[Bug 280601] bhyve: pci_xhci: portregs_write to unpowered port 1 : it seems that this bug still exists in some Linux distros...

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 280601] pci_xhci: portregs_write to unpowered port 1 : it seems that this bug still exists in some Linux distros..."
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 26 Aug 2024 14:56:33 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280601

Dan McDonald <danmcd@kebe.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |danmcd@kebe.com

--- Comment #1 from Dan McDonald <danmcd@kebe.com> ---
A SmartOS/Triton customer of ours recently had a bhyve SEGV with a null pointer
in umouse_request(), and they believe it's related to the same argument(s):

core 'bhyve.d9dfc9b6-48b9-4ad0-8c98-a5d55595cff6.838696.1721807899.core' of
838696:     /usr/sbin/bhyve -D -H -c cpus=2 -m 8192 -l
bootrom,/usr/share/bhyve/uefi-rom.bi
argv[0]: /usr/sbin/bhyve
argv[1]: -D
argv[2]: -H
argv[3]: -c
<SNIP!>
argv[19]: -s
argv[20]: 30,xhci,tablet
<SNIP!>

I have an illumos corefile (complete with CTF information) if that'll help.  I
do not know if I can share it due to customer-confidential information, but I
can examine any structures or threads:

mdb bhyve.d9dfc9b6-48b9-4ad0-8c98-a5d55595cff6.838696.1721807899.core
> ::status
debugging core file of bhyve (64-bit) from d9dfc9b6-48b9-4ad0-8c98-a5d55595cff6
initial argv: /usr/sbin/bhyve -D -H -c cpus=2 -m 8192 -l
bootrom,/usr/share/bhyve/uefi-rom.bi
threading model: native threads
status: process terminated by SIGSEGV (Segmentation Fault), addr=8
> $C
fffffaffea6daa80 umouse_request+0x53b(163ee80, 1748e10)
fffffaffea6dab60 pci_xhci_handle_transfer+0x569(1744e50, 1642950, 1642988,
fffffaffb9b6b020, fffffaffb9b6d750, 1)
fffffaffea6dac10 pci_xhci_device_doorbell+0x449(1744e50, 1, 1, 0)
fffffaffea6dac60 pci_xhci_dbregs_write+0x97(1744e50, 4a4, 1)
fffffaffea6dacc0 pci_xhci_write+0x126(1743c90, 0, 4a4, 4, 1)
fffffaffea6dad30 pci_emul_mem_handler+0xf9(163dfb0, 2, c00064a4, 4,
fffffaffea6dad58, 1743c90)
fffffaffea6dad90 mem_write+0x3e(163dfb0, c00064a4, 1, 4, 1746f70)
fffffaffea6dadc0 emulate_mem_cb+0x44(163dfb0, c00064a4, 1746f70,
fffffaffea6dae60)
fffffaffea6dae30 access_memory+0xe0(163dfb0, c00064a4, 433ce0,
fffffaffea6dae60)
fffffaffea6dae50 emulate_mem+0x21(163dfb0, fffffaffea6dae60)
fffffaffea6daeb0 vmexit_mmio+0x47(1637200, 163dfb0, fffffaffea6daee0)
fffffaffea6daf60 vm_loop+0x9f(1637200, 163dfb0)
fffffaffea6dafb0 fbsdrun_start_thread+0x59(163cf90)
fffffaffea6dafe0 libc.so.1`_thrp_setup+0x77(fffffaffeeed8a40)
fffffaffea6daff0 libc.so.1`_lwp_start()
> 


We pulled in the very fix (275760) in illumos bhyve as:

commit 7339efaf624a8e5f02c5b86895cabbcc57f2649f
Author: Peter Grehan <grehan@FreeBSD.org>
Date:   Thu May 23 09:16:31 2024 +0000

    16579 bhyve: xhci tablet device probe fails under recent Linux kernels
    Reviewed by: Marco van Wieringen <marco.van.wieringen@planets.elm.net>
    Reviewed by: Patrick Mooney <pmooney@pfmooney.com>
    Reviewed by: Andy Fiddaman <illumos@fiddaman.net>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Approved by: Dan McDonald <danmcd@mnx.io>

 usr/src/cmd/bhyve/usb_mouse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

too, so I'm adding myself to watch this bug.

-- 
You are receiving this mail because:
You are the assignee for the bug.