From nobody Wed Apr 02 16:23:09 2025
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZSVXY3sb3z5sTmY
	for <bugs@mlmmj.nyi.freebsd.org>; Wed, 02 Apr 2025 16:23:09 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZSVXY3Lg0z3rCP
	for <bugs@FreeBSD.org>; Wed, 02 Apr 2025 16:23:09 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1743610989;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Jf3iTHbugQlcaDCp205OWT5lnBkTR6Ztjz81tzhVCK8=;
	b=x6K8rRyB7WZEhZPfA3APudCgGcZHZJDZcuY26pZEVhzeFshkXMmhNde9EgpogbYTuLiTlq
	6LaK4zWnHzo0VJA/GvY7C5I1t1rjhfKBJ7MhofFHzn1aDrUzsq3b47QO77TmoM7YldwoIB
	INl+RlM1nPoe8GzIRiVbMbSIADmHxMcSCTGDFsTCJ8qZys2D6zJRnwvIo9xEoXZ3p6qc/k
	vJN1cI9i5QjmeB4Hdf6I2xcbHs8kjWneAGKH3NgXSjSn6SXweXp5AxN52uwq6LZ2mSnxhs
	Uj2X0lx3Df3lKO+ET2gC9QC/yfkX2JiYpDzFeu1yzJyVxTQkF4I0b7/gRMW+rw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1743610989; a=rsa-sha256; cv=none;
	b=nRVqyMpmtcej3ip/HOx4961czSA5sI2853C8Gqe4wYQQeqtf+MIfQJ7AjfTW7CuRHCijnC
	zozyzj+6hUIL+ZjM3FkYs8qHQEwKRgQ/19UD49kWs9uFBNaFDw9zh7rUk0pdCT2R8NT3Sk
	B2anFmeCal9WCaCdc3i7s4+Yyv/nN7sR3p+V5McNSC57MIfR7jkiNLf+jetTg/3j1tzoCA
	semayGwuugypKLO/lov6pw6zIMHutl+SByHGcviGIF9RzvFt+o4ke6V6f7RGKxkQxvWryy
	1vL8tm/cHfEM7I5KMOzJsxvAxs6LZbBs8XwHxGmMRmqrHlJCovaEVVtpCOCHHA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1743610989;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Jf3iTHbugQlcaDCp205OWT5lnBkTR6Ztjz81tzhVCK8=;
	b=MkznWwF0aMsrbe1Fx7CYCbkYoY1ShZOlrObwkTwFi+13mz7jnY3AnUIs5hsPYT/RB4EweC
	d8DLdbItRAfsRLI8r8mNGwbMhvt3ewge4ZDXq+nhMxHvld2Xfzu07h6z41jklOTLknkxCv
	dHZFXisI/RTfXi0aTi3h/QeonYNt3TGl1KWC5iKO06AFOVV8TyN3ic5DBRn9nLX5PPkYra
	cVvEVqpAZE3UCsTSBZDXKa7zuZr8XJDqmv0CkOz1OKSvOfCJek/1THmboUsKQXJgP1DfJG
	5VpPTr+uGlm+5amwAZ3tgxWflKcX+lhMvmhI0L+MHvskb3tacKaGh9C8Qog8Cw==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZSVXY2jHKz8C9
	for <bugs@FreeBSD.org>; Wed, 02 Apr 2025 16:23:09 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 532GN9en082411
	for <bugs@FreeBSD.org>; Wed, 2 Apr 2025 16:23:09 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 532GN9lA082410
	for bugs@FreeBSD.org; Wed, 2 Apr 2025 16:23:09 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 285853] hv_hid: kernel built with -O0 panics in hv_hid_probe()
Date: Wed, 02 Apr 2025 16:23:09 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 15.0-CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: lexi@hemlock.eden.le-fay.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-285853-227@https.bugs.freebsd.org/bugzilla/>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@FreeBSD.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D285853

            Bug ID: 285853
           Summary: hv_hid: kernel built with -O0 panics in hv_hid_probe()
           Product: Base System
           Version: 15.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: lexi@hemlock.eden.le-fay.org

- FreeBSD 15.0 fe9278888fd4414abe2d922e469cf608005f4c65
- Hyper-V client, Windows 11 10.0.26100

using this kernel config:

% cat GENERIC.NOOPT=20
include GENERIC
ident "GENERIC.NOOPT"
makeoptions COPTFLAGS=3D"-O0 -fno-strict-aliasing"
options KSTACK_PAGES=3D20
%=20

the system panics on boot in hv_hid_probe() with the stack trace shown belo=
w.=20
note that 0xffffffff83d11000 (the IP) is the first instruction in hv_hid_pr=
obe:

(kgdb) disass hv_hid_probe
Dump of assembler code for function hv_hid_probe:
   0xffffffff83d11000 <+0>:     add    %al,(%rax)
   0xffffffff83d11002 <+2>:     add    %al,(%rax)
   0xffffffff83d11004 <+4>:     add    %al,(%rax)
   0xffffffff83d11006 <+6>:     add    %al,(%rax)
   0xffffffff83d11008 <+8>:     add    %al,(%rax)
   0xffffffff83d1100a <+10>:    add    %al,(%rax)
   0xffffffff83d1100c <+12>:    add    %al,(%rax)
   0xffffffff83d1100e <+14>:    (bad)
   0xffffffff83d1100f <+15>:    loopne 0xffffffff83d11038 <hv_hid_probe+56>

i'm not entirely convinced this is specific to hv_hid, since not loading hv=
_hid
causes a later panic in epair.

panic message:

Trying to mount root from zfs:zroot/ROOT/default []...
WARNING: WITNESS option enabled, expect reduced performance.
<118>Setting hostuuid: 16820fb7-4c79-4ea6-a817-29da42b640ec.
<118>Setting hostid: 0x5b730d29.
<118>no pools available to import
<118>Starting file system checks:
<118>/dev/gpt/efiboot0: FILESYSTEM CLEAN; SKIPPING CHECKS
<118>Mounting local filesystems:.
<118>Autoloading module: hv_hid


Fatal trap 12: page fault while in kernel mode
cpuid =3D 11; apic id =3D 0b
fault virtual address   =3D 0xffffffff83d11000
fault code              =3D supervisor write data, protection violation
instruction pointer     =3D 0x20:0xffffffff83d11000
stack pointer           =3D 0x28:0xfffffe0092594758
frame pointer           =3D 0x28:0xfffffe0092594790
code segment            =3D base 0x0, limit 0xfffff, type 0x1b
                        =3D DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        =3D interrupt enabled, resume, IOPL =3D 0
current process         =3D 130 (devctl)
rdi: fffff8000197b300 rsi: ffffffff820d9720 rdx: ffffffff820d9720
rcx: ffffffff83d121b0  r8: fefefefefefefeff  r9: 8080808080808080
rax: ffffffff83d11000 rbx: 000019e97c87cf20 rbp: fffffe0092594790
r10: ffffffff83d1210b r11: 97ff8c8a9d9289ff r12: 000019e159353c78
r13: 000019e159353c90 r14: 0000000000000001 r15: 000019e97a0c2e57
trap number             =3D 12
panic: page fault
cpuid =3D 11
time =3D 1743610017
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x28/frame 0xfffffe0092594=
110
kdb_backtrace() at kdb_backtrace+0x3e/frame 0xfffffe00925941c0
vpanic() at vpanic+0x21b/frame 0xfffffe0092594300
panic() at panic+0x4e/frame 0xfffffe0092594360
trap_fatal() at trap_fatal+0x83/frame 0xfffffe0092594390
trap_pfault() at trap_pfault+0x5c6/frame 0xfffffe0092594470
trap() at trap+0x69e/frame 0xfffffe0092594660
trap_check() at trap_check+0x3d/frame 0xfffffe0092594680
calltrap() at calltrap+0x8/frame 0xfffffe0092594680
--- trap 0xc, rip =3D 0xffffffff83d11000, rsp =3D 0xfffffe0092594758, rbp =
=3D
0xfffffe0092594790 ---
hv_hid_probe() at hv_hid_probe/frame 0xfffffe0092594790
device_probe_child() at device_probe_child+0x179/frame 0xfffffe00925947f0
device_probe() at device_probe+0x81/frame 0xfffffe0092594820
device_probe_and_attach() at device_probe_and_attach+0x1a/frame
0xfffffe0092594850
bus_generic_driver_added() at bus_generic_driver_added+0x43/frame
0xfffffe0092594880
BUS_DRIVER_ADDED() at BUS_DRIVER_ADDED+0x89/frame 0xfffffe00925948c0
devclass_driver_added() at devclass_driver_added+0x69/frame 0xfffffe0092594=
8f0
device_do_deferred_actions() at device_do_deferred_actions+0x4c/frame
0xfffffe0092594910
devctl2_ioctl() at devctl2_ioctl+0x943/frame 0xfffffe0092594a70
devfs_ioctl() at devfs_ioctl+0x17d/frame 0xfffffe0092594b10
VOP_IOCTL_APV() at VOP_IOCTL_APV+0xfd/frame 0xfffffe0092594b40
VOP_IOCTL() at VOP_IOCTL+0x66/frame 0xfffffe0092594bc0
vn_ioctl() at vn_ioctl+0x191/frame 0xfffffe0092594c30
devfs_ioctl_f() at devfs_ioctl_f+0x57/frame 0xfffffe0092594c80
fo_ioctl() at fo_ioctl+0x3e/frame 0xfffffe0092594cc0
kern_ioctl() at kern_ioctl+0x28f/frame 0xfffffe0092594d30
sys_ioctl() at sys_ioctl+0x26b/frame 0xfffffe0092594e20
syscallenter() at syscallenter+0x5b8/frame 0xfffffe0092594e80
amd64_syscall() at amd64_syscall+0x5e/frame 0xfffffe0092594f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0092594f30
--- syscall (54, FreeBSD ELF64, ioctl), rip =3D 0x19e97d35dbfa, rsp =3D
0x19e97a0c29e8, rbp =3D 0x19e97a0c2aa0 ---
KDB: enter: panic

Reading symbols from /boot/kernel/filemon.ko...
Reading symbols from /usr/lib/debug//boot/kernel/filemon.ko.debug...
Reading symbols from /boot/kernel/zfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug...
Reading symbols from /boot/kernel/hv_hid.ko...
Reading symbols from /usr/lib/debug//boot/kernel/hv_hid.ko.debug...
Reading symbols from /boot/kernel/hms.ko...
Reading symbols from /usr/lib/debug//boot/kernel/hms.ko.debug...
Reading symbols from /boot/kernel/hidmap.ko...
Reading symbols from /usr/lib/debug//boot/kernel/hidmap.ko.debug...
0xffffffff80f3d090 in doadump (textdump=3D0) at ../../../kern/kern_shutdown=
.c:404
404             dump_savectx();
(kgdb) where
#0  0xffffffff80f3d090 in doadump (textdump=3D0) at
../../../kern/kern_shutdown.c:404
#1  0xffffffff805cf610 in db_dump (dummy=3D-2131056059, dummy2=3Dfalse, dum=
my3=3D-1,
dummy4=3D0xfffffe0092593c30 "") at ../../../ddb/db_command.c:596
#2  0xffffffff805cf416 in db_command (last_cmdp=3D0xffffffff82206590
<db_last_command>, cmd_table=3D0x0, dopager=3Dtrue) at
../../../ddb/db_command.c:508
#3  0xffffffff805cf021 in db_command_loop () at ../../../ddb/db_command.c:5=
55
#4  0xffffffff805d3921 in db_trap (type=3D3, code=3D0) at
../../../ddb/db_main.c:267
#5  0xffffffff80fab1c0 in kdb_trap (type=3D3, code=3D0, tf=3D0xfffffe009259=
40e0) at
../../../kern/subr_kdb.c:790
#6  0xffffffff816cace5 in trap (frame=3D0xfffffe00925940e0) at
../../../amd64/amd64/trap.c:608
#7  0xffffffff816cbded in trap_check (frame=3D0xfffffe00925940e0) at
../../../amd64/amd64/trap.c:660
#8  <signal handler called>
#9  breakpoint () at /home/ivy/src/bsd/bridge-1q/sys/amd64/include/cpufunc.=
h:62
#10 0xffffffff80faa724 in kdb_enter (why=3D0xffffffff818ebe8a "panic",
msg=3D0xffffffff818ebe8a "panic") at ../../../kern/subr_kdb.c:555
#11 0xffffffff80f3d715 in vpanic (fmt=3D0xffffffff8189d258 "%s",
ap=3D0xfffffe0092594340) at ../../../kern/kern_shutdown.c:966
#12 0xffffffff80f3d22e in panic (fmt=3D0xffffffff8189d258 "%s") at
../../../kern/kern_shutdown.c:892
#13 0xffffffff816cb193 in trap_fatal (frame=3D0xfffffe0092594690,
eva=3D18446744071626100736) at ../../../amd64/amd64/trap.c:960
#14 0xffffffff816cb7e6 in trap_pfault (frame=3D0xfffffe0092594690,
usermode=3Dfalse, signo=3D0x0, ucode=3D0x0) at ../../../amd64/amd64/trap.c:=
869
#15 0xffffffff816ca97e in trap (frame=3D0xfffffe0092594690) at
../../../amd64/amd64/trap.c:442
#16 0xffffffff816cbded in trap_check (frame=3D0xfffffe0092594690) at
../../../amd64/amd64/trap.c:660
#17 <signal handler called>
#18 hv_hid_probe (dev=3D0xfffff8000197b300) at
/home/ivy/src/bsd/bridge-1q/sys/dev/hyperv/input/hv_hid.c:384
#19 0xffffffff80f8f1e1 in DEVICE_PROBE (dev=3D0xfffff8000197b300) at
./device_if.h:115
#20 0xffffffff80f8ecd9 in device_probe_child (dev=3D0xfffff80001914100,
child=3D0xfffff8000197b300) at ../../../kern/subr_bus.c:1723
#21 0xffffffff80f90291 in device_probe (dev=3D0xfffff8000197b300) at
../../../kern/subr_bus.c:2524
#22 0xffffffff80f904ca in device_probe_and_attach (dev=3D0xfffff8000197b300=
) at
../../../kern/subr_bus.c:2546
#23 0xffffffff80f93303 in bus_generic_driver_added (dev=3D0xfffff8000191410=
0,
driver=3D0xffffffff83d13120 <hv_hid_driver>) at ../../../kern/subr_bus.c:38=
70
#24 0xffffffff80f97619 in BUS_DRIVER_ADDED (_dev=3D0xfffff80001914100,
_driver=3D0xffffffff83d13120 <hv_hid_driver>) at ./bus_if.h:210
#25 0xffffffff80f8d219 in devclass_driver_added (dc=3D0xfffff80001751600,
driver=3D0xffffffff83d13120 <hv_hid_driver>) at ../../../kern/subr_bus.c:661
#26 0xffffffff80f9908c in device_do_deferred_actions () at
../../../kern/subr_bus.c:5688
#27 0xffffffff80f98b53 in devctl2_ioctl (cdev=3D0xfffff8000151dc00,
cmd=3D2157462540, data=3D0xfffff8000db44c00 "", fflag=3D1, td=3D0xfffff8000=
e3c3740) at
../../../kern/subr_bus.c:5974
#28 0xffffffff80d287cd in devfs_ioctl (ap=3D0xfffffe0092594b58) at
../../../fs/devfs/devfs_vnops.c:950
#29 0xffffffff817e98ed in VOP_IOCTL_APV (vop=3D0xffffffff820c6898
<devfs_specops>, a=3D0xfffffe0092594b58) at vnode_if.c:1229
#30 0xffffffff810c3706 in VOP_IOCTL (vp=3D0xfffff8001194fdc0, command=3D215=
7462540,
data=3D0xfffff8000db44c00, fflag=3D1, cred=3D0xfffff8000da6ac00,
td=3D0xfffff8000e3c3740) at ./vnode_if.h:637
#31 0xffffffff810bb351 in vn_ioctl (fp=3D0xfffff8000e32f690, com=3D21574625=
40,
data=3D0xfffff8000db44c00, active_cred=3D0xfffff8000da6ac00, td=3D0xfffff80=
00e3c3740)
at ../../../kern/vfs_vnops.c:1768
#32 0xffffffff80d28e47 in devfs_ioctl_f (fp=3D0xfffff8000e32f690, com=3D215=
7462540,
data=3D0xfffff8000db44c00, cred=3D0xfffff8000da6ac00, td=3D0xfffff8000e3c37=
40)
    at ../../../fs/devfs/devfs_vnops.c:881
#33 0xffffffff80feae4e in fo_ioctl (fp=3D0xfffff8000e32f690, com=3D21574625=
40,
data=3D0xfffff8000db44c00, active_cred=3D0xfffff8000da6ac00, td=3D0xfffff80=
00e3c3740)
at ../../../sys/file.h:375
#34 0xffffffff80feac4f in kern_ioctl (td=3D0xfffff8000e3c3740, fd=3D3,
com=3D2157462540, data=3D0xfffff8000db44c00 "") at ../../../kern/sys_generi=
c.c:806
#35 0xffffffff80fea91b in sys_ioctl (td=3D0xfffff8000e3c3740,
uap=3D0xfffff8000e3c3b40) at ../../../kern/sys_generic.c:714
#36 0xffffffff816cce08 in syscallenter (td=3D0xfffff8000e3c3740) at
../../../amd64/amd64/../../kern/subr_syscall.c:191
#37 0xffffffff816cc5ce in amd64_syscall (td=3D0xfffff8000e3c3740, traced=3D=
0) at
../../../amd64/amd64/trap.c:1201
#38 <signal handler called>
#39 0x000019e97d35dbfa in ?? ()
Backtrace stopped: Cannot access memory at address 0x19e97a0c29e8

--=20
You are receiving this mail because:
You are the assignee for the bug.=