New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 911328 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
stevehuang@chromium.org
kbleicher@chromium.org
krk@google.com
dgagnon@chromium.org
marc...@chromium.org
tfiga@chromium.org
diand...@chromium.org
semenzato@chromium.org
grundler@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

crash in _raw_spin_lock from rk_iommu_zap in M71

Project Member Reported by stevehuang@chromium.org, Dec 3 
Most recent 71.0.3578.71 (11151.45.0) under "bad_magic" kernel crash bucket has a significant stable signature affecting 25 users for boards in RK3399 platform (other signatures are all affecting only 1 unique user). Signature is "spin_dump+0x78/0xac".

https://crash.corp.google.com/browse?q=product_name%3D%27ChromeOS%27+AND+EXISTS+%28SELECT+1+FROM+UNNEST%28productdata%29+WHERE+Key%3D%27exec_name%27+AND+Value%3D%27kernel%27%29+AND+stable_signature%3D%27spin_dump%2B0x78%2F0xac%27+AND+product.Version%3D%2711151.45.0%27#samplereports

Comment 1 by semenzato@chromium.org, Dec 4

Cc: diand...@chromium.org marc...@chromium.org
Summary: crash in _raw_spin_lock from rk_iommu_zap in M71 (was: "Bad_magic" Kernel bucket Crash on M71)
Stephane can you help direct this one?  Thanks!  (Also copying Doug FYI).

Sample report:

https://crash.corp.google.com/browse?stbtiq=d203a2950b6f9d86%20

This one has two crashes:

<0>[ 6.207350] Internal error: Oops: 96000004 [#1] PREEMPT SMP
...
<0>[ 6.210028] Call trace:
<4>[ 6.210035] [<ffffffc00027b974>] spin_dump+0x78/0xac
<4>[ 6.210040] [<ffffffc00027b8f0>] spin_bug+0x2c/0x38
<4>[ 6.210046] [<ffffffc00030c06c>] do_raw_spin_lock+0xa4/0x150
<4>[ 6.210052] [<ffffffc000956754>] _raw_spin_lock+0x2c/0x38
<4>[ 6.210058] [<ffffffc000596d84>] rk_iommu_zap_iova+0x50/0xf8
<4>[ 6.210062] [<ffffffc000596864>] rk_iommu_map+0x2bc/0x384
<4>[ 6.210066] [<ffffffc000591c7c>] iommu_map+0xe4/0x1b8
<4>[ 6.210070] [<ffffffc000591fb4>] default_iommu_map_sg+0xa4/0x100
<4>[ 6.210076] [<ffffffc0005c8ea8>] rockchip_gem_iommu_map+0x8c/0x10c
<4>[ 6.210081] [<ffffffc0005c8634>] rockchip_gem_create_object+0x1a8/0x280
<4>[ 6.210086] [<ffffffc0005c8a58>] rockchip_gem_create_with_handle+0x34/0x84
<4>[ 6.210090] [<ffffffc0005c8b10>] rockchip_gem_create_ioctl+0x34/0x4c
<4>[ 6.210096] [<ffffffc0007cfe30>] drm_ioctl+0x1f4/0x42c
<4>[ 6.210101] [<ffffffc0005c08ec>] drm_compat_ioctl+0x30/0x84
<4>[ 6.210108] [<ffffffc0003bac7c>] compat_SyS_ioctl+0x3b4/0x1b34
<4>[ 6.210113] [<ffffffc000203e60>] __sys_trace_return+0x0/0x4

and:

<0>[ 6.207313] BUG: spinlock bad magic on CPU#4, DrmThread/1804
<1>[ 6.207331] Unable to handle kernel paging request at virtual address dead4ead000004c0

<0>[ 6.210028] Call trace:
<4>[ 6.210035] [<ffffffc00027b974>] spin_dump+0x78/0xac
<4>[ 6.210040] [<ffffffc00027b8f0>] spin_bug+0x2c/0x38
<4>[ 6.210046] [<ffffffc00030c06c>] do_raw_spin_lock+0xa4/0x150
<4>[ 6.210052] [<ffffffc000956754>] _raw_spin_lock+0x2c/0x38
<4>[ 6.210058] [<ffffffc000596d84>] rk_iommu_zap_iova+0x50/0xf8
<4>[ 6.210062] [<ffffffc000596864>] rk_iommu_map+0x2bc/0x384
<4>[ 6.210066] [<ffffffc000591c7c>] iommu_map+0xe4/0x1b8
<4>[ 6.210070] [<ffffffc000591fb4>] default_iommu_map_sg+0xa4/0x100
<4>[ 6.210076] [<ffffffc0005c8ea8>] rockchip_gem_iommu_map+0x8c/0x10c
<4>[ 6.210081] [<ffffffc0005c8634>] rockchip_gem_create_object+0x1a8/0x280
<4>[ 6.210086] [<ffffffc0005c8a58>] rockchip_gem_create_with_handle+0x34/0x84
<4>[ 6.210090] [<ffffffc0005c8b10>] rockchip_gem_create_ioctl+0x34/0x4c
<4>[ 6.210096] [<ffffffc0007cfe30>] drm_ioctl+0x1f4/0x42c
<4>[ 6.210101] [<ffffffc0005c08ec>] drm_compat_ioctl+0x30/0x84
<4>[ 6.210108] [<ffffffc0003bac7c>] compat_SyS_ioctl+0x3b4/0x1b34
<4>[ 6.210113] [<ffffffc000203e60>] __sys_trace_return+0x0/0x4


Steve, how bad is this one---i.e. what's the overall fraction of kernel crashes with this signature?

Comment 2 by diand...@chromium.org, Dec 4

Cc: tfiga@chromium.org

Comment 3 by stevehuang@chromium.org, Dec 4 

Hi Luigi,

I'm calling it out based on the stable signature "spin_dump+0x78/0xac". For 71.0.3578.71 (11151.45.0) this signature is about 1.78% of all the stable signatures. However it is the top signature crash that is identifiable for this version (per link below) and it is affecting platform specific, thus I called it out.

https://crash.corp.google.com/browse?q=product_name%3D%27ChromeOS%27+AND+EXISTS+%28SELECT+1+FROM+UNNEST%28productdata%29+WHERE+Key%3D%27exec_name%27+AND+Value%3D%27kernel%27%29+AND+product.Version%3D%2711151.45.0%27

Sign in to add a comment