GPF on boot with devmatch
Xin Li
delphij at delphij.net
Mon Oct 5 05:30:19 UTC 2020
On 10/4/20 10:13 PM, Warner Losh wrote:
>
>
> On Sun, Oct 4, 2020, 11:07 PM Xin Li <delphij at delphij.net
> <mailto:delphij at delphij.net>> wrote:
>
> Hi,
>
> I'm seeing this panic at boot after upgrading from r366217 to r366364,
> and continues to exist for r366421 (but I haven't find out the exact
> change that caused it). Preloading the relevant kernel modules
> (uhid.ko, ums.ko and wmt.ko) seems to make the kernel boot correctly.
>
>
> What happens if you disable devmatch and load these modules by hand?
Loading these modules from loader or kld_list will prevent this panic
regardless if devmatch is enabled.
> What happens if you load them from rc.d scripts with devmatch disabled?
It seems that the devmatch was started by devd and not rc. Disabling
devmatch (setting devmatch_enable="NO" without loading any of these klds
would not provoke the panic).
> Warner
>
> This is not reproducible on my laptop, which will load many more kernel
> modules.
>
> ===
> Autoloading module: uhid.ko
> Autoloading module: wmt.ko
>
>
> Fatal trap 9: general protection fault while in kernel mode
> cpuid = 2; apic id = 04
> instruction pointer = 0x20:0xffffffff806ad6eb
> stack pointer = 0x28:0xfffffe01850cd960
> frame pointer = 0x28:0xfffffe01850cd9e0
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 740 (devmatch)
> trap number = 9
> panic: general protection fault
> cpuid = 3
> time = 1601866799
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
> 0xfffffe01850cd670
> vpanic() at vpanic+0x182/frame 0xfffffe01850cd6c0
> panic() at panic+0x43/frame 0xfffffe01850cd720
> trap_fatal() at trap_fatal+0x387/frame 0xfffffe01850cd780
> trap() at trap+0xa4/frame 0xfffffe01850cd890
> calltrap() at calltrap+0x8/frame 0xfffffe01850cd890
> --- trap 0x9, rip = 0xffffffff806ad6eb, rsp = 0xfffffe01850cd960, rbp =
> 0xfffffe01850cd9e0 ---
> sysctl_devices() at sysctl_devices+0x24b/frame 0xfffffe01850cd9e0
> sysctl_root_handler_locked() at sysctl_root_handler_locked+0x9c/frame
> 0xfffffe01850cda30
> sysctl_root() at sysctl_root+0x20a/frame 0xfffffe01850cdab0
> userland_sysctl() at userland_sysctl+0x17d/frame 0xfffffe01850cdb60
> sys___sysctl() at sys___sysctl+0x5f/frame 0xfffffe01850cdc10
> amd64_syscall() at amd64_syscall+0x135/frame 0xfffffe01850cdd30
> fast_syscall_common() at fast_syscall_common+0xf8/frame
> 0xfffffe01850cdd30
> --- syscall (202, FreeBSD ELF64, sys___sysctl), rip = 0x80038968a, rsp =
> 0x7fffffffd988, rbp = 0x7fffffffd9c0 ---
> ===
>
> sysctl_devices+0x24b (0x6dab) was:
>
> sb->s_len += strlen(p);
> 6d50: 4c 89 e7 mov %r12,%rdi
> 6d53: e8 00 00 00 00 callq 6d58
> <sysctl_devices+0x1f8>
> 6d58: 48 01 45 b0 add %rax,-0x50(%rbp)
> 6d5c: 48 8d 7d 88 lea -0x78(%rbp),%rdi
> sbuf_putc(&sb, '\0');
> 6d60: 31 f6 xor %esi,%esi
> 6d62: e8 00 00 00 00 callq 6d67
> <sysctl_devices+0x207>
> MPASS((sb->s_flags & SBUF_INCLUDENUL) == 0);
> 6d67: f6 45 b8 02 testb $0x2,-0x48(%rbp)
> 6d6b: 0f 85 10 01 00 00 jne 6e81
> <sysctl_devices+0x321>
> if (sb->s_error != 0)
> 6d71: 83 7d a0 00 cmpl $0x0,-0x60(%rbp)
> 6d75: 0f 85 8c 00 00 00 jne 6e07
> <sysctl_devices+0x2a7>
> p = EOB(sb);
> 6d7b: 4c 8b 65 88 mov -0x78(%rbp),%r12
> 6d7f: 48 8b 45 b0 mov -0x50(%rbp),%rax
> *p = '\0'; /* sbuf buffer isn't NUL terminated until
> sbuf_finish() */
> 6d83: 41 c6 04 04 00 movb $0x0,(%r12,%rax,1)
> space = SPACE(sb);
> 6d88: 4c 8b 6d a8 mov -0x58(%rbp),%r13
> 6d8c: 4c 2b 6d b0 sub -0x50(%rbp),%r13
> if (space <= 1) {
> 6d90: 49 83 fd 01 cmp $0x1,%r13
> 6d94: 77 09 ja 6d9f
> <sysctl_devices+0x23f>
> sb->s_error = ENOMEM;
> 6d96: c7 45 a0 0c 00 00 00 movl $0xc,-0x60(%rbp)
> 6d9d: eb 68 jmp 6e07
> <sysctl_devices+0x2a7>
> 6d9f: 49 01 c4 add %rax,%r12
> return (dev->parent);
> 6da2: 48 8b 7b 28 mov 0x28(%rbx),%rdi
> if (parent == NULL) {
> 6da6: 48 85 ff test %rdi,%rdi
> 6da9: 74 4b je 6df6
> <sysctl_devices+0x296>
> KOBJOPLOOKUP(((kobj_t)_dev)->ops,bus_child_location_str);
> 6dab: 48 8b 07 mov (%rdi),%rax
> 6dae: 48 c7 c2 00 00 00 00 mov $0x0,%rdx
> 6db5: 0f b6 0d 00 00 00 00 movzbl 0x0(%rip),%ecx #
> 6dbc <sysctl_devices+0x25c>
> 6dbc: 4c 8b 04 c8 mov (%rax,%rcx,8),%r8
> 6dc0: 49 39 10 cmp %rdx,(%r8)
> 6dc3: 74 22 je 6de7
> <sysctl_devices+0x287>
> 6dc5: 48 8d 34 c8 lea (%rax,%rcx,8),%rsi
> 6dc9: 48 89 7d d0 mov %rdi,-0x30(%rbp)
> 6dcd: 48 8b b8 00 08 00 00 mov 0x800(%rax),%rdi
> 6dd4: 48 c7 c2 00 00 00 00 mov $0x0,%rdx
> 6ddb: e8 00 00 00 00 callq 6de0
> <sysctl_devices+0x280>
> 6de0: 48 8b 7d d0 mov -0x30(%rbp),%rdi
> 6de4: 49 89 c0 mov %rax,%r8
> rc = ((bus_child_location_str_t *) _m)(_dev, _child, _buf,
> _buflen);
> 6de7: 48 89 de mov %rbx,%rsi
>
More information about the freebsd-current
mailing list