Re: 7.0 RC2 kernel panic with Kqemu/AMD64

From: John Marino <mfl-commissioner_at_marino.st> Date: Mon, 18 Feb 2008 01:08:19 -0600 (CET) · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:27 UTC

Hello Juergen,
I compiled a new debug kernel with PRINTF_BUFR_SIZE=128 option.  After
that, KQuemu locked up in the same exact place but Freebsd would not dump
it's core.  I had been using KQemu with the XFCE desktop.  Finally I
started invoking it from the commandline.  The emulator's display was
garbled.  The first time it panicked, it looked like I had an interactive
debugger, but it was logged on. The core did not dump.  I repeated this
again and finally FreeBSD dumped core, but it seems like it's a different
issue than before.  Hopefully this will enlighten you...

John

draco-root# kgdb kernel.debug /usr/local/crash/vmcore.2
[GDB will not be able to debug user-mode threads:
/usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".

Unread portion of the kernel message buffer:
kernel tkernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0x0
fault code		= supervisor write data, page not present
instruction pointer	= 0x8:0xffffffff804b2e50
stack pointer	        = 0x10:0xffffffffab9d6190
frame pointer	        = 0x10:0xffffffffab9d61b0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= resume, IOPL = 0
current process		= 1588 (qemu-system-x86_64)
trap number		= 12
panic: page fault
cpuid = 0
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2a
panic() at panic+0x17a
trap_fatal() at trap_fatal+0x29f
trap() at trap+0x242
calltrap() at calltrap+0x8
--- trap 0xc, rip = 0xffffffff804b2e50, rsp = 0xffffffffab9d6190, rbp =
0xffffffffab9d61b0 ---
putcons() at putcons+0x50
putchar() at putchar+0x6b
kvprintf() at kvprintf+0x72
printf() at printf+0xcc
uart_z8530_class() at 0x1
uart_z8530_class() at 0x1
uart_z8530_class() at 0x1
Uptime: 6h2m48s
Dumping 1983 MB (2 chunks)
  chunk 0: 1MB (156 pages) ... ok
  chunk 1: 1983MB (507568 pages) 1967 1951 1935 1919 1903 1887 1871 1855
1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631
1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407
1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183
1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943
927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655
639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367
351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63
47 31 15

#0  doadump () at pcpu.h:194
194		__asm __volatile("movq %%gs:0,%0" : "=r" (td));
(kgdb) backtrace
#0  doadump () at pcpu.h:194
#1  0xffffffff80486dd8 in boot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:409
#2  0xffffffff80487237 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:563
#3  0xffffffff8074860f in trap_fatal (frame=0xc, eva=Variable "eva" is not
available.
) at /usr/src/sys/amd64/amd64/trap.c:724
#4  0xffffffff80749302 in trap (frame=0xffffffffab9d60e0) at
/usr/src/sys/amd64/amd64/trap.c:251
#5  0xffffffff8072e69e in calltrap () at
/usr/src/sys/amd64/amd64/exception.S:169
#6  0xffffffff804b2e50 in putcons (c=Variable "c" is not available.
) at /usr/src/sys/kern/subr_prf.c:389
#7  0xffffffff804b302b in putchar (c=10, arg=Variable "arg" is not available.
) at /usr/src/sys/kern/subr_prf.c:421
#8  0xffffffff804b1582 in kvprintf (fmt=0xffffffff8083c0b8 "",
func=0xffffffff804b2fc0 <putchar>, arg=0xffffffffab9d63d0,
    radix=10, ap=Variable "ap" is not available.
) at /usr/src/sys/kern/subr_prf.c:674
#9  0xffffffff804b2bbc in printf (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/subr_prf.c:314
#10 0x0000000000000001 in ?? ()
#11 0xffffffffab9d66f0 in ?? ()
#12 0xffffffff80735ca3 in spinlock_exit () at cpufunc.h:391
#13 0x0000000000000001 in ?? ()
#14 0xffffffffab9d6790 in ?? ()
#15 0x0000000080699029 in ?? ()
#16 0x00000000ffffff04 in ?? ()
#17 0xffffffffab9d6928 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0xffffffff80a6f8a0 in thread0 ()
#20 0x00000000ab9d6930 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0xffffffff00000005 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0xffffffffab9d66f0 in ?? ()
#25 0x0000000000000080 in ?? ()
#26 0xffffffffab9d6720 in ?? ()
#27 0x0000000000000050 in ?? ()
#28 0x0000003000000020 in ?? ()
#29 0xffffffffab9d6890 in ?? ()
#30 0xffffffffab9d67c0 in ?? ()
#31 0xfffbbfffab9d6970 in ?? ()
#32 0x00000000a38d6a20 in ?? ()
#33 0x000000000000000c in ?? ()
#34 0xffffffff8083bdbf in printinterval.9757 ()
#35 0xffffffff80805203 in op_table ()
#36 0x0000000000000001 in ?? ()
#37 0x000000000000009b in ?? ()
#38 0xffffffffab9d6aa0 in ?? ()
#39 0x0000000000000001 in ?? ()
#40 0xffffff0001554301 in ?? ()
#41 0x0000000000000001 in ?? ()
#42 0xffffffff00000000 in ?? ()
#43 0xffffffff80a6f8a0 in thread0 ()
#44 0x000000006e72656b in ?? ()
#45 0xfffeffff00000000 in ?? ()
#46 0x0800000008808004 in ?? ()
#47 0x0000000000000000 in ?? ()
#48 0x0000810000000000 in ?? ()
#49 0x0400200000000000 in ?? ()
#50 0x4000300100002000 in ?? ()
---Type <return> to continue, or q <return> to quit---
#51 0x0000000020000010 in ?? ()
#52 0x0000008000000200 in ?? ()
#53 0x0050400140000000 in ?? ()
#54 0xffffffff80a6f8a0 in thread0 ()
#55 0x0000000000000010 in ?? ()
#56 0xffffffffab9d68e0 in ?? ()
#57 0xffffffff807483f9 in trap_fatal (frame=0x3a00000039, eva=0) at
/usr/src/sys/amd64/amd64/trap.c:667
Previous frame inner to this frame (corrupt stack?)
(kgdb)
(kgdb) i li *0xffffffff804b2e50
Line 390 of "/usr/src/sys/kern/subr_prf.c" starts at address
0xffffffff804b2e50 <putcons+80>
   and ends at 0xffffffff804b2e53 <putcons+83>.
(kgdb)

> On Sun, Feb 17, 2008 at 06:51:18AM -0600, John Marino wrote:
>
> OK looks like indeed both cpus are crashing, maybe try setting
> PRINTF_BUFR_SIZE as others have suggested.
>
>  So thats how the backtrace ended, next line was the kdgb prompt?
>
>  Anyway I'm still not enlightened yet what the actual problem might be...
> 	Juergen
>