Bug 2143823

Summary: "mapping sg segment longer than device claims to support" warning on VMs using virtio_gpu with kernel 6.1
Product: [Fedora] Fedora Reporter: Adam Williamson <awilliam>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: unspecified    
Version: rawhideCC: acaringi, adscvr, airlied, alciregi, bskeggs, hdegoede, hpa, jarodwilson, jglisse, jonathan, josef, kernel-maint, lgoncalv, linville, masami256, mchehab, ptalbert, steved, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: openqa
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Adam Williamson 2022-11-18 01:33:26 UTC 
Fedora openQA Rawhide tests are frequently seeing a kernel oops/warning of this form:

[    9.329120] ------------[ cut here ]------------
[    9.329126] DMA-API: virtio-pci 0000:00:02.0: mapping sg segment longer than device claims to support [len=417792] [max=65536]
[    9.329147] WARNING: CPU: 0 PID: 315 at kernel/dma/debug.c:1160 debug_dma_map_sg+0x32c/0x380
[    9.329158] Modules linked in: virtio_net crc32c_intel sha512_ssse3 virtio_blk virtio_scsi net_failover virtio_gpu(+) virtio_console failover virtio_dma_buf serio_raw ata_generic pata_acpi ip6_tables ip_tables fuse qemu_fw_cfg
[    9.329189] CPU: 0 PID: 315 Comm: plymouthd Not tainted 6.1.0-0.rc5.20221116git59d0d52c30d4.41.fc38.x86_64 #1
[    9.329194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014
[    9.329198] RIP: 0010:debug_dma_map_sg+0x32c/0x380
[    9.329202] Code: 5c 24 10 8b 4c 24 18 48 8b 54 24 20 48 89 c6 44 8b 44 24 2c 48 c7 c7 98 b2 92 83 4c 89 5c 24 10 4c 89 4c 24 08 e8 19 76 d3 00 <0f> 0b 4c 8b 5c 24 10 4c 8b 4c 24 08 8b 15 82 b1 43 02 85 d2 0f 85
[    9.329205] RSP: 0018:ffffa771c12dfb98 EFLAGS: 00010286
[    9.329209] RAX: 0000000000000072 RBX: ffff99a5c241e0d0 RCX: 0000000000000000
[    9.329211] RDX: 0000000000000001 RSI: ffffffff83993363 RDI: 00000000ffffffff
[    9.329214] RBP: ffff99a5cb94e100 R08: 0000000000000000 R09: ffffa771c12dfa30
[    9.329216] R10: 0000000000000003 R11: ffffffff843664e8 R12: 0000000000000000
[    9.329218] R13: 0000000000000004 R14: 0000000000000004 R15: ffff99a5c13e1780
[    9.329220] FS:  00007fec05aa0740(0000) GS:ffff99a67c400000(0000) knlGS:0000000000000000
[    9.329223] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    9.329225] CR2: 00007f93d97f2270 CR3: 000000003454a000 CR4: 00000000000006f0
[    9.329230] Call Trace:
[    9.329232]  <TASK>
[    9.329243]  __dma_map_sg_attrs+0xb9/0x100
[    9.329251]  dma_map_sgtable+0x19/0x30
[    9.329255]  drm_gem_shmem_get_pages_sgt+0x8c/0xf0
[    9.329263]  virtio_gpu_object_create+0x99/0x320 [virtio_gpu]
[    9.329283]  virtio_gpu_mode_dumb_create+0xd0/0x180 [virtio_gpu]
[    9.329333]  ? drm_mode_create_dumb+0x90/0x90
[    9.329341]  drm_ioctl_kernel+0xac/0x160
[    9.329351]  drm_ioctl+0x1e7/0x450
[    9.329358]  ? drm_mode_create_dumb+0x90/0x90
[    9.329378]  __x64_sys_ioctl+0x90/0xd0
[    9.329387]  do_syscall_64+0x5b/0x80
[    9.329394]  ? lock_is_held_type+0xe8/0x140
[    9.329401]  ? lock_is_held_type+0xe8/0x140
[    9.329408]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[    9.329412]  ? lockdep_hardirqs_on+0x7d/0x100
[    9.329417]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[    9.329422] RIP: 0033:0x7fec05cda5cf
[    9.329426] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[    9.329429] RSP: 002b:00007fff09031120 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[    9.329433] RAX: ffffffffffffffda RBX: 0000000000000300 RCX: 00007fec05cda5cf
[    9.329435] RDX: 00007fff090311e0 RSI: 00000000c02064b2 RDI: 0000000000000009
[    9.329437] RBP: 00007fff090311e0 R08: 00007fec05dacc90 R09: 0000000000000300
[    9.329439] R10: 0000000000000400 R11: 0000000000000246 R12: 00000000c02064b2
[    9.329441] R13: 0000000000000009 R14: 0000000000000400 R15: 00005590a397a3b0
[    9.329458]  </TASK>
[    9.329462] irq event stamp: 43287
[    9.329471] hardirqs last  enabled at (43293): [<ffffffff8218e90e>] __up_console_sem+0x5e/0x70
[    9.329476] hardirqs last disabled at (43298): [<ffffffff8218e8f3>] __up_console_sem+0x43/0x70
[    9.329479] softirqs last  enabled at (40214): [<ffffffff821012ed>] __irq_exit_rcu+0xed/0x160
[    9.329483] softirqs last disabled at (40207): [<ffffffff821012ed>] __irq_exit_rcu+0xed/0x160
[    9.329485] ---[ end trace 0000000000000000 ]---

this is caught by abrt, which means it appears as a 'crash' and a desktop notification is shown, which causes an openQA test that asserts we don't see any unexpected desktop notifications to fail.

There doesn't seem to be any specific trigger for this - the tests where we see it just boot a freshly installed system and wait around for ten minutes to see what notifications show up. Of course, the tests run on qemu VMs with virtio_gpu graphics.

This would normally be a release blocker, but I'm witholding that nomination because I suspect the kernel is set to only produce this oops when debugging is enabled, so it would not be a problem for a stable release (these never use debugging kernels).
Comment 1 Zbigniew Jędrzejewski-Szmek 2023-01-26 14:46:10 UTC 
I'm seeing this now too with kernel-core-6.2.0-0.rc4.20230120gitd368967cb103.35.fc38.x86_64

Jan 26 15:05:27 fedora kernel: ------------[ cut here ]------------
Jan 26 15:05:27 fedora kernel: DMA-API: virtio-pci 0000:00:01.0: mapping sg segment longer than device claims to support [len=139264] [max=65536]
Jan 26 15:05:27 fedora kernel: WARNING: CPU: 1 PID: 258 at kernel/dma/debug.c:1160 debug_dma_map_sg+0x32c/0x380
Jan 26 15:05:27 fedora kernel: Modules linked in: intel_cstate(-) i2c_i801 i2c_smbus virtio_net virtio_balloon net_failover virtio_gpu(+) virtio_blk virtio_console failover virtio_dma_buf joydev serio_raw loop fuse bpf_preload qemu_fw_cfg
Jan 26 15:05:27 fedora kernel: CPU: 1 PID: 258 Comm: systemd-udevd Not tainted 6.2.0-0.rc4.20230120gitd368967cb103.35.fc38.x86_64 #1
Jan 26 15:05:27 fedora kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015
Jan 26 15:05:27 fedora kernel: RIP: 0010:debug_dma_map_sg+0x32c/0x380
Jan 26 15:05:27 fedora kernel: Code: 4c 24 10 8b 4c 24 18 48 8b 54 24 20 48 89 c6 44 8b 44 24 2c 48 c7 c7 f8 0c ac 91 4c 89 4c 24 10 4c 89 5c 24 08 e8 f3 18 e3 00 <0f> 0b 4c 8b 4c 24 10 4c 8b 5c 24 08 8b 15 52 80 60 02 85 d2 0f 85
Jan 26 15:05:27 fedora kernel: RSP: 0018:ffffa96a813bf868 EFLAGS: 00010286
Jan 26 15:05:27 fedora kernel: RAX: 0000000000000072 RBX: ffff9d1b815860d0 RCX: 0000000000000000
Jan 26 15:05:27 fedora kernel: RDX: 0000000000000001 RSI: ffffffff91b2a18e RDI: 00000000ffffffff
Jan 26 15:05:27 fedora kernel: RBP: ffff9d1b92d3f600 R08: 0000000000000000 R09: ffffa96a813bf710
Jan 26 15:05:27 fedora kernel: R10: 0000000000000003 R11: ffffffff92563aa8 R12: 00000000000001fc
Jan 26 15:05:27 fedora kernel: R13: 0000000000000200 R14: 0000000000000200 R15: ffff9d1b81609700
Jan 26 15:05:27 fedora kernel: FS:  00007f06eb3d5940(0000) GS:ffff9d1bbce00000(0000) knlGS:0000000000000000
Jan 26 15:05:27 fedora kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jan 26 15:05:27 fedora kernel: CR2: 00005648829359a8 CR3: 0000000111078006 CR4: 0000000000020ee0
Jan 26 15:05:27 fedora kernel: Call Trace:
Jan 26 15:05:27 fedora kernel:  <TASK>
Jan 26 15:05:27 fedora kernel:  __dma_map_sg_attrs+0xb9/0x100
Jan 26 15:05:27 fedora kernel:  dma_map_sgtable+0x19/0x30
Jan 26 15:05:27 fedora kernel:  drm_gem_shmem_get_pages_sgt+0x8c/0xf0
Jan 26 15:05:27 fedora kernel:  virtio_gpu_object_create+0x9d/0x300 [virtio_gpu]
Jan 26 15:05:27 fedora kernel:  virtio_gpu_mode_dumb_create+0xd0/0x180 [virtio_gpu]
Jan 26 15:05:27 fedora kernel:  drm_client_framebuffer_create+0xa2/0x220
Jan 26 15:05:27 fedora kernel:  drm_fbdev_fb_probe+0x55/0x1b0
Jan 26 15:05:27 fedora kernel:  __drm_fb_helper_initial_config_and_unlock+0x306/0x550
Jan 26 15:05:27 fedora kernel:  drm_fbdev_client_hotplug+0xa5/0x110
Jan 26 15:05:27 fedora kernel:  drm_fbdev_generic_setup+0x95/0x170
Jan 26 15:05:27 fedora kernel:  virtio_gpu_probe+0xae/0xe0 [virtio_gpu]
Jan 26 15:05:27 fedora kernel:  virtio_dev_probe+0x194/0x230
Jan 26 15:05:27 fedora kernel:  really_probe+0xde/0x380
Jan 26 15:05:27 fedora kernel:  ? pm_runtime_barrier+0x50/0x90
Jan 26 15:05:27 fedora kernel:  __driver_probe_device+0x78/0x170
Jan 26 15:05:27 fedora kernel:  driver_probe_device+0x1f/0x90
Jan 26 15:05:27 fedora kernel:  __driver_attach+0xd2/0x1c0
Jan 26 15:05:27 fedora kernel:  ? __pfx___driver_attach+0x10/0x10
Jan 26 15:05:27 fedora kernel:  bus_for_each_dev+0x76/0xa0
Jan 26 15:05:27 fedora kernel:  bus_add_driver+0x1b1/0x200
Jan 26 15:05:27 fedora kernel:  driver_register+0x89/0xe0
Jan 26 15:05:27 fedora kernel:  ? __pfx_init_module+0x10/0x10 [virtio_gpu]
Jan 26 15:05:27 fedora kernel:  do_one_initcall+0x6e/0x330
Jan 26 15:05:27 fedora kernel:  do_init_module+0x4a/0x200
Jan 26 15:05:27 fedora kernel:  __do_sys_init_module+0x16a/0x1a0
Jan 26 15:05:27 fedora kernel:  do_syscall_64+0x5b/0x80
Jan 26 15:05:27 fedora kernel:  ? sched_clock_cpu+0xb/0xc0
Jan 26 15:05:27 fedora kernel:  ? lock_release+0x143/0x430
Jan 26 15:05:27 fedora kernel:  ? up_read+0x17/0x20
Jan 26 15:05:27 fedora kernel:  ? do_user_addr_fault+0x202/0x6b0
Jan 26 15:05:27 fedora kernel:  ? lock_is_held_type+0xce/0x120
Jan 26 15:05:27 fedora kernel:  ? asm_exc_page_fault+0x22/0x30
Jan 26 15:05:27 fedora kernel:  ? lockdep_hardirqs_on+0x7d/0x100
Jan 26 15:05:27 fedora kernel:  entry_SYSCALL_64_after_hwframe+0x72/0xdc
Jan 26 15:05:27 fedora kernel: RIP: 0033:0x7f06ebcf2aee
Jan 26 15:05:27 fedora kernel: Code: 48 8b 0d 1d 03 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 af 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ea 02 0c 00 f7 d8 64 89 01 48
Jan 26 15:05:27 fedora kernel: RSP: 002b:00007ffd11a58598 EFLAGS: 00000246 ORIG_RAX: 00000000000000af
Jan 26 15:05:27 fedora kernel: RAX: ffffffffffffffda RBX: 000056488207a390 RCX: 00007f06ebcf2aee
Jan 26 15:05:27 fedora kernel: RDX: 00007f06ebe2f07d RSI: 0000000000037b66 RDI: 00005648828b4ef0
Jan 26 15:05:27 fedora kernel: RBP: 00007ffd11a58650 R08: 0000564882063030 R09: 0000000000036000
Jan 26 15:05:27 fedora kernel: R10: 0000564de6822fb3 R11: 0000000000000246 R12: 00007f06ebe2f07d
Jan 26 15:05:27 fedora kernel: R13: 0000000000020000 R14: 000056488209f5a0 R15: 0000564882066c10
Jan 26 15:05:27 fedora kernel:  </TASK>
Jan 26 15:05:27 fedora kernel: irq event stamp: 131183
Jan 26 15:05:27 fedora kernel: hardirqs last  enabled at (131195): [<ffffffff901a978e>] __up_console_sem+0x5e/0x70
Jan 26 15:05:27 fedora kernel: hardirqs last disabled at (131206): [<ffffffff901a9773>] __up_console_sem+0x43/0x70
Jan 26 15:05:27 fedora kernel: softirqs last  enabled at (130768): [<ffffffff90110e9d>] __irq_exit_rcu+0xed/0x160
Jan 26 15:05:27 fedora kernel: softirqs last disabled at (130763): [<ffffffff90110e9d>] __irq_exit_rcu+0xed/0x160
Jan 26 15:05:27 fedora kernel: ---[ end trace 0000000000000000 ]---