946515] [] bit_putcs+0x288/0x49c > [ 66.946517] [] fbcon_putcs+0x114/0x148 > [ 66.946519] [] do_update_region+0x118/0x19c > [ 66.946521] [] do_con_trol+0x114c/0x1314 > [ 66.946523] [] do_con_write.part.22+0x1d8/0x890 > [ 66.946525] [] con_write+0x84/0x8c > [ 66.946527] [] n_tty_write+0x19c/0x408 > [ 66.946529] [] tty_write+0x150/0x270 > [ 66.946532] [] __vfs_write+0x58/0x180 > [ 66.946534] [] vfs_write+0xa8/0x1a0 > [ 66.946536] [] SyS_write+0x60/0xc0 > [ 66.946537] Exception stack(0x0d4efec0 to 0x0d4f) > [ 66.946539] fec0: 0001 00457958 0800 > > [ 66.946540] fee0: fbad2885 0bd0 8556add4 > > [ 66.946541] ff00: 0040 00434a88 > 0012 > [ 66.946543] ff20: 0001 f9d564f0 f9d564a0 > 0008 > [ 66.946544] ff40:
Re: [RFC PATCH] fbcon: fix ypos over boundary issue
Hi Bartlomiej, On 2019/7/23 23:59, Bartlomiej Zolnierkiewicz wrote: On 7/12/19 5:13 AM, Zenghui Yu wrote: From: Feng Tiantian While using "top" on a CentOS guest's VNC-client, then continuously press "Shift+PgUp", the guest kernel will get panic! Backtrace is attached below. We tested it on 5.2.0, and the issue remains. [ 66.946362] Unable to handle kernel paging request at virtual address 0e240840 [ 66.946363] Mem abort info: [ 66.946364] Exception class = DABT (current EL), IL = 32 bits [ 66.946365] SET = 0, FnV = 0 [ 66.946366] EA = 0, S1PTW = 0 [ 66.946367] Data abort info: [ 66.946368] ISV = 0, ISS = 0x0047 [ 66.946368] CM = 0, WnR = 1 [ 66.946370] swapper pgtable: 64k pages, 48-bit VAs, pgd = 0966 [ 66.946372] [0e240840] *pgd=00023ffe0003, *pud=00023ffe0003, *pmd=00023ffd0003, *pte= [ 66.946378] Internal error: Oops: 9647 [#1] SMP [ 66.946379] Modules linked in: vfat fat crc32_ce ghash_ce sg sha2_ce sha256_arm64 virtio_balloon virtio_net sha1_ce ip_tables ext4 mbcache jbd2 virtio_gpu drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm i2c_core virtio_scsi virtio_pci virtio_mmio virtio_ring virtio [ 66.946403] CPU: 0 PID: 1035 Comm: top Not tainted 4.14.0-49.el7a.aarch64 #1 [ 66.946404] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 66.946405] task: 8001c18fdc00 task.stack: 0d4e [ 66.946409] PC is at sys_imageblit+0x40c/0x1 [sysimgblt] [ 66.946431] LR is at drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] [ 66.946433] pc : [] lr : [] pstate: 0005 [ 66.946433] sp : 0d4ef7f0 [ 66.946434] x29: 0d4ef7f0 x28: 01ff [ 66.946436] x27: 8001c1c88100 x26: 0001 [ 66.946438] x25: 01f0 x24: 0018 [ 66.946440] x23: x22: 0d4ef978 [ 66.946442] x21: 0e240840 x20: [ 66.946444] x19: 8001c98c9000 x18: f9d56670 [ 66.946445] x17: x16: [ 66.946447] x15: 0008 x14: 1b20202020202020 [ 66.946449] x13: 01f0 x12: 003e [ 66.946450] x11: 000f x10: 8001c840 [ 66.946452] x9 : 00aa x8 : 0001 [ 66.946454] x7 : 020b0090 x6 : 0001 [ 66.946456] x5 : x4 : [ 66.946457] x3 : 8001c840 x2 : 0e240840 [ 66.946459] x1 : 01ef x0 : 0007 [ 66.946461] Process top (pid: 1035, stack limit = 0x0d4e) [ 66.946462] Call trace: [ 66.946464] Exception stack(0x0d4ef6b0 to 0x0d4ef7f0) [ 66.946465] f6a0: 0007 01ef [ 66.946467] f6c0: 0e240840 8001c840 [ 66.946468] f6e0: 0001 020b0090 0001 00aa [ 66.946470] f700: 8001c840 000f 003e 01f0 [ 66.946471] f720: 1b20202020202020 0008 [ 66.946472] f740: f9d56670 8001c98c9000 0e240840 [ 66.946474] f760: 0d4ef978 0018 01f0 [ 66.946475] f780: 0001 8001c1c88100 01ff 0d4ef7f0 [ 66.946476] f7a0: 02202e74 0d4ef7f0 020a040c 0005 [ 66.946478] f7c0: 0d4ef7e0 080ea614 0001 08152f08 [ 66.946479] f7e0: 0d4ef7f0 020a040c [ 66.946481] [] sys_imageblit+0x40c/0x1 [sysimgblt] [ 66.946501] [] drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] [ 66.946510] [] virtio_gpu_3d_imageblit+0x2c/0x78 [virtio_gpu] [ 66.946515] [] bit_putcs+0x288/0x49c [ 66.946517] [] fbcon_putcs+0x114/0x148 [ 66.946519] [] do_update_region+0x118/0x19c [ 66.946521] [] do_con_trol+0x114c/0x1314 [ 66.946523] [] do_con_write.part.22+0x1d8/0x890 [ 66.946525] [] con_write+0x84/0x8c [ 66.946527] [] n_tty_write+0x19c/0x408 [ 66.946529] [] tty_write+0x150/0x270 [ 66.946532] [] __vfs_write+0x58/0x180 [ 66.946534] [] vfs_write+0xa8/0x1a0 [ 66.946536] [] SyS_write+0x60/0xc0 [ 66.946537] Exception stack(0x0d4efec0 to 0x0d4f) [ 66.946539] fec0: 0001 00457958 0800 [ 66.946540] fee0: fbad2885 0bd0 8556add4 [ 66.946541] ff00: 0040 00434a88 0012 [ 66.946543] ff20: 0001 f9d564f0 f9d564a0 0008 [ 66.946544] ff40: 85593b1c f9d56670 0800 [ 66.946546] ff60: 00457958 856a1158 0800 8572 [
Re: [RFC PATCH] fbcon: fix ypos over boundary issue
On 7/12/19 5:13 AM, Zenghui Yu wrote: > From: Feng Tiantian > > While using "top" on a CentOS guest's VNC-client, then continuously press > "Shift+PgUp", the guest kernel will get panic! Backtrace is attached below. > We tested it on 5.2.0, and the issue remains. > > [ 66.946362] Unable to handle kernel paging request at virtual address > 0e240840 > [ 66.946363] Mem abort info: > [ 66.946364] Exception class = DABT (current EL), IL = 32 bits > [ 66.946365] SET = 0, FnV = 0 > [ 66.946366] EA = 0, S1PTW = 0 > [ 66.946367] Data abort info: > [ 66.946368] ISV = 0, ISS = 0x0047 > [ 66.946368] CM = 0, WnR = 1 > [ 66.946370] swapper pgtable: 64k pages, 48-bit VAs, pgd = 0966 > [ 66.946372] [0e240840] *pgd=00023ffe0003, > *pud=00023ffe0003, *pmd=00023ffd0003, *pte= > [ 66.946378] Internal error: Oops: 9647 [#1] SMP > [ 66.946379] Modules linked in: vfat fat crc32_ce ghash_ce sg sha2_ce > sha256_arm64 virtio_balloon virtio_net sha1_ce ip_tables ext4 mbcache jbd2 > virtio_gpu drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm > drm i2c_core virtio_scsi virtio_pci virtio_mmio virtio_ring virtio > [ 66.946403] CPU: 0 PID: 1035 Comm: top Not tainted 4.14.0-49.el7a.aarch64 > #1 > [ 66.946404] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 > [ 66.946405] task: 8001c18fdc00 task.stack: 0d4e > [ 66.946409] PC is at sys_imageblit+0x40c/0x1 [sysimgblt] > [ 66.946431] LR is at drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] > [ 66.946433] pc : [] lr : [] pstate: > 0005 > [ 66.946433] sp : 0d4ef7f0 > [ 66.946434] x29: 0d4ef7f0 x28: 01ff > [ 66.946436] x27: 8001c1c88100 x26: 0001 > [ 66.946438] x25: 01f0 x24: 0018 > [ 66.946440] x23: x22: 0d4ef978 > [ 66.946442] x21: 0e240840 x20: > [ 66.946444] x19: 8001c98c9000 x18: f9d56670 > [ 66.946445] x17: x16: > [ 66.946447] x15: 0008 x14: 1b20202020202020 > [ 66.946449] x13: 01f0 x12: 003e > [ 66.946450] x11: 000f x10: 8001c840 > [ 66.946452] x9 : 00aa x8 : 0001 > [ 66.946454] x7 : 020b0090 x6 : 0001 > [ 66.946456] x5 : x4 : > [ 66.946457] x3 : 8001c840 x2 : 0e240840 > [ 66.946459] x1 : 01ef x0 : 0007 > [ 66.946461] Process top (pid: 1035, stack limit = 0x0d4e) > [ 66.946462] Call trace: > [ 66.946464] Exception stack(0x0d4ef6b0 to 0x0d4ef7f0) > [ 66.946465] f6a0: 0007 > 01ef > [ 66.946467] f6c0: 0e240840 8001c840 > > [ 66.946468] f6e0: 0001 020b0090 0001 > 00aa > [ 66.946470] f700: 8001c840 000f 003e > 01f0 > [ 66.946471] f720: 1b20202020202020 0008 > > [ 66.946472] f740: f9d56670 8001c98c9000 > 0e240840 > [ 66.946474] f760: 0d4ef978 0018 > 01f0 > [ 66.946475] f780: 0001 8001c1c88100 01ff > 0d4ef7f0 > [ 66.946476] f7a0: 02202e74 0d4ef7f0 020a040c > 0005 > [ 66.946478] f7c0: 0d4ef7e0 080ea614 0001 > 08152f08 > [ 66.946479] f7e0: 0d4ef7f0 020a040c > [ 66.946481] [] sys_imageblit+0x40c/0x1 [sysimgblt] > [ 66.946501] [] drm_fb_helper_sys_imageblit+0x28/0x4c > [drm_kms_helper] > [ 66.946510] [] virtio_gpu_3d_imageblit+0x2c/0x78 > [virtio_gpu] > [ 66.946515] [] bit_putcs+0x288/0x49c > [ 66.946517] [] fbcon_putcs+0x114/0x148 > [ 66.946519] [] do_update_region+0x118/0x19c > [ 66.946521] [] do_con_trol+0x114c/0x1314 > [ 66.946523] [] do_con_write.part.22+0x1d8/0x890 > [ 66.946525] [] con_write+0x84/0x8c > [ 66.946527] [] n_tty_write+0x19c/0x408 > [ 66.946529] [] tty_write+0x150/0x270 > [ 66.946532] [] __vfs_write+0x58/0x180 > [ 66.946534] [] vfs_write+0xa8/0x1a0 > [ 66.946536] [] SyS_write+0x60/0xc0 > [ 66.946537] Exception stack(0x0d4efec0 to 0x0d4f) > [ 66.946539] fec0: 0001 00457958 0800 > > [ 66.946540] fee0: fbad2885 0bd0 8556add4 > > [ 66.946541] ff00: 0040 00434a88 > 0012 > [ 66.946543] ff20: 0001 f9d564f0 f9d564a0 > 0008 > [ 66.946544] ff40: 85593b1c
[RFC PATCH] fbcon: fix ypos over boundary issue
From: Feng Tiantian While using "top" on a CentOS guest's VNC-client, then continuously press "Shift+PgUp", the guest kernel will get panic! Backtrace is attached below. We tested it on 5.2.0, and the issue remains. [ 66.946362] Unable to handle kernel paging request at virtual address 0e240840 [ 66.946363] Mem abort info: [ 66.946364] Exception class = DABT (current EL), IL = 32 bits [ 66.946365] SET = 0, FnV = 0 [ 66.946366] EA = 0, S1PTW = 0 [ 66.946367] Data abort info: [ 66.946368] ISV = 0, ISS = 0x0047 [ 66.946368] CM = 0, WnR = 1 [ 66.946370] swapper pgtable: 64k pages, 48-bit VAs, pgd = 0966 [ 66.946372] [0e240840] *pgd=00023ffe0003, *pud=00023ffe0003, *pmd=00023ffd0003, *pte= [ 66.946378] Internal error: Oops: 9647 [#1] SMP [ 66.946379] Modules linked in: vfat fat crc32_ce ghash_ce sg sha2_ce sha256_arm64 virtio_balloon virtio_net sha1_ce ip_tables ext4 mbcache jbd2 virtio_gpu drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm i2c_core virtio_scsi virtio_pci virtio_mmio virtio_ring virtio [ 66.946403] CPU: 0 PID: 1035 Comm: top Not tainted 4.14.0-49.el7a.aarch64 #1 [ 66.946404] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 66.946405] task: 8001c18fdc00 task.stack: 0d4e [ 66.946409] PC is at sys_imageblit+0x40c/0x1 [sysimgblt] [ 66.946431] LR is at drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] [ 66.946433] pc : [] lr : [] pstate: 0005 [ 66.946433] sp : 0d4ef7f0 [ 66.946434] x29: 0d4ef7f0 x28: 01ff [ 66.946436] x27: 8001c1c88100 x26: 0001 [ 66.946438] x25: 01f0 x24: 0018 [ 66.946440] x23: x22: 0d4ef978 [ 66.946442] x21: 0e240840 x20: [ 66.946444] x19: 8001c98c9000 x18: f9d56670 [ 66.946445] x17: x16: [ 66.946447] x15: 0008 x14: 1b20202020202020 [ 66.946449] x13: 01f0 x12: 003e [ 66.946450] x11: 000f x10: 8001c840 [ 66.946452] x9 : 00aa x8 : 0001 [ 66.946454] x7 : 020b0090 x6 : 0001 [ 66.946456] x5 : x4 : [ 66.946457] x3 : 8001c840 x2 : 0e240840 [ 66.946459] x1 : 01ef x0 : 0007 [ 66.946461] Process top (pid: 1035, stack limit = 0x0d4e) [ 66.946462] Call trace: [ 66.946464] Exception stack(0x0d4ef6b0 to 0x0d4ef7f0) [ 66.946465] f6a0: 0007 01ef [ 66.946467] f6c0: 0e240840 8001c840 [ 66.946468] f6e0: 0001 020b0090 0001 00aa [ 66.946470] f700: 8001c840 000f 003e 01f0 [ 66.946471] f720: 1b20202020202020 0008 [ 66.946472] f740: f9d56670 8001c98c9000 0e240840 [ 66.946474] f760: 0d4ef978 0018 01f0 [ 66.946475] f780: 0001 8001c1c88100 01ff 0d4ef7f0 [ 66.946476] f7a0: 02202e74 0d4ef7f0 020a040c 0005 [ 66.946478] f7c0: 0d4ef7e0 080ea614 0001 08152f08 [ 66.946479] f7e0: 0d4ef7f0 020a040c [ 66.946481] [] sys_imageblit+0x40c/0x1 [sysimgblt] [ 66.946501] [] drm_fb_helper_sys_imageblit+0x28/0x4c [drm_kms_helper] [ 66.946510] [] virtio_gpu_3d_imageblit+0x2c/0x78 [virtio_gpu] [ 66.946515] [] bit_putcs+0x288/0x49c [ 66.946517] [] fbcon_putcs+0x114/0x148 [ 66.946519] [] do_update_region+0x118/0x19c [ 66.946521] [] do_con_trol+0x114c/0x1314 [ 66.946523] [] do_con_write.part.22+0x1d8/0x890 [ 66.946525] [] con_write+0x84/0x8c [ 66.946527] [] n_tty_write+0x19c/0x408 [ 66.946529] [] tty_write+0x150/0x270 [ 66.946532] [] __vfs_write+0x58/0x180 [ 66.946534] [] vfs_write+0xa8/0x1a0 [ 66.946536] [] SyS_write+0x60/0xc0 [ 66.946537] Exception stack(0x0d4efec0 to 0x0d4f) [ 66.946539] fec0: 0001 00457958 0800 [ 66.946540] fee0: fbad2885 0bd0 8556add4 [ 66.946541] ff00: 0040 00434a88 0012 [ 66.946543] ff20: 0001 f9d564f0 f9d564a0 0008 [ 66.946544] ff40: 85593b1c f9d56670 0800 [ 66.946546] ff60: 00457958 856a1158 0800 8572 [ 66.946547] ff80: 856f604c 00436000 [ 66.946548] ffa0:
