Date: Tue, 30 Oct 2018 13:15:19 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 228768] EARLY_AP_STARTUP causes panic on amd machines Message-ID: <bug-228768-227-wHdstxuUtc@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-228768-227@https.bugs.freebsd.org/bugzilla/> References: <bug-228768-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228768 --- Comment #3 from Roger Hammerstein <cheeky.m@live.com> --- (In reply to John Baldwin from comment #2) With DDB and WITNESS, MADT: Interrupt override: source 9, irq 9 ioapic0: intpin 9 trigger: level ioapic3 <Version 1.1> irqs 24-47 on motherboard ioapic0 <Version 1.1> irqs 0-23 on motherboard ioapic1 <Version 1.1> irqs 48-54 on motherboard ioapic2 <Version 1.1> irqs 56-62 on motherboard lapic: Divisor 2, Frequency 99737090 Hz cpu0 BSP: ID: 0x00000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400 AMD ext features: 0x00010003 AMD elvt0: 0x00010000 SMP: AP CPU FtKernel page fault with the following non-sleepable locks held: exclusive spin mutex clk (clk) r =3D 0 (0xffffffff81e70d78) locked @ /usr/src/sys/x86/isa/clock.c:209 exclusive spin mutex ap boot (ap boot) r =3D 0 (0xffffffff81fc4788) locked @ /usr/src/sys/x86/x86/mp_x86.c:1013 stack backtrace: Fatal trap 12: page fault while in kernel mode cpuid =3D 1; apic id =3D 01 fault virtual address =3D 0xfffff80080054000 fault code =3D supervisor read instruction, protection violati= on instruction pointer =3D 0x20:0xfffff80080054000 stack pointer =3D 0x28:0xfffffe0002a8f8b0 frame pointer =3D 0x28:0x0 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 11 (idle: cpu1) [ thread pid 11 tid 100004 ] Stopped at 0xfffff80080054000 db> trace Tracing pid 11 tid 100004 td 0xfffff80080054580 ??() at 0xfffff80080054000 db> Any other commands to run? db> show locks exclusive spin mutex clk (clk) r =3D 0 (0xffffffff81e70d78) locked @ /usr/src/sys/x86/isa/clock.c:209 exclusive spin mutex ap boot (ap boot) r =3D 0 (0xffffffff81fc4788) locked @ /usr/src/sys/x86/x86/mp_x86.c:1013 db> db> show alllocks Process 0 (kernel) thread 0xffffffff81e8a3e0 (100000) exclusive sleep mutex Giant (Giant) r =3D 0 (0xffffffff818020c0) locked @ /usr/src/sys/kern/kern_module.c:116 db> db> bt Tracing pid 11 tid 100004 td 0xfffff80080054580 ??() at 0xfffff80080054000 db> db> ps pid ppid pgrp uid state wmesg wchan cmd 12 0 0 0 WL (threaded) [intr] 100008 I [swi6: task qu= eue] 100009 I [swi6: Giant taskq] 100011 I [swi5: fast ta= skq] 11 0 0 0 RL (threaded) [idle] 100003 CanRun [idle: cpu0] 100004 CanRun [idle: cpu1] 100005 CanRun [idle: cpu2] 100006 CanRun [idle: cpu3] 1 0 0 0 ?L [kernel] 10 0 0 0 RL [audit] 0 0 0 0 RLs (threaded) [kernel] 100000 Run CPU 0 [swapper] 100007 RunQ [aiod_kick tas= kq] 100010 RunQ [thread taskq] 100012 RunQ [config_0] 100013 RunQ [kqueue_ctx ta= skq] db> db> show pcpu cpuid =3D 1 dynamic pcpu =3D 0xfffffe0081100ec0 curthread =3D 0xfffff80080054580: pid 11 tid 100004 "idle: cpu1" curpcb =3D 0 fpcurthread =3D none idlethread =3D 0xfffff80080054580: tid 100004 "idle: cpu1" curpmap =3D 0xffffffff81e8aaa8 tssp =3D 0xffffffff81fb5e88 commontssp =3D 0xffffffff81fb5e88 rsp0 =3D 0x0 gs32p =3D 0xffffffff81fbcac0 ldt =3D 0xffffffff81fbcb00 tss =3D 0xffffffff81fbcaf0 curvnet =3D 0 spin locks held: exclusive spin mutex clk (clk) r =3D 0 (0xffffffff81e70d78) locked @ /usr/src/sys/x86/isa/clock.c:209 exclusive spin mutex ap boot (ap boot) r =3D 0 (0xffffffff81fc4788) locked @ /usr/src/sys/x86/x86/mp_x86.c:1013 db> db> show reg cs 0x20 ds 0x28 ll+0x7 es 0x28 ll+0x7 fs 0x28 ll+0x7 gs 0x28 ll+0x7 ss 0x28 ll+0x7 rax 0xfffff80080054580 rcx 0x5a8 ll+0x587 rdx 0xffffffff811b4939 do_execve.fexecv_proc_title+0x98a5 rbx 0 rsp 0xfffffe0002a8f8b0 rbp 0 rsi 0x8 rdi 0xffffffff81d93998 w_mtx r8 0xffffffff811bd5a6 r9 0x6c ll+0x4b r10 0xfffff800dfd79600 r11 0 r12 0xffffffff81dd7718 r13 0 r14 0xffffffff8125cb1b r15 0xfffff800dfd78b80 rip 0xfffff80080054000 rflags 0x10286 0xfffff80080054000 db> db> alltrace Tracing command intr pid 12 tid 100008 td 0xfffff80080053580 fork_trampoline() at fork_trampoline Tracing command intr pid 12 tid 100009 td 0xfffff80080053000 fork_trampoline() at fork_trampoline Tracing command intr pid 12 tid 100011 td 0xfffff800031f1000 fork_trampoline() at fork_trampoline Tracing command idle pid 11 tid 100003 td 0xfffff800031df000 fork_trampoline() at fork_trampoline Tracing command idle pid 11 tid 100004 td 0xfffff80080054580 ??() at 18446735279764357120 Tracing command idle pid 11 tid 100005 td 0xfffff80080054000 fork_trampoline() at fork_trampoline Tracing command idle pid 11 tid 100006 td 0xfffff800031de580 fork_trampoline() at fork_trampoline Tracing command kernel pid 1 tid 100002 td 0xfffff800031df580 fork_trampoline() at fork_trampoline Tracing command audit pid 10 tid 100001 td 0xfffff80080055000 fork_trampoline() at fork_trampoline Tracing command kernel pid 0 tid 100000 td 0xffffffff81e8a3e0 (CPU 0) ??() at 0 KDB: reentering KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+43/frame 0xfffffe0002a8f040 kdb_reenter() at kdb_reenter+47/frame 0xfffffe0002a8f050 trap() at trap+92/frame 0xfffffe0002a8f160 calltrap() at calltrap+8/frame 0xfffffe0002a8f160 --- trap 12, rip =3D 18446744071578560736, rsp =3D 18446741874730922544, rb= p =3D 18446741874730922688 --- db_read_bytes() at db_read_bytes+128/frame 0xfffffe0002a8f2c0 db_get_value() at db_get_value+51/frame 0xfffffe0002a8f300 db_backtrace() at db_backtrace+567/frame 0xfffffe0002a8f390 db_trace_thread() at db_trace_thread+61/frame 0xfffffe0002a8f3b0 _db_stack_trace_all() at _db_stack_trace_all+244/frame 0xfffffe0002a8f450 db_command() at db_command+633/frame 0xfffffe0002a8f520 db_command_loop() at db_command_loop+100/frame 0xfffffe0002a8f530 db_trap() at db_trap+239/frame 0xfffffe0002a8f5c0 kdb_trap() at kdb_trap+451/frame 0xfffffe0002a8f630 trap_fatal() at trap_fatal+689/frame 0xfffffe0002a8f680 trap_pfault() at trap_pfault+98/frame 0xfffffe0002a8f6d0 trap() at trap+670/frame 0xfffffe0002a8f7e0 calltrap() at calltrap+8/frame 0xfffffe0002a8f7e0 --- trap 12, rip =3D 18446735279764357120, rsp =3D 18446741874730924208, rb= p =3D 0 --- ??() at 18446735279764357120 *** error reading from address 8 *** KDB: reentering KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+43/frame 0xfffffe0002a8f2b0 kdb_reenter() at kdb_reenter+47/frame 0xfffffe0002a8f2c0 db_get_value() at db_get_value+77/frame 0xfffffe0002a8f300 db_backtrace() at db_backtrace+567/frame 0xfffffe0002a8f390 db_trace_thread() at db_trace_thread+61/frame 0xfffffe0002a8f3b0 _db_stack_trace_all() at _db_stack_trace_all+244/frame 0xfffffe0002a8f450 db_command() at db_command+633/frame 0xfffffe0002a8f520 db_command_loop() at db_command_loop+100/frame 0xfffffe0002a8f530 db_trap() at db_trap+239/frame 0xfffffe0002a8f5c0 kdb_trap() at kdb_trap+451/frame 0xfffffe0002a8f630 trap_fatal() at trap_fatal+689/frame 0xfffffe0002a8f680 trap_pfault() at trap_pfault+98/frame 0xfffffe0002a8f6d0 trap() at trap+670/frame 0xfffffe0002a8f7e0 calltrap() at calltrap+8/frame 0xfffffe0002a8f7e0 --- trap 12, rip =3D 18446735279764357120, rsp =3D 18446741874730924208, rb= p =3D 0 --- ??() at 18446735279764357120 db> db> show lapic lapic ID =3D 1 version =3D 1.0 max LVT =3D 5 SVR =3D ff (enabled) TPR =3D 00 In-service Interrupts: TMR Interrupts: IRR Interrupts: db> with the cpus 2 and 3 disabled: ---------------------------------------------------- ioapic3 <Version 1.1> irqs 24-47 on motherboard ioapic0 <Version 1.1> irqs 0-23 on motherboard ioapic1 <Version 1.1> irqs 48-54 on motherboard ioapic2 <Version 1.1> irqs 56-62 on motherboard lapic: Divisor 2, Frequency 99736985 Hz cpu0 BSP: ID: 0x00000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400 AMD ext features: 0x00010003 AMD elvt0: 0x00010000 SMP: AP CPU #1 Launched! cpu1 AP: ID: 0x01000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400 AMD ext features: 0x00010003 AMD elvt0: 0x00010000 [hangs here] ---------------------------------- with just DDB and w/o WITNESS: ---------------------------------- defini8254_delay() at) a i8254_delay+0x1e/f_lock_indefinite_check() at= =20 _mtx_lock_indefinite_check+0x21/frame 0xfffffe0 002986680 _mtx_lock_spin_cookie() at0_mtx_lock_spin_cookie+0xd4/frame 0xfffffe00029866f0 at getit() atkg_spin_cookie+0xd4/frame 0xfffffe0000606190 getit() atfgfe0002986710 rami8254_delay() at 0xfffffe00006061b0 /frame 0xfffffe0002986730 at _mi8254_delay+0x1e/frame 0xfffffe00006061d0 at_mtx_lock_indefinite_check() atk_mtx_lock_indefinite_check+0x21/f= ram=20 0x_fffffe0002986 740 in_cookie()ck_s_mtx_lock_spin_cookie+0xd4/frame 0xfffffe0000606250 getit() atmgetit+0x91/frame 0xfffffe0000606270 0xfffffe0054_delay() at i8ge254_delay+0x1e/frame 0xfffffe0000606290 _mtx_lgeock_indefinite_check() at _mtx_lock_indefinite_ch eck+0x21/frame 0xfffffe00006062a0 0xfffffe00029867d0 pin_cookie() i8254_delay+0x1e/frame 0xfffffe00029867f0 at _mtx_lock_spin_cookie+0xd4/frame 0x_mtx_lock_indefinite_check+ 21/frgetit() at 0xfffffe0002986800 0xfffffe0000606330 _spi8254_delay() at i8254_delay+0x1e/=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20 atf_mtx_lock_spin_cookie+0xd4/frame 0xfffffde0002986870 eckg() ati_mtx_lock_indefinite_check+0x21/frame=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 at =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 geti_mtx_lock_spin_cookie() at _mtx_lock_s pin_cookie+0xd4/frame i0xfffffe00006063d0 at getit() ateglay+it+0x91/frame 0xfffffe00006063f0 i8254_delay() atfi8254_delay+0x1e/_mtx_lock_indefinite_check() at=20=20= =20=20=20=20=20=20=20=20=20 0xfffffe0000606410 fra_mme 0xfffffe0002efinite_check() at_mtx_lock_spin_cookie()=20=20=20=20= =20=20=20=20=20=20=20 atck+0x2_lock_spin_cookie+0xd4/frame 0xfffffe000 2986930 0xfffffe0() at6g420 it+0x91/frame 0xfffffe0002986950 ie() at4_delay() atmie 0xfffffe0000606490 e/fgetit() at 0xfffffe0002986970 0x_mtx_lock_indefinite_checki8254_delay() at i8254_delay+0x1e/frame 0xfffffe00006064d0 _mtx_mtx_lock_indefinite_check+0x21/frame 0xfff at002986980 _in_mdefinite_check+0x21/frame 0xfffffe0000 at _mtx_lock_spin_cookie+0xd4/frame 0xfffffe000298 at _mtx_l ock_spin_cookie+0xd4/frame 0xfffffe0000606550 getit(getit+0x91/frame 0xfffffe0002986a10 ati8254_dt+0x91/frame 0xfffffe0000606570 i8254_delai8254_delay+0x1e/frame 0xfffffe0002986a30 a_mitx_lock_indefinite_check() afra_mtx_lock_indefinite_check+0x21/frame 0xfffffe0002986a40 0xfffffe0000606590 spi_n_cookie() ate_mtx_lock_spin_cookie+0xd4/frame 0x=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20 at8_mtx_lock_indefinite_c atame 0xfffffe00006065a0 0xf_mtx_lock_spin_cookie() at _mtx_lock_spin_cookie+0xd4/frame 0xfffffe0000606610 atgietit() atlgay+0x1e/frame 0x fffi8ffe0002986af0 at _mtx_lock_indefinite_check() atx_ffffe0000606650 defin_mtx_lock_indefinite_check() at 0xfffffe0002986b00 fin_mtx_lock_spin_cookie() atf_mtx_lock_sp0606660 kie_mtx_lock_spin_cookie() at _mtx_lock_spin_cookie+0xd4/frame 0xfffffe00006066d0 0xfffffe0002986b70 getitge() atfgrame 0xfffffe00006066f0 0xfi8254_delay() at i8254_delay+0x1e/frame 0xfffffe0000606710 at _mtx_lockdelay+0x1e/frame 0xfffffe0002986bb0 at__mtx_lock_indefinite_check+0x21/frame 0xfffffe0000606720 _atx_mtx_lock_indefinite_check+0x21/frame 0xfffffe0002986bc0 a_m_mtx_lock_sn_cookie() atm_mtx_lock_spin_cookie+0xd4/frame 0xf= fff=20 getit() at0g000606790 and it eventually reboots itselfs without going to a db> prompt ------------------------------------------------------------ --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228768-227-wHdstxuUtc>