[Bug 276426] amd64: microcode update caused a page fault trying to send data to the logger

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 18 Jan 2024 22:20:31 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276426

--- Comment #9 from John F. Carr <jfc@mit.edu> ---
Here is the complete backtrace (abbreviated form in comment #2) and evaluation
of the td variable in that stack.

(kgdb) bt
#0  __curthread ()
    at /usr/home/jfc/freebsd/src/sys/amd64/include/pcpu_aux.h:53
#1  doadump (textdump=<optimized out>)
    at /usr/home/jfc/freebsd/src/sys/kern/kern_shutdown.c:394
#2  0xffffffff80bce802 in kern_reboot (howto=260)
    at /usr/home/jfc/freebsd/src/sys/kern/kern_shutdown.c:482
#3  0xffffffff80bcec5f in vpanic (fmt=0xffffffff812041f3 "%s", 
    ap=ap@entry=0xfffffe03a79d7af0)
    at /usr/home/jfc/freebsd/src/sys/kern/kern_shutdown.c:921
#4  0xffffffff80bce9f3 in panic (fmt=<unavailable>)
    at /usr/home/jfc/freebsd/src/sys/kern/kern_shutdown.c:845
#5  0xffffffff8108c56c in trap_fatal (frame=0xfffffe03a79d7be0, 
    eva=62185075507200)
    at /usr/home/jfc/freebsd/src/sys/amd64/amd64/trap.c:940
#6  0xffffffff8108c5d7 in trap_pfault (frame=0xfffffe03a79d7be0, 
    usermode=false, signo=<optimized out>, ucode=<optimized out>)
    at /usr/home/jfc/freebsd/src/sys/amd64/amd64/trap.c:759
#7  <signal handler called>
#8  copyout_smap_std ()
    at /usr/home/jfc/freebsd/src/sys/amd64/amd64/support.S:849
#9  0xffffffff80c337d5 in uiomove_faultflag (cp=0xfffffe01bedc0000, 
    n=n@entry=105, uio=uio@entry=0xfffffe03a79d7da0, nofault=nofault@entry=0)
    at /usr/home/jfc/freebsd/src/sys/kern/subr_uio.c:256
#10 0xffffffff80c33699 in uiomove (cp=0x388e97560000, n=-1092878336, 
    n@entry=105, uio=0x636f6c2f7273752f, uio@entry=0xfffffe03a79d7da0)
    at /usr/home/jfc/freebsd/src/sys/kern/subr_uio.c:196
#11 0xffffffff80c3de55 in pipe_read (fp=0xfffff801441abe10, 
    uio=0xfffffe03a79d7da0, active_cred=<optimized out>, 
    flags=<optimized out>, td=0xfffff80103c48000)
    at /usr/home/jfc/freebsd/src/sys/kern/sys_pipe.c:732
#12 0xffffffff80c3a586 in fo_read (fp=0xfffff801441abe10, 
    uio=0xfffffe03a79d7da0, active_cred=0x636f6c2f7273752f, 
    td=0xfffff80103c48000, flags=<optimized out>)
    at /usr/home/jfc/freebsd/src/sys/sys/file.h:336
#13 dofileread (td=td@entry=0xfffff80103c48000, fd=fd@entry=0, 
    fp=0xfffff801441abe10, auio=auio@entry=0xfffffe03a79d7da0, 
    offset=offset@entry=-1, flags=flags@entry=0)
    at /usr/home/jfc/freebsd/src/sys/kern/sys_generic.c:367
#14 0xffffffff80c3a0d2 in kern_readv (td=0xfffff80103c48000, fd=0, 
    auio=0xfffffe03a79d7da0)
    at /usr/home/jfc/freebsd/src/sys/kern/sys_generic.c:288
#15 sys_read (td=0xfffff80103c48000, uap=<optimized out>)
    at /usr/home/jfc/freebsd/src/sys/kern/sys_generic.c:204
#16 0xffffffff8108ced0 in syscallenter (td=<optimized out>)
    at /usr/home/jfc/freebsd/src/sys/amd64/amd64/../../kern/subr_syscall.c:188
#17 amd64_syscall (td=0xfffff80103c48000, traced=0)
    at /usr/home/jfc/freebsd/src/sys/amd64/amd64/trap.c:1181
#18 <signal handler called>
#19 0x0000388e94230d9a in ?? ()
Backtrace stopped: Cannot access memory at address 0x388e93262428
(kgdb) up 13
#13 dofileread (td=td@entry=0xfffff80103c48000, fd=fd@entry=0, 
    fp=0xfffff801441abe10, auio=auio@entry=0xfffffe03a79d7da0, 
    offset=offset@entry=-1, flags=flags@entry=0)
    at /usr/home/jfc/freebsd/src/sys/kern/sys_generic.c:367
367             if ((error = fo_read(fp, auio, td->td_ucred, flags, td))) {
(kgdb) p td->td_critnest
$22 = 1
(kgdb) p/x td->td_md.md_pcb
$23 = {pcb_r15 = 0xfffff80101bba000, pcb_r14 = 0xffffffff81e97788, 
  pcb_r13 = 0xfffffe010aeec0d8, pcb_r12 = 0xfffffe010aeec0c0, 
  pcb_rbp = 0xfffffe03a79d7bb0, pcb_rsp = 0xfffffe03a79d7b18, 
  pcb_rbx = 0xfffff80103c48000, pcb_rip = 0xffffffff80bfe4b6, 
  pcb_fsbase = 0x388e9378c120, pcb_gsbase = 0x0, pcb_kgsbase = 0x0, 
  pcb_cr0 = 0x0, pcb_cr2 = 0x0, pcb_cr3 = 0x0, pcb_cr4 = 0x0, pcb_dr0 = 0x0, 
  pcb_dr1 = 0x0, pcb_dr2 = 0x0, pcb_dr3 = 0x0, pcb_dr6 = 0x0, pcb_dr7 = 0x0, 
  pcb_gdt = {rd_limit = 0x0, rd_base = 0x0}, pcb_idt = {rd_limit = 0x0, 
    rd_base = 0x0}, pcb_ldt = {rd_limit = 0x0, rd_base = 0x0}, pcb_tr = 0x0, 
  pcb_flags = 0x19, pcb_initial_fpucw = 0x37f, pcb_onfault = 0x0, 
  pcb_saved_ucr3 = 0x0, pcb_tssp = 0x0, pcb_efer = 0x0, pcb_star = 0x0, 
  pcb_lstar = 0x0, pcb_cstar = 0x0, pcb_sfmask = 0x0, 
  pcb_save = 0xfffffe02699f4c00, pcb_pad = {0x0, 0x0, 0x0, 0x0, 0x0}}
(kgdb)

-- 
You are receiving this mail because:
You are the assignee for the bug.