search

FreeBSDDesktop / kms-drm

the DRM part of the linuxkpi-based KMS
63 stars 26 forks source link

intel_gmch_probe(): Panic on kldload /boot/modules/i915kms.ko [drm-fbsd11.2-kmod 4.11g20200221] #225

Closed saper closed 4 years ago

saper commented 4 years ago

This is a pretty old Sony Vaio Z machine with

FreeBSD 11.3-STABLE #0 r356413: Mon Jan  6 23:59:20 CET 2020
    saper@radziecki:/usr/obj/usr/src/sys/VAIO amd64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(vga): resolution 640x480
CPU microcode: updated from 0x60c to 0x60f
CPU: Intel(R) Core(TM)2 Duo CPU     P9500  @ 2.53GHz (2527.06-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x10676  Family=0x6  Model=0x17  Stepping=6
  Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  Features2=0x8e3fd<SSE3,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1>
  AMD Features=0x20100800<SYSCALL,NX,LM>
  AMD Features2=0x1<LAHF>
  VT-x: HLT,PAUSE
  TSC: P-state invariant, performance statistics

It has two cards, Intel GM45 and Nvidia

[ 54.818] (--) PCI: (0:0:2:0) 8086:2a42:104d:9025 rev 7, Mem @ 0xe8400000/4194304, 0xd0000000/268435456, I/O @ 0x00008130/8, BIOS @ 0x????????/65536 [ 54.818] (--) PCI: (0:1:0:0) 10de:06e5:104d:9025 rev 161, Mem @ 0xe4000000/16777216, 0xc0000000/268435456, 0xe2000000/33554432, I/O @ 0x00007000/128, BIOS @ 0x????????/65536

[ 62.297] (--) intel(0): Integrated Graphics Chipset: Intel(R) GM45

Everything works fine with modules from base. Can't upgrade to 12.x due to an issue with uhso(4) driver.

I guess my graphics card is too old to be supported, but still we should not just crash.

When I kldload the module, the system panics:

(kgdb) bt
#0  doadump () at pcpu.h:234
#1  0xffffffff80b154b8 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:388
#2  0xffffffff80b158d8 in vpanic (fmt=<value optimized out>, ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:784
#3  0xffffffff80b15713 in panic (fmt=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:715
#4  0xffffffff80fa5730 in trap_fatal (frame=<value optimized out>, eva=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:899
#5  0xffffffff80fa5779 in trap_pfault (frame=0xfffffe011cec3280, usermode=0) at pcpu.h:234
#6  0xffffffff80fa4e0d in trap (frame=0xfffffe011cec3280) at /usr/src/sys/amd64/amd64/trap.c:438
#7  0xffffffff80f84613 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:288
#8  0xffffffff82d995a0 in readl () from /boot/modules/i915kms.ko
#9  0xffffffff82d994f4 in intel_gmch_probe () from /boot/modules/i915kms.ko
#10 0xffffffff82cc39e2 in i915_gmch_probe () from /boot/modules/i915kms.ko
#11 0xffffffff82cc3677 in i915_ggtt_probe_hw () from /boot/modules/i915kms.ko
#12 0xffffffff82c97450 in i915_driver_init_hw () from /boot/modules/i915kms.ko
#13 0xffffffff82c96dcf in i915_driver_load () from /boot/modules/i915kms.ko
#14 0xffffffff82cea97b in i915_pci_probe () from /boot/modules/i915kms.ko
#15 0xffffffff82eff944 in linux_pci_attach () from /boot/kernel/linuxkpi.ko
#16 0xffffffff80b4efac in device_attach (dev=0xfffff800a34f2c00) at device_if.h:180
#17 0xffffffff80b50b09 in bus_generic_driver_added (dev=0xfffff80003987400, driver=<value optimized out>) at /usr/src/sys/kern/subr_bus.c:2864
#18 0xffffffff80b4ccca in devclass_driver_added (dc=0xfffff80003a23980, driver=0xffffffff82e4fbe8) at bus_if.h:204
#19 0xffffffff80b4cc35 in devclass_add_driver (dc=0xfffff80003a23980, driver=0xffffffff82e4fbe8, pass=2147483647, dcp=0xffffffff82e4fc18) at /usr/src/sys/kern/subr_bus.c:1170
#20 0xffffffff82eff2cb in _linux_pci_register_driver () from /boot/kernel/linuxkpi.ko
#21 0xffffffff82cea898 in i915_init () from /boot/modules/i915kms.ko
#22 0xffffffff82cea7d7 in _module_run () from /boot/modules/i915kms.ko
#23 0xffffffff80ae8c21 in linker_load_module (kldname=<value optimized out>, modname=0x0, parent=0x0, verinfo=<value optimized out>, lfpp=<value optimized out>) at /usr/src/sys/kern/kern_linker.c:234
#24 0xffffffff80aea3df in kern_kldload (td=<value optimized out>, file=<value optimized out>, fileid=0xfffffe011cec3a64) at /usr/src/sys/kern/kern_linker.c:1068
#25 0xffffffff80aea4fb in sys_kldload (td=0xfffff80009fd3620, uap=<value optimized out>) at /usr/src/sys/kern/kern_linker.c:1094
#26 0xffffffff80fa6816 in amd64_syscall (td=0xfffff80009fd3620, traced=0) at src/sys/amd64/amd64/../../kern/subr_syscall.c:132
#27 0xffffffff80f84f20 in fast_syscall_common () at /usr/src/sys/amd64/amd64/exception.S:571
#28 0x000000080087028a in ?? ()

drm-fbsd11.2-kmod 4.11g20200221 has been build from ports with make WITH_DEBUG=true install

I have moved away the base modules from /boot/kernel but still kgdb cannot find symbols in the modules installed from ports.

Analysis

intel_private.registers = NULL;

at https://github.com/FreeBSDDesktop/kms-drm/blob/drm-v4.11-fbsd11.2/i915/intel_freebsd.c#L101

and then we try to readl():

        readl(intel_private.registers + AGP_I810_PGTBL_CTL) &
    ~AGP_I810_PGTBL_ENABLED;

https://github.com/FreeBSDDesktop/kms-drm/blob/drm-v4.11-fbsd11.2/i915/intel_freebsd.c#L107

AGP_I810_PGTBL_CTL is defined to be 0x2020, and here is what readl() is trying to do:

(kgdb) frame 8
#8  0xffffffff82d995a0 in readl () from /boot/modules/i915kms.ko
(kgdb) disass readl
Dump of assembler code for function readl:
0xffffffff82c92c20 <readl+0>:   push   %rbp
0xffffffff82c92c21 <readl+1>:   mov    %rsp,%rbp
0xffffffff82c92c24 <readl+4>:   sub    $0x10,%rsp
0xffffffff82c92c28 <readl+8>:   mov    %rdi,-0x8(%rbp)
0xffffffff82c92c2c <readl+12>:  mov    -0x8(%rbp),%rdi
0xffffffff82c92c30 <readl+16>:  mov    (%rdi),%eax
0xffffffff82c92c32 <readl+18>:  mov    %eax,-0xc(%rbp)
0xffffffff82c92c35 <readl+21>:  mov    -0xc(%rbp),%eax
0xffffffff82c92c38 <readl+24>:  add    $0x10,%rsp
0xffffffff82c92c3c <readl+28>:  pop    %rbp
0xffffffff82c92c3d <readl+29>:  retq   
0xffffffff82c92c3e <readl+30>:  xchg   %ax,%ax
End of assembler dump.
(kgdb) info reg
rax            0x0  0
rbx            0x0  0
rcx            0x2020   8224
rdx            0xffffffff82e44df3   -2098967053
rsi            0x1  1
rdi            0x2020   8224
rbp            0xfffffe011cec3350   0xfffffe011cec3350
rsp            0xfffffe011cec3340   0xfffffe011cec3340
r8             0xffffffff82e44e04   -2098967036
r9             0xd0000000   3489660928
r10            0xffffffff82e44dd9   -2098967079
r11            0xfffffe011cec3400   -2194243046400
r12            0xfffff800a34d0900   -8793353287424
r13            0xfffff80003987400   -8796032699392
r14            0xfffff80003bb3500   -8796030421760
r15            0xfffff800a34f2c00   -8793353147392
rip            0xffffffff82d995a0   0xffffffff82d995a0 <readl+16>
eflags         0x10282  66178
cs             0x20 32
ss             0x28 40
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0

Trying to write to location 0x2020 ends up badly. intel_gmch_probe() looks incomplete to me.

saper commented 4 years ago

Looks like #73 should be backported to the 11.2 branch

saper commented 4 years ago

226 fixes this for me

zeising commented 4 years ago

226 is merged, is this still relevant?

zeising commented 4 years ago

Feedback timeout.