Date: Fri, 4 Aug 2023 21:58:52 -0600 From: Warner Losh <imp@bsdimp.com> To: Mark Millard <marklmi@yahoo.com> Cc: FreeBSD ARM List <freebsd-arm@freebsd.org>, Current FreeBSD <freebsd-current@freebsd.org> Subject: Re: A native armv7 panic during kyua runs: sys/netinet6/exthdr:exthdr -> Fatal kernel mode data abort: 'Alignment Fault' on read Message-ID: <CANCZdfo=WMOWDwmd=gJ%2BF%2B_4gMwuFzM_61duTRzQxZmAqsA2fw@mail.gmail.com> In-Reply-To: <BF9831C7-0E23-45F0-BF41-B72F2111F70B@yahoo.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] It might make sense to work up a patch that skips this test on armv7 after filing a bug (the usual way).... Warner On Fri, Aug 4, 2023 at 12:59 AM Mark Millard <marklmi@yahoo.com> wrote: > While discovered via an attempted overall kyua run, the following is > sufficient to get the crash in my native armv7 context: > > # /usr/bin/kyua test -k /usr/tests/Kyuafile sys/netinet6/exthdr:exthdr > sys/netinet6/exthdr:exthdr -> Fatal kernel mode data abort: 'Alignment > Fault' on read > trapframe: 0xdfb97aa0 > FSR=00000001, FAR=db43ab76, spsr=60000013 > r0 =dfedd000, r1 =dfb97b34, r2 =00000000, r3 =00000000 > r4 =00000000, r5 =00000000, r6 =db43ab76, r7 =db43ab66 > r8 =c096383c, r9 =00000000, r10=db132400, r11=dfb97b60 > r12=00000000, ssp=dfb97b30, slr=c0b4e2c0, pc =c04e6b70 > > panic: Fatal abort > cpuid = 0 > time = 1691131498 > KDB: stack backtrace: > db_trace_self() at db_trace_self > pc = 0xc065f414 lr = 0xc007db80 (db_trace_self_wrapper+0x30) > sp = 0xdfb97858 fp = 0xdfb97970 > db_trace_self_wrapper() at db_trace_self_wrapper+0x30 > pc = 0xc007db80 lr = 0xc031a834 (vpanic+0x140) > sp = 0xdfb97978 fp = 0xdfb97998 > r4 = 0x00000100 r5 = 0x00000000 > r6 = 0xc07c369a r7 = 0xc0b32e58 > vpanic() at vpanic+0x140 > pc = 0xc031a834 lr = 0xc031a6f4 (vpanic) > sp = 0xdfb979a0 fp = 0xdfb979a4 > r4 = 0xdfb97aa0 r5 = 0x00000013 > r6 = 0xdb43ab76 r7 = 0x00000001 > r8 = 0x00000001 r9 = 0xdfedd000 > r10 = 0xdb43ab76 > vpanic() at vpanic > pc = 0xc031a6f4 lr = 0xc06849dc (abort_align) > sp = 0xdfb979ac fp = 0xdfb979d8 > r4 = 0x00000001 r5 = 0x00000001 > r6 = 0xdfedd000 r7 = 0xdb43ab76 > r8 = 0xdfb979a4 r9 = 0xc031a6f4 > r10 = 0xdfb979ac > abort_align() at abort_align > pc = 0xc06849dc lr = 0xc0684a50 (abort_align+0x74) > sp = 0xdfb979e0 fp = 0xdfb979f8 > r4 = 0x00000013 r10 = 0xdb43ab76 > abort_align() at abort_align+0x74 > pc = 0xc0684a50 lr = 0xc06846a8 (abort_handler+0x45c) > sp = 0xdfb97a00 fp = 0xdfb97a98 > r4 = 0x00000000 r10 = 0xdb43ab76 > abort_handler() at abort_handler+0x45c > pc = 0xc06846a8 lr = 0xc0661cc8 (exception_exit) > sp = 0xdfb97aa0 fp = 0xdfb97b60 > r4 = 0x00000000 r5 = 0x00000000 > r6 = 0xdb43ab76 r7 = 0xdb43ab66 > r8 = 0xc096383c r9 = 0x00000000 > r10 = 0xdb132400 > exception_exit() at exception_exit > pc = 0xc0661cc8 lr = 0xc0b4e2c0 (__pcpu) > sp = 0xdfb97b30 fp = 0xdfb97b60 > r0 = 0xdfedd000 r1 = 0xdfb97b34 > r2 = 0x00000000 r3 = 0x00000000 > r4 = 0x00000000 r5 = 0x00000000 > r6 = 0xdb43ab76 r7 = 0xdb43ab66 > r8 = 0xc096383c r9 = 0x00000000 > r10 = 0xdb132400 r12 = 0x00000000 > in6ifa_ifwithaddr() at in6ifa_ifwithaddr+0x30 > pc = 0xc04e6b70 lr = 0xc04f9030 (ip6_input+0xd38) > sp = 0xdfb97b68 fp = 0xdfb97c28 > r4 = 0xdb43ab76 r5 = 0xdb43ab5e > r6 = 0x00000000 r7 = 0xdb43ab66 > ip6_input() at ip6_input+0xd38 > pc = 0xc04f9030 lr = 0xc046d66c (netisr_dispatch_src+0xf8) > sp = 0xdfb97c30 fp = 0xdfb97c58 > r4 = 0xdb43ab00 r5 = 0x00000006 > r6 = 0x00000007 r7 = 0xc0b49d50 > r8 = 0xdafea0c0 r9 = 0xdb43ab00 > r10 = 0x00000086 > netisr_dispatch_src() at netisr_dispatch_src+0xf8 > pc = 0xc046d66c lr = 0xc04641b0 (ether_demux+0x18c) > sp = 0xdfb97c60 fp = 0xdfb97c78 > r4 = 0x00000006 r5 = 0x00001201 > r6 = 0xdb132400 r7 = 0x000000ff > r8 = 0xdafea0c0 r9 = 0xdb43ab00 > r10 = 0x00000086 > ether_demux() at ether_demux+0x18c > pc = 0xc04641b0 lr = 0xc0465880 (ether_nh_input+0x490) > sp = 0xdfb97c80 fp = 0xdfb97ce0 > r4 = 0xdb132400 r5 = 0xdb43ab00 > r6 = 0xdb43ab50 r10 = 0x00000086 > ether_nh_input() at ether_nh_input+0x490 > pc = 0xc0465880 lr = 0xc046d66c (netisr_dispatch_src+0xf8) > sp = 0xdfb97ce8 fp = 0xdfb97d10 > r4 = 0xdb43ab00 r5 = 0x00000005 > r6 = 0x0000000c r7 = 0xc0b49d30 > r8 = 0xdafea0c0 r9 = 0xdb43ab00 > r10 = 0xc098d18f > netisr_dispatch_src() at netisr_dispatch_src+0xf8 > pc = 0xc046d66c lr = 0xc04645c4 (ether_input+0x50) > sp = 0xdfb97d18 fp = 0xdfb97d48 > r4 = 0xdb43ab00 r5 = 0x00000000 > r6 = 0x00008803 r7 = 0x00000000 > r8 = 0xdafea0c0 r9 = 0xdb43ab00 > r10 = 0xc098d18f > ether_input() at ether_input+0x50 > pc = 0xc04645c4 lr = 0xdffb3f08 ($a.10+0x108) > sp = 0xdfb97d50 fp = 0xdfb97d78 > r4 = 0xdb132400 r5 = 0xdaff8b00 > r6 = 0xdaff8b10 r7 = 0x00000000 > r8 = 0x00000000 r10 = 0xc098d18f > $a.10() at $a.10+0x108 > pc = 0xdffb3f08 lr = 0xc038cb2c (taskqueue_run_locked+0x1c4) > sp = 0xdfb97d80 fp = 0xdfb97dd8 > r4 = 0xe0145100 r5 = 0xdaff8b2c > r6 = 0xe0145150 r7 = 0x00000001 > r8 = 0x00000000 r9 = 0xdfb97d90 > r10 = 0x00000001 > taskqueue_run_locked() at taskqueue_run_locked+0x1c4 > pc = 0xc038cb2c lr = 0xc038e4e4 (taskqueue_thread_loop+0x1b0) > sp = 0xdfb97de0 fp = 0xdfb97e10 > r4 = 0xe0145100 r5 = 0xe0145140 > r6 = 0xc07af4c4 r7 = 0x00000000 > r8 = 0xc098d18f r9 = 0x00000100 > r10 = 0xc0b228a0 > taskqueue_thread_loop() at taskqueue_thread_loop+0x1b0 > pc = 0xc038e4e4 lr = 0xc02cdf0c (fork_exit+0xc0) > sp = 0xdfb97e18 fp = 0xdfb97e38 > r4 = 0xdfedd000 r5 = 0xc0b224e0 > r6 = 0xc038e334 r7 = 0xdffc4f54 > r8 = 0xdfb97e40 r9 = 0xc098d191 > fork_exit() at fork_exit+0xc0 > pc = 0xc02cdf0c lr = 0xc0661c5c (swi_exit) > sp = 0xdfb97e40 fp = 0x00000000 > r4 = 0xc038e334 r5 = 0xdffc4f54 > r6 = 0xc0b45d84 r7 = 0xd73bcba0 > r8 = 0x00000001 r10 = 0xc0b228a0 > swi_exit() at swi_exit > pc = 0xc0661c5c lr = 0xc0661c5c (swi_exit) > sp = 0xdfb97e40 fp = 0x00000000 > KDB: enter: panic > [ thread pid 0 tid 100230 ] > > For reference: > > # uname -apKU > FreeBSD OPiP2E-RPi2v1p1 14.0-CURRENT FreeBSD 14.0-CURRENT armv7 1400093 #6 > main-n264334-215bab7924f6-dirty: Tue Jul 25 23:11:39 PDT 2023 > root@CA72-16Gp-ZFS:/usr/obj/BUILDs/main-CA7-nodbg-clang/usr/main-src/arm.armv7/sys/GENERIC-NODBG-CA7 > arm armv7 1400093 1400093 > > The OrangePi+ 2Ed was the type of system booted and tested. > > === > Mark Millard > marklmi at yahoo.com > > > [-- Attachment #2 --] <div dir="ltr"><div>It might make sense to work up a patch that skips this test on armv7 after filing a bug (the usual way)....</div><div><br></div><div>Warner<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Aug 4, 2023 at 12:59 AM Mark Millard <<a href="mailto:marklmi@yahoo.com">marklmi@yahoo.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">While discovered via an attempted overall kyua run, the following is<br> sufficient to get the crash in my native armv7 context:<br> <br> # /usr/bin/kyua test -k /usr/tests/Kyuafile sys/netinet6/exthdr:exthdr<br> sys/netinet6/exthdr:exthdr -> Fatal kernel mode data abort: 'Alignment Fault' on read<br> trapframe: 0xdfb97aa0<br> FSR=00000001, FAR=db43ab76, spsr=60000013<br> r0 =dfedd000, r1 =dfb97b34, r2 =00000000, r3 =00000000<br> r4 =00000000, r5 =00000000, r6 =db43ab76, r7 =db43ab66<br> r8 =c096383c, r9 =00000000, r10=db132400, r11=dfb97b60<br> r12=00000000, ssp=dfb97b30, slr=c0b4e2c0, pc =c04e6b70<br> <br> panic: Fatal abort<br> cpuid = 0<br> time = 1691131498<br> KDB: stack backtrace:<br> db_trace_self() at db_trace_self<br> pc = 0xc065f414 lr = 0xc007db80 (db_trace_self_wrapper+0x30)<br> sp = 0xdfb97858 fp = 0xdfb97970<br> db_trace_self_wrapper() at db_trace_self_wrapper+0x30<br> pc = 0xc007db80 lr = 0xc031a834 (vpanic+0x140)<br> sp = 0xdfb97978 fp = 0xdfb97998<br> r4 = 0x00000100 r5 = 0x00000000<br> r6 = 0xc07c369a r7 = 0xc0b32e58<br> vpanic() at vpanic+0x140<br> pc = 0xc031a834 lr = 0xc031a6f4 (vpanic)<br> sp = 0xdfb979a0 fp = 0xdfb979a4<br> r4 = 0xdfb97aa0 r5 = 0x00000013<br> r6 = 0xdb43ab76 r7 = 0x00000001<br> r8 = 0x00000001 r9 = 0xdfedd000<br> r10 = 0xdb43ab76<br> vpanic() at vpanic<br> pc = 0xc031a6f4 lr = 0xc06849dc (abort_align)<br> sp = 0xdfb979ac fp = 0xdfb979d8<br> r4 = 0x00000001 r5 = 0x00000001<br> r6 = 0xdfedd000 r7 = 0xdb43ab76<br> r8 = 0xdfb979a4 r9 = 0xc031a6f4<br> r10 = 0xdfb979ac<br> abort_align() at abort_align<br> pc = 0xc06849dc lr = 0xc0684a50 (abort_align+0x74)<br> sp = 0xdfb979e0 fp = 0xdfb979f8<br> r4 = 0x00000013 r10 = 0xdb43ab76<br> abort_align() at abort_align+0x74<br> pc = 0xc0684a50 lr = 0xc06846a8 (abort_handler+0x45c)<br> sp = 0xdfb97a00 fp = 0xdfb97a98<br> r4 = 0x00000000 r10 = 0xdb43ab76<br> abort_handler() at abort_handler+0x45c<br> pc = 0xc06846a8 lr = 0xc0661cc8 (exception_exit)<br> sp = 0xdfb97aa0 fp = 0xdfb97b60<br> r4 = 0x00000000 r5 = 0x00000000<br> r6 = 0xdb43ab76 r7 = 0xdb43ab66<br> r8 = 0xc096383c r9 = 0x00000000<br> r10 = 0xdb132400<br> exception_exit() at exception_exit<br> pc = 0xc0661cc8 lr = 0xc0b4e2c0 (__pcpu)<br> sp = 0xdfb97b30 fp = 0xdfb97b60<br> r0 = 0xdfedd000 r1 = 0xdfb97b34<br> r2 = 0x00000000 r3 = 0x00000000<br> r4 = 0x00000000 r5 = 0x00000000<br> r6 = 0xdb43ab76 r7 = 0xdb43ab66<br> r8 = 0xc096383c r9 = 0x00000000<br> r10 = 0xdb132400 r12 = 0x00000000<br> in6ifa_ifwithaddr() at in6ifa_ifwithaddr+0x30<br> pc = 0xc04e6b70 lr = 0xc04f9030 (ip6_input+0xd38)<br> sp = 0xdfb97b68 fp = 0xdfb97c28<br> r4 = 0xdb43ab76 r5 = 0xdb43ab5e<br> r6 = 0x00000000 r7 = 0xdb43ab66<br> ip6_input() at ip6_input+0xd38<br> pc = 0xc04f9030 lr = 0xc046d66c (netisr_dispatch_src+0xf8)<br> sp = 0xdfb97c30 fp = 0xdfb97c58<br> r4 = 0xdb43ab00 r5 = 0x00000006<br> r6 = 0x00000007 r7 = 0xc0b49d50<br> r8 = 0xdafea0c0 r9 = 0xdb43ab00<br> r10 = 0x00000086<br> netisr_dispatch_src() at netisr_dispatch_src+0xf8<br> pc = 0xc046d66c lr = 0xc04641b0 (ether_demux+0x18c)<br> sp = 0xdfb97c60 fp = 0xdfb97c78<br> r4 = 0x00000006 r5 = 0x00001201<br> r6 = 0xdb132400 r7 = 0x000000ff<br> r8 = 0xdafea0c0 r9 = 0xdb43ab00<br> r10 = 0x00000086<br> ether_demux() at ether_demux+0x18c<br> pc = 0xc04641b0 lr = 0xc0465880 (ether_nh_input+0x490)<br> sp = 0xdfb97c80 fp = 0xdfb97ce0<br> r4 = 0xdb132400 r5 = 0xdb43ab00<br> r6 = 0xdb43ab50 r10 = 0x00000086<br> ether_nh_input() at ether_nh_input+0x490<br> pc = 0xc0465880 lr = 0xc046d66c (netisr_dispatch_src+0xf8)<br> sp = 0xdfb97ce8 fp = 0xdfb97d10<br> r4 = 0xdb43ab00 r5 = 0x00000005<br> r6 = 0x0000000c r7 = 0xc0b49d30<br> r8 = 0xdafea0c0 r9 = 0xdb43ab00<br> r10 = 0xc098d18f<br> netisr_dispatch_src() at netisr_dispatch_src+0xf8<br> pc = 0xc046d66c lr = 0xc04645c4 (ether_input+0x50)<br> sp = 0xdfb97d18 fp = 0xdfb97d48<br> r4 = 0xdb43ab00 r5 = 0x00000000<br> r6 = 0x00008803 r7 = 0x00000000<br> r8 = 0xdafea0c0 r9 = 0xdb43ab00<br> r10 = 0xc098d18f<br> ether_input() at ether_input+0x50<br> pc = 0xc04645c4 lr = 0xdffb3f08 ($a.10+0x108)<br> sp = 0xdfb97d50 fp = 0xdfb97d78<br> r4 = 0xdb132400 r5 = 0xdaff8b00<br> r6 = 0xdaff8b10 r7 = 0x00000000<br> r8 = 0x00000000 r10 = 0xc098d18f<br> $a.10() at $a.10+0x108<br> pc = 0xdffb3f08 lr = 0xc038cb2c (taskqueue_run_locked+0x1c4)<br> sp = 0xdfb97d80 fp = 0xdfb97dd8<br> r4 = 0xe0145100 r5 = 0xdaff8b2c<br> r6 = 0xe0145150 r7 = 0x00000001<br> r8 = 0x00000000 r9 = 0xdfb97d90<br> r10 = 0x00000001<br> taskqueue_run_locked() at taskqueue_run_locked+0x1c4<br> pc = 0xc038cb2c lr = 0xc038e4e4 (taskqueue_thread_loop+0x1b0)<br> sp = 0xdfb97de0 fp = 0xdfb97e10<br> r4 = 0xe0145100 r5 = 0xe0145140<br> r6 = 0xc07af4c4 r7 = 0x00000000<br> r8 = 0xc098d18f r9 = 0x00000100<br> r10 = 0xc0b228a0<br> taskqueue_thread_loop() at taskqueue_thread_loop+0x1b0<br> pc = 0xc038e4e4 lr = 0xc02cdf0c (fork_exit+0xc0)<br> sp = 0xdfb97e18 fp = 0xdfb97e38<br> r4 = 0xdfedd000 r5 = 0xc0b224e0<br> r6 = 0xc038e334 r7 = 0xdffc4f54<br> r8 = 0xdfb97e40 r9 = 0xc098d191<br> fork_exit() at fork_exit+0xc0<br> pc = 0xc02cdf0c lr = 0xc0661c5c (swi_exit)<br> sp = 0xdfb97e40 fp = 0x00000000<br> r4 = 0xc038e334 r5 = 0xdffc4f54<br> r6 = 0xc0b45d84 r7 = 0xd73bcba0<br> r8 = 0x00000001 r10 = 0xc0b228a0<br> swi_exit() at swi_exit<br> pc = 0xc0661c5c lr = 0xc0661c5c (swi_exit)<br> sp = 0xdfb97e40 fp = 0x00000000<br> KDB: enter: panic<br> [ thread pid 0 tid 100230 ]<br> <br> For reference:<br> <br> # uname -apKU<br> FreeBSD OPiP2E-RPi2v1p1 14.0-CURRENT FreeBSD 14.0-CURRENT armv7 1400093 #6 main-n264334-215bab7924f6-dirty: Tue Jul 25 23:11:39 PDT 2023 root@CA72-16Gp-ZFS:/usr/obj/BUILDs/main-CA7-nodbg-clang/usr/main-src/arm.armv7/sys/GENERIC-NODBG-CA7 arm armv7 1400093 1400093<br> <br> The OrangePi+ 2Ed was the type of system booted and tested.<br> <br> ===<br> Mark Millard<br> marklmi at <a href="http://yahoo.com" rel="noreferrer" target="_blank">yahoo.com</a><br> <br> <br> </blockquote></div>help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfo=WMOWDwmd=gJ%2BF%2B_4gMwuFzM_61duTRzQxZmAqsA2fw>