Re: 7.0 RC2 kernel panic with Kqemu/AMD64

From: Juergen Lock <nox_at_jelal.kn-bremen.de> Date: Thu, 21 Feb 2008 22:39:45 +0100 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:27 UTC

On Mon, Feb 18, 2008 at 01:08:19AM -0600, John Marino wrote:
> Hello Juergen,
> I compiled a new debug kernel with PRINTF_BUFR_SIZE=128 option.  After
> that, KQuemu locked up in the same exact place but Freebsd would not dump
> it's core.  I had been using KQemu with the XFCE desktop.  Finally I
> started invoking it from the commandline.  The emulator's display was
> garbled.  The first time it panicked, it looked like I had an interactive
> debugger, but it was logged on. The core did not dump.  I repeated this
> again and finally FreeBSD dumped core, but it seems like it's a different
> issue than before.  Hopefully this will enlighten you...
> 
> John
> 
> 
> draco-root# kgdb kernel.debug /usr/local/crash/vmcore.2
> [GDB will not be able to debug user-mode threads:
> /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd".
> 
> Unread portion of the kernel message buffer:
> kernel tkernel trap 12 with interrupts disabled
> kernel trap 12 with interrupts disabled
> Fatal trap 12: page fault while in kernel mode
> 
> 
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address	= 0x0
> fault code		= supervisor write data, page not present
> instruction pointer	= 0x8:0xffffffff804b2e50
> stack pointer	        = 0x10:0xffffffffab9d6190
> frame pointer	        = 0x10:0xffffffffab9d61b0
> code segment		= base 0x0, limit 0xfffff, type 0x1b
> 			= DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags	= resume, IOPL = 0
> current process		= 1588 (qemu-system-x86_64)
> trap number		= 12
> panic: page fault
> cpuid = 0
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x2a
> panic() at panic+0x17a
> trap_fatal() at trap_fatal+0x29f
> trap() at trap+0x242
> calltrap() at calltrap+0x8
> --- trap 0xc, rip = 0xffffffff804b2e50, rsp = 0xffffffffab9d6190, rbp =
> 0xffffffffab9d61b0 ---
> putcons() at putcons+0x50
> putchar() at putchar+0x6b
> kvprintf() at kvprintf+0x72
> printf() at printf+0xcc
> uart_z8530_class() at 0x1
> uart_z8530_class() at 0x1
> uart_z8530_class() at 0x1
> Uptime: 6h2m48s
> Dumping 1983 MB (2 chunks)
>   chunk 0: 1MB (156 pages) ... ok
>   chunk 1: 1983MB (507568 pages) 1967 1951 1935 1919 1903 1887 1871 1855
> 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631
> 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407
> 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183
> 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943
> 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655
> 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367
> 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63
> 47 31 15
> 
> #0  doadump () at pcpu.h:194
> 194		__asm __volatile("movq %%gs:0,%0" : "=r" (td));
> (kgdb) backtrace
> #0  doadump () at pcpu.h:194
> #1  0xffffffff80486dd8 in boot (howto=260) at
> /usr/src/sys/kern/kern_shutdown.c:409
> #2  0xffffffff80487237 in panic (fmt=Variable "fmt" is not available.
> ) at /usr/src/sys/kern/kern_shutdown.c:563
> #3  0xffffffff8074860f in trap_fatal (frame=0xc, eva=Variable "eva" is not
> available.
> ) at /usr/src/sys/amd64/amd64/trap.c:724
> #4  0xffffffff80749302 in trap (frame=0xffffffffab9d60e0) at
> /usr/src/sys/amd64/amd64/trap.c:251
> #5  0xffffffff8072e69e in calltrap () at
> /usr/src/sys/amd64/amd64/exception.S:169
> #6  0xffffffff804b2e50 in putcons (c=Variable "c" is not available.
> ) at /usr/src/sys/kern/subr_prf.c:389
> #7  0xffffffff804b302b in putchar (c=10, arg=Variable "arg" is not available.
> ) at /usr/src/sys/kern/subr_prf.c:421
> #8  0xffffffff804b1582 in kvprintf (fmt=0xffffffff8083c0b8 "",
> func=0xffffffff804b2fc0 <putchar>, arg=0xffffffffab9d63d0,
>     radix=10, ap=Variable "ap" is not available.
> ) at /usr/src/sys/kern/subr_prf.c:674
> #9  0xffffffff804b2bbc in printf (fmt=Variable "fmt" is not available.
> ) at /usr/src/sys/kern/subr_prf.c:314
> #10 0x0000000000000001 in ?? ()
> #11 0xffffffffab9d66f0 in ?? ()
> #12 0xffffffff80735ca3 in spinlock_exit () at cpufunc.h:391
> #13 0x0000000000000001 in ?? ()
> #14 0xffffffffab9d6790 in ?? ()
> #15 0x0000000080699029 in ?? ()
> #16 0x00000000ffffff04 in ?? ()
> #17 0xffffffffab9d6928 in ?? ()
> #18 0x0000000000000000 in ?? ()
> #19 0xffffffff80a6f8a0 in thread0 ()
> #20 0x00000000ab9d6930 in ?? ()
> #21 0x0000000000000000 in ?? ()
> #22 0xffffffff00000005 in ?? ()
> #23 0x0000000000000000 in ?? ()
> #24 0xffffffffab9d66f0 in ?? ()
> #25 0x0000000000000080 in ?? ()
> #26 0xffffffffab9d6720 in ?? ()
> #27 0x0000000000000050 in ?? ()
> #28 0x0000003000000020 in ?? ()
> #29 0xffffffffab9d6890 in ?? ()
> #30 0xffffffffab9d67c0 in ?? ()
> #31 0xfffbbfffab9d6970 in ?? ()
> #32 0x00000000a38d6a20 in ?? ()
> #33 0x000000000000000c in ?? ()
> #34 0xffffffff8083bdbf in printinterval.9757 ()
> #35 0xffffffff80805203 in op_table ()
> #36 0x0000000000000001 in ?? ()
> #37 0x000000000000009b in ?? ()
> #38 0xffffffffab9d6aa0 in ?? ()
> #39 0x0000000000000001 in ?? ()
> #40 0xffffff0001554301 in ?? ()
> #41 0x0000000000000001 in ?? ()
> #42 0xffffffff00000000 in ?? ()
> #43 0xffffffff80a6f8a0 in thread0 ()
> #44 0x000000006e72656b in ?? ()
> #45 0xfffeffff00000000 in ?? ()
> #46 0x0800000008808004 in ?? ()
> #47 0x0000000000000000 in ?? ()
> #48 0x0000810000000000 in ?? ()
> #49 0x0400200000000000 in ?? ()
> #50 0x4000300100002000 in ?? ()
> ---Type <return> to continue, or q <return> to quit---
> #51 0x0000000020000010 in ?? ()
> #52 0x0000008000000200 in ?? ()
> #53 0x0050400140000000 in ?? ()
> #54 0xffffffff80a6f8a0 in thread0 ()
> #55 0x0000000000000010 in ?? ()
> #56 0xffffffffab9d68e0 in ?? ()
> #57 0xffffffff807483f9 in trap_fatal (frame=0x3a00000039, eva=0) at
> /usr/src/sys/amd64/amd64/trap.c:667
> Previous frame inner to this frame (corrupt stack?)
> (kgdb)
> (kgdb) i li *0xffffffff804b2e50
> Line 390 of "/usr/src/sys/kern/subr_prf.c" starts at address
> 0xffffffff804b2e50 <putcons+80>
>    and ends at 0xffffffff804b2e53 <putcons+83>.
> (kgdb)

Another bad crash that doesn't tell me whats wrong...  I guess this
is a lost cause.
	Juergen