Regressions on arm64 Dragonboard 845c boot failed with stable-rc 6.13.8-rc1 Regressions found on Dragonboard 845c : - boot (debug Kconfigs) Regression Analysis: - New regression? Not sure. But the crash looks new. - Reproducible? Intermittent Since it is not easy to reproduce this crash, it is hard to bisect. Boot regression: Dragonboard 845c kernel NULL pointer dereference Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx> ## Boot log [ 7.871211] xhci-pci-renesas 0000:01:00.0: failed to load firmware renesas_usb_fw.mem, fallback to ROM [ 7.877652] CAN device driver interface [ 7.879182] Bluetooth: hci0: setting up wcn399x [ 7.884439] Bluetooth: HCI UART protocol Marvell registered [ 7.890767] xhci-pci-renesas 0000:01:00.0: xHCI Host Controller [ 7.938433] xhci-pci-renesas 0000:01:00.0: new USB bus registered, assigned bus number 3 [ 7.941274] spi_master spi0: will run message pump with realtime priority [ 7.946642] xhci-pci-renesas 0000:01:00.0: Zeroing 64bit base registers, expecting fault [ 7.969396] ath10k_snoc 18800000.wifi: Adding to iommu group 16 [ 7.983424] mcp251xfd spi0.0 can0: MCP2517FD rev0.0 (-RX_INT -PLL +MAB_NO_WARN +CRC_REG +CRC_RX +CRC_TX +ECC -HD o:40.00MHz c:40.00MHz m:10.00MHz rs:10.00MHz es:0.00MHz rf:10.00MHz ef:0.00MHz) successfully initialized. [ 7.987793] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030 [ 8.001412] ath10k_snoc 18800000.wifi: supply vdd-3.3-ch1 not found, using dummy regulator [ 8.004533] Bluetooth: hci0: QCA Product ID :0x0000000a [ 8.015039] Mem abort info: [ 8.020189] Bluetooth: hci0: QCA SOC Version :0x40010214 [ 8.020197] Bluetooth: hci0: QCA ROM Version :0x00000201 [ 8.020204] Bluetooth: hci0: QCA Patch Version:0x00000001 [ 8.025657] ESR = 0x0000000096000006 [ 8.039667] Bluetooth: hci0: QCA controller version 0x02140201 [ 8.044983] EC = 0x25: DABT (current EL), IL = 32 bits [ 8.044988] SET = 0, FnV = 0 [ 8.044990] EA = 0, S1PTW = 0 [ 8.044992] FSC = 0x06: level 2 translation fault [ 8.044995] Data abort info: [ 8.044997] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 [ 8.044999] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 8.045002] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 8.045004] user pgtable: 4k pages, 48-bit VAs, pgdp=000000010cbec000 [ 8.045007] [0000000000000030] pgd=080000010cbf4403, p4d=080000010cbf4403, pud=080000010cbf5403, pmd=0000000000000000 [ 8.045019] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP [ 8.045022] Modules linked in: venus_enc venus_dec ath10k_snoc mcp251xfd videobuf2_dma_contig ath10k_core lontium_lt9611(+) xhci_pci_renesas(+) can_dev ath msm leds_qcom_lpg mac80211 qcom_pbs hci_uart ocmem rtc_pm8xxx btqca drm_exec led_class_multicolor gpu_sched snd_soc_sdm845 qcom_pon qcom_spmi_temp_alarm drm_dp_aux_bus snd_soc_rt5663 drm_display_helper qcom_spmi_adc5 btbcm snd_soc_qcom_sdw drm_client_lib qcom_camss camcc_sdm845 qcom_vadc_common snd_soc_qcom_common snd_soc_rl6231 videobuf2_dma_sg qcom_stats crct10dif_ce coresight_stm soundwire_bus videobuf2_memops reset_qcom_pdc cfg80211 venus_core phy_qcom_qmp_combo bluetooth aux_bridge v4l2_mem2mem videobuf2_v4l2 i2c_qcom_geni pwrseq_core spi_geni_qcom videobuf2_common typec qcom_rng gpi phy_qcom_qmp_usb qcom_q6v5_mss stm_core qcrypto icc_osm_l3 ufs_qcom phy_qcom_qmp_ufs phy_qcom_qmp_pcie lmh rfkill slim_qcom_ngd_ctrl qrtr slimbus pdr_interface qcom_pdr_msg qcom_wdt llcc_qcom qcom_q6v5_pas icc_bwmon qcom_pil_info qcom_q6v5 display_connector qcom_sysmon qcom_common [ 8.045106] drm_kms_helper qcom_glink_smem mdt_loader qmi_helpers drm backlight socinfo rmtfs_mem [ 8.045116] CPU: 7 UID: 0 PID: 430 Comm: v4l_id Not tainted 6.13.8-rc1 #1 [ 8.045119] Hardware name: Thundercomm Dragonboard 845c (DT) [ 8.045121] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 8.045123] pc : camss_find_sensor+0x24/0x80 qcom_camss [ 8.045141] lr : camss_get_pixel_clock+0x20/0x70 qcom_camss [ 8.045152] sp : ffff80008177b8b0 [ 8.045153] x29: ffff80008177b8b0 x28: ffff80008177bc30 x27: ffff6d63004043c0 [ 8.045157] x26: 0000000000000000 x25: 0000000000000000 x24: ffff80008177b908 [ 8.045161] x23: ffff6d630d1f5e48 x22: ffff6d630d1f7a98 x21: ffff80008177b920 [ 8.045164] x20: 0000000000000003 x19: 0000000000020001 x18: 0000000000000000 [ 8.045167] x17: 0000000000000000 x16: ffffceec8fe80380 x15: 0000000000000000 [ 8.045170] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000001 [ 8.045173] x11: ffff6d6301abd000 x10: 0000000000000c80 x9 : ffffceec20623b90 [ 8.045177] x8 : ffff80008177b7b8 x7 : 0000000000000000 x6 : 0000000000000001 [ 8.045179] x5 : ffff6d630d1f7158 x4 : 000000000fffffff x3 : ffff6d630d1f7028 [ 8.045183] x2 : ffff6d630d1f6568 x1 : ffff80008177b920 x0 : 0000000000000000 [ 8.045186] Call trace: [ 8.045188] camss_find_sensor+0x24/0x80 qcom_camss (P) [ 8.045200] camss_get_pixel_clock+0x20/0x70 qcom_camss [ 8.045210] vfe_get+0xcc/0x530 qcom_camss [ 8.049208] Bluetooth: hci0: QCA Downloading qca/crbtfw21.tlv [ 8.054874] vfe_set_power+0x38/0x68 qcom_camss [ 8.054886] pipeline_pm_power_one (drivers/media/v4l2-core/v4l2-mc.c:492 (discriminator 12)) [ 8.054894] pipeline_pm_power (drivers/media/v4l2-core/v4l2-mc.c:529) [ 8.054896] v4l2_pipeline_pm_use (drivers/media/v4l2-core/v4l2-mc.c:557) [ 8.054899] v4l2_pipeline_pm_get (drivers/media/v4l2-core/v4l2-mc.c:569) [ 8.054902] video_open+0x7c/0x100 qcom_camss [ 8.054913] v4l2_open (drivers/media/v4l2-core/v4l2-dev.c:434) [ 8.054918] chrdev_open (fs/char_dev.c:414) [ 8.054924] do_dentry_open (fs/open.c:945) [ 8.054928] vfs_open (fs/open.c:1075) [ 8.054932] path_openat (fs/namei.c:3828 fs/namei.c:3987) [ 8.054935] do_filp_open (fs/namei.c:4014) [ 8.054938] do_sys_openat2 (fs/open.c:1402) [ 8.054941] __arm64_sys_openat (fs/open.c:1428) [ 8.054945] invoke_syscall (arch/arm64/include/asm/current.h:19 arch/arm64/kernel/syscall.c:54) [ 8.054950] el0_svc_common.constprop.0 (include/linux/thread_info.h:135 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) [ 8.054954] do_el0_svc (arch/arm64/kernel/syscall.c:152) [ 8.054957] el0_svc (arch/arm64/include/asm/irqflags.h:82 (discriminator 1) arch/arm64/include/asm/irqflags.h:123 (discriminator 1) arch/arm64/include/asm/irqflags.h:136 (discriminator 1) arch/arm64/kernel/entry-common.c:165 (discriminator 1) arch/arm64/kernel/entry-common.c:178 (discriminator 1) arch/arm64/kernel/entry-common.c:745 (discriminator 1)) [ 8.054962] el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:763) [ 8.054965] el0t_64_sync (arch/arm64/kernel/entry.S:600) [ 8.054969] Code: f9000bf3 52800033 72a00053 f9402400 (f9401801) All code ======== 0: f9000bf3 str x19, [sp, #16] 4: 52800033 mov w19, #0x1 // #1 8: 72a00053 movk w19, #0x2, lsl #16 c: f9402400 ldr x0, [x0, #72] 10:* f9401801 ldr x1, [x0, #48] <-- trapping instruction Code starting with the faulting instruction =========================================== 0: f9401801 ldr x1, [x0, #48] [ 8.054972] ---[ end trace 0000000000000000 ]--- [ 8.062891] xhci-pci-renesas 0000:01:00.0: hcc params 0x014051cf hci version 0x100 quirks 0x0000000100000010 [ 8.063966] bluetooth hci0: Direct firmware load for qca/crbtfw21.tlv failed with error -2 ## Source * Kernel version: 6.13.8-rc1 * Git tree: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git * Git sha: 14de9a7d510fcfb3bd35e275eda09724bda4d440 * Git describe: v6.13.7-242-g14de9a7d510f * Project details: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.13.y/build/v6.13.7-242-g14de9a7d510f/ ## Build * Build log: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.13.y/build/v6.13.7-242-g14de9a7d510f/testrun/27687746/suite/boot/test/gcc-13-lkftconfig-debug/log * Build history: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.13.y/build/v6.13.7-242-g14de9a7d510f/testrun/27687746/suite/boot/test/gcc-13-lkftconfig-debug/history/ * Build details: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.13.y/build/v6.13.7-242-g14de9a7d510f/testrun/27687746/suite/boot/test/gcc-13-lkftconfig-debug/ * Build link: https://storage.tuxsuite.com/public/linaro/lkft/builds/2uXZp3X2U4uKizZrPK3SAiZuzXS/ * Kernel config: https://storage.tuxsuite.com/public/linaro/lkft/builds/2uXZp3X2U4uKizZrPK3SAiZuzXS/config -- Linaro LKFT https://lkft.linaro.org
