Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 3 Nov 2024 17:56:31 +0300 (MSK)
From:      Robin Haberkorn <robin.haberkorn@googlemail.com>
To:        freebsd-drivers@freebsd.org
Subject:   double fault during log(LOG_DEBUG)
Message-ID:  <7634a3ed-18cd-46c2-ffff-3cabd55ed0f5@googlemail.com>
next in thread | raw e-mail | index | archive | help 
Hello,

while I am waiting for my reviews.freebsd.org account to be approved, I 
would like understand a particular crash that I observed while hacking a 
kernel driver:

#33 0xffffffff810346be in panic (fmt=0xffffffff81a69212 "double fault")
     at /usr/src/sys/kern/kern_shutdown.c:891
#34 0xffffffff81819ae2 in dblfault_handler (frame=0xfffffe001ea4ff30)
     at /usr/src/sys/amd64/amd64/trap.c:1012
#35 <signal handler called>
#36 0xffffffff810bb574 in kvprintf (fmt=0xffffffff8197a48b ">", func=0x0,
     arg=0xfffffe00f8029440, radix=10, ap=0xfffffe00f8029370)
     at /usr/src/sys/kern/subr_prf.c:907
#37 0xffffffff810bc728 in sprintf (buf=0xfffffe00f8029440 "<",
     cfmt=0xffffffff8197a488 "<%d>") at /usr/src/sys/kern/subr_prf.c:526
#38 0xffffffff810b4409 in msgbuf_addstr (mbp=0xfffff804417fffb8, pri=7,
     str=0xfffffe00f8029a00 "Unhandled devclass: drm\n", filter_cr=1)
     at /usr/src/sys/kern/subr_msgbuf.c:205
#39 0xffffffff810bc65b in msglogstr (
     str=0xfffffe00f8029a00 "Unhandled devclass: drm\n", pri=7, filter_cr=1)
     at /usr/src/sys/kern/subr_prf.c:1029
#40 0xffffffff810bd152 in prf_putbuf (
     bufr=0xfffffe00f8029a00 "Unhandled devclass: drm\n", flags=5, pri=7)
     at /usr/src/sys/kern/subr_prf.c:442
#41 0xffffffff810bd300 in putbuf (c=10, ap=0xfffffe00f80299b8)
     at /usr/src/sys/kern/subr_prf.c:470
#42 0xffffffff810bbe7d in putchar (c=10, arg=0xfffffe00f80299b8)
     at /usr/src/sys/kern/subr_prf.c:513
#43 0xffffffff810b9cf6 in kvprintf (fmt=0xffffffff8492e0ac "",
     func=0xffffffff810bbdd0 <putchar>, arg=0xfffffe00f80299b8, radix=10,
     ap=0xfffffe00f8029b00) at /usr/src/sys/kern/subr_prf.c:688
#44 0xffffffff810bc405 in _vprintf (level=7, flags=5,
     fmt=0xffffffff8492e095 "Unhandled devclass: %s\n", ap=0xfffffe00f8029b00)
     at /usr/src/sys/kern/subr_prf.c:295
#45 0xffffffff810bc331 in vlog (level=7,
     fmt=0xffffffff8492e095 "Unhandled devclass: %s\n", ap=0xfffffe00f8029b00)
     at /usr/src/sys/kern/subr_prf.c:326
#46 0xffffffff810b953d in log (level=7,
     fmt=0xffffffff8492e095 "Unhandled devclass: %s\n")
     at /usr/src/sys/kern/subr_prf.c:318
#47 0xffffffff8492a5ca in linsysfs_run_bus (dev=0xfffff8001542cc00,
     dir=0xfffff800159f6900, scsi=0xfffff8000d289b00,
     chardev=0xfffff8000d27d800, drm=0xfffff8000d289800,
     path=0xfffff80015a05000 "/pci0000:00/0000:00:02.0",
     prefix=0xffffffff8492e31a "0000")
     at /usr/src/sys/compat/linsysfs/linsysfs.c:540

The "double fault" is reliably caused by the log(LOG_DEBUG) call (frame #46).
Once I commented it out, it was gone.
Interestingly, I couldn't provoke this bug in my VirtualBox, but only when I tried
to test it on my main installation. I don't have a "drm" device in VirtualBox, though.
The string "drm", it tries to log, comes from devclass_get_name(). I suppose this
string has static lifetime - it shouldn't be possible to become invalid.
And in fact, the double fault is obviously caused long after the string 
has been read.

Best regards,
Robin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7634a3ed-18cd-46c2-ffff-3cabd55ed0f5>