Hi All,
We are experiencing a general protection fault with qemu-system-i386 as follow.
This can be reproduced with kernel v5.15 and latest v6.2-rc3 as we found so far.
It would work well if we reverted the commit
2f8a21d8ff3af484a37edc8ea61d127ec1529ab5 ("target/i386: Enable AVX cpuid bits
when using TCG")
introduced since qemu 7.2.
We also tried setting cpu to Broadwell and Icelake-Server and got the same
error.
./qemu-system-i386 -object rng-random,filename=/dev/urandom,id=rng0 -device
virtio-rng-pci,rng=rng0 -drive file=/tmp/rootfs.ext4,if=virtio,format=raw -usb
-device usb-tablet -usb -device usb-kbd -cpu Haswell -machine q35,i8042=off
-smp 4 -m 8192 -m 8192 -smp cpus=8 -serial mon:stdio -serial null -nographic
-kernel /tmp/bzImage -append 'root=/dev/vda rw ip=dhcp console=ttyS0
console=ttyS1 oprofile.timer=1 tsc=reliable no_timer_check
rcupdate.rcu_expedited=1 '
[ OK ] Started System Logging Service.
[ 204.194033] traps: named[280] general protection fault ip:b7ef8545
sp:bf8d5a1c error:0
[ 204.198913] audit: type=1701 audit(1673507379.204:2): auid=4294967295
uid=997 gid=996 ses=4294967295 subj=kernel pid=280 comm="named" ex1
[ 204.219923] ------------[ cut here ]------------
[ 204.220455] Bad FPU state detected at restore_fpregs_from_fpstate+0x3a/0x78,
reinitializing FPU registers.
[ 204.221442] WARNING: CPU: 4 PID: 274 at ../arch/x86/mm/extable.c:127
fixup_exception+0x3f0/0x41c
[ 204.223147] Modules linked in:
[ 204.223945] CPU: 4 PID: 274 Comm: rs:main Q:Reg Not tainted 6.2.0-rc3 #1
[ 204.224769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 204.226061] EIP: fixup_exception+0x3f0/0x41c
[ 204.226533] Code: ff ff 8d 74 26 00 0f 0b ba 4c c9 dc d1 e9 10 fd ff ff b1
01 89 44 24 04 c7 04 24 e0 44 98 d1 88 0d 69 87 cc d1 e8 8c bf
[ 204.228038] EAX: 0000005e EBX: d1aee764 ECX: 00000027 EDX: 00000001
[ 204.228498] ESI: c18efee4 EDI: 0000000d EBP: c18efe58 ESP: c18efddc
[ 204.229102] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00000086
[ 204.229662] CR0: 80050033 CR2: bf8d5d54 CR3: 02aaf000 CR4: 001506d0
[ 204.230408] Call Trace:
[ 204.232101] ? restore_fpregs_from_fpstate+0x3a/0x78
[ 204.232733] ? __switch_to_asm+0x1c/0xe4
[ 204.233028] ? __schedule+0x28c/0x844
[ 204.233362] ? _raw_spin_lock+0x10/0x34
[ 204.233829] exc_general_protection+0x81/0x340
[ 204.234403] ? futex_wait+0xb4/0x190
[ 204.234818] ? exc_bounds+0xa4/0xa4
[ 204.235054] handle_exception+0x133/0x133
[ 204.235629] EIP: restore_fpregs_from_fpstate+0x3a/0x78
[ 204.236113] Code: 0a 8d 76 00 db e2 0f 77 db 45 f4 3e 8d 74 26 00 a1 e8 51
a7 d1 8b 5d f4 21 d0 8b 15 ec 51 a7 d1 8d 7b 40 21 d1 89 ca 04
[ 204.236152] EAX: 00000007 EBX: c2047200 ECX: 00000000 EDX: 00000000
[ 204.236171] ESI: c20471c0 EDI: c2047240 EBP: c18eff4c ESP: c18eff40
[ 204.236191] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00000046
[ 204.236309] ? exc_bounds+0xa4/0xa4
[ 204.236475] ? exc_bounds+0xa4/0xa4
[ 204.240268] ? restore_fpregs_from_fpstate+0x37/0x78
[FAILED[ 204.240752] switch_fpu_return+0x49/0xe0
[ 204.241422] exit_to_user_mode_prepare+0x189/0x1a0
] Failed to start Berkeley Internet Name Domain (DNS).
[ 204.241910] ? syscall_exit_work+0x10b/0x138
[ 204.243209] syscall_exit_to_user_mode+0x1c/0x38
[ 204.243707] __do_fast_syscall_32+0x56/0xac
[ 204.243947] do_fast_syscall_32+0x32/0x74
[ 204.244158] do_SYSENTER_32+0x15/0x24
[ 204.244333] entry_SYSENTER_32+0x98/0xf1
[ 204.244759] EIP: 0xb7f59549
[ 204.245200] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03
74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 36
[ 204.246900] EAX: 00000000 EBX: 012b373c ECX: 00000189 EDX: 00000000
[ 204.247352] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: b69feff0
[ 204.247873] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000282
See 'systemctl status named.service' for details.
[ 204.248870] ---[ end trace 0000000000000000 ]---
[ 204.251318] general protection fault, maybe for address 0x0: 0000 [#1]
PREEMPT SMP
[ 204.252076] CPU: 4 PID: 274 Comm: rs:main Q:Reg Tainted: G W
6.2.0-rc3 #1
[ 204.252685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 204.253207] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 204.253537] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 204.254956] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 204.255282] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 204.255774] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 204.256136] CR0: 80050033 CR2: bf8d5d54 CR3: 02aaf000 CR4: 001506d0
[ 204.256435] Call Trace:
[ 204.257004] Modules linked in:
[ 204.257824] ---[ end trace 0000000000000000 ]---
[ 204.258197] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 204.258722] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 204.260011] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 204.260321] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 204.260854] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 204.261157] CR0: 80050033 CR2: bf8d5d54 CR3: 02aaf000 CR4: 001506d0
[ OK ] Reached target Host and Network Name Lookups.
[ OK ] Started NFS status monitor for NFSv2/3 locking..
[ 204.744176] audit: type=1701 audit(1673507379.746:3): auid=4294967295 uid=0
gid=0 ses=4294967295 subj=kernel pid=298 comm="systemd" exe=1
[ 204.799915] traps: sh[309] general protection fault ip:b7f98545 sp:bf95d5ec
error:0
[ 204.802469] audit: type=1701 audit(1673507379.809:4): auid=4294967295 uid=0
gid=0 ses=4294967295 subj=kernel pid=309 comm="sh" exe="/bin1
[ 204.914694] traps: postfix-script[310] general protection fault ip:b7f19545
sp:bfeb786c error:0
[ 204.916148] audit: type=1701 audit(1673507379.922:5): auid=4294967295 uid=0
gid=0 ses=4294967295 subj=kernel pid=310 comm="postfix-scrip1
[ 204.931021] traps: postfix-script[311] general protection fault ip:b7ee1545
sp:bfd4a30c error:0
[ 204.936395] audit: type=1701 audit(1673507379.939:6): auid=4294967295 uid=0
gid=0 ses=4294967295 subj=kernel pid=311 comm="postfix-scrip1
[FAILED] Failed to start Postfix Mail Transport Agent.
See 'systemctl status postfix.service' for details.
[ OK ] Reached target Multi-User System.
Starting Record Runlevel Change in UTMP...
[ 205.527483] audit: type=1701 audit(1673507380.534:7): auid=4294967295 uid=0
gid=0 ses=4294967295 subj=kernel pid=312 comm="systemd" exe=1
[FAILED] Failed to start Record Runlevel Change in UTMP.
See 'systemctl status systemd-update-utmp-runlevel.service' for details.
[ 205.572397] general protection fault, maybe for address 0x1: 0000 [#2]
PREEMPT SMP
[ 205.572920] CPU: 4 PID: 278 Comm: (agetty) Tainted: G D W
6.2.0-rc3 #1
[ 205.573244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 205.573869] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.573921] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.573943] EAX: 00000001 EBX: bfe01cf4 ECX: bfe01c10 EDX: b7f43549
[ 205.573956] ESI: 00000000 EDI: 00000008 EBP: bfe01c38 ESP: ff8b0000
[ 205.573966] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000246
[ 205.573980] CR0: 80050033 CR2: bf602e00 CR3: 02999000 CR4: 001506d0
[ 205.573995] Call Trace:
[ 205.574085] Modules linked in:
[ 205.574491] ---[ end trace 0000000000000000 ]---
[ 205.574548] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.585817] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.585886] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 205.585910] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 205.585931] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 205.585955] CR0: 80050033 CR2: bf602e00 CR3: 02999000 CR4: 001506d0
[ 205.621193] general protection fault, maybe for address 0x0: 0000 [#3]
PREEMPT SMP
[ 205.622087] CPU: 4 PID: 270 Comm: (agetty) Tainted: G D W
6.2.0-rc3 #1
[ 205.622479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 205.623978] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.624242] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.624941] EAX: 00000000 EBX: 00000003 ECX: bfe01970 EDX: b7f43549
[ 205.625285] ESI: b7a22e2c EDI: b74a66b4 EBP: 00000000 ESP: ff8b0000
[ 205.626096] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000246
[ 205.626687] CR0: 80050033 CR2: bf602e00 CR3: 0317f000 CR4: 001506d0
[ 205.627251] Call Trace:
[ 205.627720] Modules linked in:
[ 205.628633] ---[ end trace 0000000000000000 ]---
[ 205.628919] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.629228] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.633931] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 205.634311] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 205.635297] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 205.635793] CR0: 80050033 CR2: bf602e00 CR3: 0317f000 CR4: 001506d0
[ 205.720018] e1000e 0000:00:02.0 eth0: NIC Link is Up 1000 Mbps Full Duplex,
Flow Control: Rx/Tx
[ 205.721810] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[ 205.724269] general protection fault, maybe for address 0x1: 0000 [#4]
PREEMPT SMP
[ 205.725238] CPU: 4 PID: 156 Comm: systemd-resolve Tainted: G D W
6.2.0-rc3 #1
[ 205.727191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 205.728063] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.728784] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.732473] EAX: 00000001 EBX: 00000004 ECX: bfa912f0 EDX: b7fab549
[ 205.733121] ESI: ffffffff EDI: 004ba560 EBP: b7b8ee2c ESP: ff8b0000
[ 205.734886] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000246
[ 205.735516] CR0: 80050033 CR2: bf602e00 CR3: 018ad000 CR4: 001506d0
[ 205.735915] Call Trace:
[ 205.736108] Modules linked in:
[ 205.736829] ---[ end trace 0000000000000000 ]---
[ 205.737182] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.737519] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.738257] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 205.738495] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 205.739091] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 205.740135] CR0: 80050033 CR2: bf602e00 CR3: 018ad000 CR4: 001506d0
[ 205.765582] general protection fault, maybe for address 0x1: 0000 [#5]
PREEMPT SMP
[ 205.766775] CPU: 4 PID: 272 Comm: in:imuxsock Tainted: G D W
6.2.0-rc3 #1
[ 205.767426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014
[ 205.769185] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.769279] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.769326] EAX: 00000001 EBX: b6b00660 ECX: b75ca1c0 EDX: b7f59549
[ 205.769346] ESI: b7d39e2c EDI: 00000000 EBP: 00000001 ESP: ff8b0000
[ 205.769364] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 205.769388] CR0: 80050033 CR2: bf602e00 CR3: 02aaf000 CR4: 001506d0
[ 205.769409] Call Trace:
[ 205.769440] Modules linked in:
[ 205.769820] ---[ end trace 0000000000000000 ]---
[ 205.769853] EIP: entry_SYSENTER_32+0xe0/0xf1
[ 205.769887] Code: 8b 54 24 30 8b 4c 24 3c 8e 64 24 24 5b 83 c4 08 5e 5f 5d
89 c4 eb 0b 0f 20 d8 0d 00 10 00 00 0f 22 d8 0f ba 34 24 09 96
[ 205.769913] EAX: 00000000 EBX: 012b373c ECX: b69feff0 EDX: b7f59549
[ 205.769933] ESI: 00000000 EDI: 00000000 EBP: ffffffff ESP: ff8b0000
[ 205.769952] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00000282
[ 205.769975] CR0: 80050033 CR2: bf602e00 CR3: 02aaf000 CR4: 001506d0
[ 205.799858] systemd (1) used greatest stack depth: 5568 bytes left
[ 205.799994] Kernel panic - not syncing: Attempted to kill init!
exitcode=0x0000000b
[ 205.805801] Kernel Offset: disabled
[ 205.806723] ---[ end Kernel panic - not syncing: Attempted to kill init!
exitcode=0x0000000b ]---
System hangs...
Regards,
Zhe
