GPF on boot with devmatch
Warner Losh
imp at bsdimp.com
Mon Oct 5 18:12:37 UTC 2020
On Sun, Oct 4, 2020 at 11:30 PM Xin Li <delphij at delphij.net> wrote:
>
>
> On 10/4/20 10:13 PM, Warner Losh wrote:
> >
> >
> > On Sun, Oct 4, 2020, 11:07 PM Xin Li <delphij at delphij.net
> > <mailto:delphij at delphij.net>> wrote:
> >
> > Hi,
> >
> > I'm seeing this panic at boot after upgrading from r366217 to
> r366364,
> > and continues to exist for r366421 (but I haven't find out the exact
> > change that caused it). Preloading the relevant kernel modules
> > (uhid.ko, ums.ko and wmt.ko) seems to make the kernel boot correctly.
> >
> >
> > What happens if you disable devmatch and load these modules by hand?
>
> Loading these modules from loader or kld_list will prevent this panic
> regardless if devmatch is enabled.
>
> > What happens if you load them from rc.d scripts with devmatch disabled?
>
> It seems that the devmatch was started by devd and not rc. Disabling
> devmatch (setting devmatch_enable="NO" without loading any of these klds
> would not provoke the panic).
>
That sounds like a bug to me... I'll have to look into it. I'm mostly
asking 'what happens if you load them after boot' to see if this is a
'devmatch doing weird things' issue or a 'these drivers don't like to be
loaded so late and we need to track down why' issue.
Warner
> > Warner
> >
> > This is not reproducible on my laptop, which will load many more
> kernel
> > modules.
> >
> > ===
> > Autoloading module: uhid.ko
> > Autoloading module: wmt.ko
> >
> >
> > Fatal trap 9: general protection fault while in kernel mode
> > cpuid = 2; apic id = 04
> > instruction pointer = 0x20:0xffffffff806ad6eb
> > stack pointer = 0x28:0xfffffe01850cd960
> > frame pointer = 0x28:0xfffffe01850cd9e0
> > code segment = base 0x0, limit 0xfffff, type 0x1b
> > = DPL 0, pres 1, long 1, def32 0, gran 1
> > processor eflags = interrupt enabled, resume, IOPL = 0
> > current process = 740 (devmatch)
> > trap number = 9
> > panic: general protection fault
> > cpuid = 3
> > time = 1601866799
> > KDB: stack backtrace:
> > db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
> > 0xfffffe01850cd670
> > vpanic() at vpanic+0x182/frame 0xfffffe01850cd6c0
> > panic() at panic+0x43/frame 0xfffffe01850cd720
> > trap_fatal() at trap_fatal+0x387/frame 0xfffffe01850cd780
> > trap() at trap+0xa4/frame 0xfffffe01850cd890
> > calltrap() at calltrap+0x8/frame 0xfffffe01850cd890
> > --- trap 0x9, rip = 0xffffffff806ad6eb, rsp = 0xfffffe01850cd960,
> rbp =
> > 0xfffffe01850cd9e0 ---
> > sysctl_devices() at sysctl_devices+0x24b/frame 0xfffffe01850cd9e0
> > sysctl_root_handler_locked() at sysctl_root_handler_locked+0x9c/frame
> > 0xfffffe01850cda30
> > sysctl_root() at sysctl_root+0x20a/frame 0xfffffe01850cdab0
> > userland_sysctl() at userland_sysctl+0x17d/frame 0xfffffe01850cdb60
> > sys___sysctl() at sys___sysctl+0x5f/frame 0xfffffe01850cdc10
> > amd64_syscall() at amd64_syscall+0x135/frame 0xfffffe01850cdd30
> > fast_syscall_common() at fast_syscall_common+0xf8/frame
> > 0xfffffe01850cdd30
> > --- syscall (202, FreeBSD ELF64, sys___sysctl), rip = 0x80038968a,
> rsp =
> > 0x7fffffffd988, rbp = 0x7fffffffd9c0 ---
> > ===
> >
> > sysctl_devices+0x24b (0x6dab) was:
> >
> > sb->s_len += strlen(p);
> > 6d50: 4c 89 e7 mov %r12,%rdi
> > 6d53: e8 00 00 00 00 callq 6d58
> > <sysctl_devices+0x1f8>
> > 6d58: 48 01 45 b0 add %rax,-0x50(%rbp)
> > 6d5c: 48 8d 7d 88 lea -0x78(%rbp),%rdi
> > sbuf_putc(&sb, '\0');
> > 6d60: 31 f6 xor %esi,%esi
> > 6d62: e8 00 00 00 00 callq 6d67
> > <sysctl_devices+0x207>
> > MPASS((sb->s_flags & SBUF_INCLUDENUL) == 0);
> > 6d67: f6 45 b8 02 testb $0x2,-0x48(%rbp)
> > 6d6b: 0f 85 10 01 00 00 jne 6e81
> > <sysctl_devices+0x321>
> > if (sb->s_error != 0)
> > 6d71: 83 7d a0 00 cmpl $0x0,-0x60(%rbp)
> > 6d75: 0f 85 8c 00 00 00 jne 6e07
> > <sysctl_devices+0x2a7>
> > p = EOB(sb);
> > 6d7b: 4c 8b 65 88 mov -0x78(%rbp),%r12
> > 6d7f: 48 8b 45 b0 mov -0x50(%rbp),%rax
> > *p = '\0'; /* sbuf buffer isn't NUL terminated until
> > sbuf_finish() */
> > 6d83: 41 c6 04 04 00 movb $0x0,(%r12,%rax,1)
> > space = SPACE(sb);
> > 6d88: 4c 8b 6d a8 mov -0x58(%rbp),%r13
> > 6d8c: 4c 2b 6d b0 sub -0x50(%rbp),%r13
> > if (space <= 1) {
> > 6d90: 49 83 fd 01 cmp $0x1,%r13
> > 6d94: 77 09 ja 6d9f
> > <sysctl_devices+0x23f>
> > sb->s_error = ENOMEM;
> > 6d96: c7 45 a0 0c 00 00 00 movl $0xc,-0x60(%rbp)
> > 6d9d: eb 68 jmp 6e07
> > <sysctl_devices+0x2a7>
> > 6d9f: 49 01 c4 add %rax,%r12
> > return (dev->parent);
> > 6da2: 48 8b 7b 28 mov 0x28(%rbx),%rdi
> > if (parent == NULL) {
> > 6da6: 48 85 ff test %rdi,%rdi
> > 6da9: 74 4b je 6df6
> > <sysctl_devices+0x296>
> > KOBJOPLOOKUP(((kobj_t)_dev)->ops,bus_child_location_str);
> > 6dab: 48 8b 07 mov (%rdi),%rax
> > 6dae: 48 c7 c2 00 00 00 00 mov $0x0,%rdx
> > 6db5: 0f b6 0d 00 00 00 00 movzbl 0x0(%rip),%ecx
> #
> > 6dbc <sysctl_devices+0x25c>
> > 6dbc: 4c 8b 04 c8 mov (%rax,%rcx,8),%r8
> > 6dc0: 49 39 10 cmp %rdx,(%r8)
> > 6dc3: 74 22 je 6de7
> > <sysctl_devices+0x287>
> > 6dc5: 48 8d 34 c8 lea (%rax,%rcx,8),%rsi
> > 6dc9: 48 89 7d d0 mov %rdi,-0x30(%rbp)
> > 6dcd: 48 8b b8 00 08 00 00 mov 0x800(%rax),%rdi
> > 6dd4: 48 c7 c2 00 00 00 00 mov $0x0,%rdx
> > 6ddb: e8 00 00 00 00 callq 6de0
> > <sysctl_devices+0x280>
> > 6de0: 48 8b 7d d0 mov -0x30(%rbp),%rdi
> > 6de4: 49 89 c0 mov %rax,%r8
> > rc = ((bus_child_location_str_t *) _m)(_dev, _child, _buf,
> > _buflen);
> > 6de7: 48 89 de mov %rbx,%rsi
> >
>
More information about the freebsd-current
mailing list