From owner-freebsd-current@freebsd.org  Mon Oct  5 05:30:19 2020
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 61D643F7FCF
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Mon,  5 Oct 2020 05:30:19 +0000 (UTC)
 (envelope-from delphij@delphij.net)
Received: from anubis.delphij.net (anubis.delphij.net [64.62.153.212])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "anubis.delphij.net",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4C4ThB1rL1z4h35;
 Mon,  5 Oct 2020 05:30:17 +0000 (UTC)
 (envelope-from delphij@delphij.net)
Received: from p51.home.us.delphij.net (unknown
 [IPv6:2601:646:8601:f4a:e670:b8ff:fe5c:4e69])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits))
 (Client did not present a certificate)
 by anubis.delphij.net (Postfix) with ESMTPSA id 12CDE2F4E0;
 Sun,  4 Oct 2020 22:30:11 -0700 (PDT)
Reply-To: d@delphij.net
Subject: Re: GPF on boot with devmatch
To: Warner Losh <imp@bsdimp.com>, Xin LI <d@delphij.net>
Cc: FreeBSD Current <freebsd-current@freebsd.org>,
 Warner Losh <imp@freebsd.org>
References: <1dec1b9d-03e7-7171-9f48-71573dafead4@delphij.net>
 <CANCZdfqNtsFY83uk8s7dbe3ikDaGuR1G_HpG-en27R4M65P3uw@mail.gmail.com>
From: Xin Li <delphij@delphij.net>
Organization: The FreeBSD Project
Message-ID: <95d6ce61-06af-eb12-9a6e-2b8342663dc7@delphij.net>
Date: Sun, 4 Oct 2020 22:30:10 -0700
MIME-Version: 1.0
In-Reply-To: <CANCZdfqNtsFY83uk8s7dbe3ikDaGuR1G_HpG-en27R4M65P3uw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4C4ThB1rL1z4h35
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.83 / 15.00];
 HAS_REPLYTO(0.00)[d@delphij.net]; RCVD_VIA_SMTP_AUTH(0.00)[];
 R_DKIM_ALLOW(-0.20)[delphij.net:s=m7e2];
 FREEFALL_USER(0.00)[delphij]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx];
 RCVD_TLS_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain];
 REPLYTO_DOM_EQ_FROM_DOM(0.00)[]; ARC_NA(0.00)[];
 MID_RHS_MATCH_FROM(0.00)[]; HAS_ORG_HEADER(0.00)[];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[delphij.net:+];
 DMARC_POLICY_ALLOW(-0.50)[delphij.net,reject];
 NEURAL_HAM_SHORT(-0.74)[-0.744];
 NEURAL_HAM_MEDIUM(-1.03)[-1.027];
 NEURAL_HAM_LONG(-1.06)[-1.060]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:6939, ipnet:64.62.128.0/18, country:US];
 RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-current]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2020 05:30:19 -0000



On 10/4/20 10:13 PM, Warner Losh wrote:
> 
> 
> On Sun, Oct 4, 2020, 11:07 PM Xin Li <delphij@delphij.net
> <mailto:delphij@delphij.net>> wrote:
> 
>     Hi,
> 
>     I'm seeing this panic at boot after upgrading from r366217 to r366364,
>     and continues to exist for r366421 (but I haven't find out the exact
>     change that caused it).  Preloading the relevant kernel modules
>     (uhid.ko, ums.ko and wmt.ko) seems to make the kernel boot correctly.
> 
> 
> What happens if you disable devmatch and load these modules by hand?

Loading these modules from loader or kld_list will prevent this panic
regardless if devmatch is enabled.

> What happens if you load them from rc.d scripts with devmatch disabled?

It seems that the devmatch was started by devd and not rc.  Disabling
devmatch (setting devmatch_enable="NO" without loading any of these klds
would not provoke the panic).

> Warner
> 
>     This is not reproducible on my laptop, which will load many more kernel
>     modules.
> 
>     ===
>     Autoloading module: uhid.ko
>     Autoloading module: wmt.ko
> 
> 
>     Fatal trap 9: general protection fault while in kernel mode
>     cpuid = 2; apic id = 04
>     instruction pointer     = 0x20:0xffffffff806ad6eb
>     stack pointer           = 0x28:0xfffffe01850cd960
>     frame pointer           = 0x28:0xfffffe01850cd9e0
>     code segment            = base 0x0, limit 0xfffff, type 0x1b
>                             = DPL 0, pres 1, long 1, def32 0, gran 1
>     processor eflags        = interrupt enabled, resume, IOPL = 0
>     current process         = 740 (devmatch)
>     trap number             = 9
>     panic: general protection fault
>     cpuid = 3
>     time = 1601866799
>     KDB: stack backtrace:
>     db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
>     0xfffffe01850cd670
>     vpanic() at vpanic+0x182/frame 0xfffffe01850cd6c0
>     panic() at panic+0x43/frame 0xfffffe01850cd720
>     trap_fatal() at trap_fatal+0x387/frame 0xfffffe01850cd780
>     trap() at trap+0xa4/frame 0xfffffe01850cd890
>     calltrap() at calltrap+0x8/frame 0xfffffe01850cd890
>     --- trap 0x9, rip = 0xffffffff806ad6eb, rsp = 0xfffffe01850cd960, rbp =
>     0xfffffe01850cd9e0 ---
>     sysctl_devices() at sysctl_devices+0x24b/frame 0xfffffe01850cd9e0
>     sysctl_root_handler_locked() at sysctl_root_handler_locked+0x9c/frame
>     0xfffffe01850cda30
>     sysctl_root() at sysctl_root+0x20a/frame 0xfffffe01850cdab0
>     userland_sysctl() at userland_sysctl+0x17d/frame 0xfffffe01850cdb60
>     sys___sysctl() at sys___sysctl+0x5f/frame 0xfffffe01850cdc10
>     amd64_syscall() at amd64_syscall+0x135/frame 0xfffffe01850cdd30
>     fast_syscall_common() at fast_syscall_common+0xf8/frame
>     0xfffffe01850cdd30
>     --- syscall (202, FreeBSD ELF64, sys___sysctl), rip = 0x80038968a, rsp =
>     0x7fffffffd988, rbp = 0x7fffffffd9c0 ---
>     ===
> 
>     sysctl_devices+0x24b (0x6dab) was:
> 
>             sb->s_len += strlen(p);
>         6d50:       4c 89 e7                mov    %r12,%rdi
>         6d53:       e8 00 00 00 00          callq  6d58
>     <sysctl_devices+0x1f8>
>         6d58:       48 01 45 b0             add    %rax,-0x50(%rbp)
>         6d5c:       48 8d 7d 88             lea    -0x78(%rbp),%rdi
>             sbuf_putc(&sb, '\0');
>         6d60:       31 f6                   xor    %esi,%esi
>         6d62:       e8 00 00 00 00          callq  6d67
>     <sysctl_devices+0x207>
>             MPASS((sb->s_flags & SBUF_INCLUDENUL) == 0);
>         6d67:       f6 45 b8 02             testb  $0x2,-0x48(%rbp)
>         6d6b:       0f 85 10 01 00 00       jne    6e81
>     <sysctl_devices+0x321>
>             if (sb->s_error != 0)
>         6d71:       83 7d a0 00             cmpl   $0x0,-0x60(%rbp)
>         6d75:       0f 85 8c 00 00 00       jne    6e07
>     <sysctl_devices+0x2a7>
>             p = EOB(sb);
>         6d7b:       4c 8b 65 88             mov    -0x78(%rbp),%r12
>         6d7f:       48 8b 45 b0             mov    -0x50(%rbp),%rax
>             *p = '\0';      /* sbuf buffer isn't NUL terminated until
>     sbuf_finish() */
>         6d83:       41 c6 04 04 00          movb   $0x0,(%r12,%rax,1)
>             space = SPACE(sb);
>         6d88:       4c 8b 6d a8             mov    -0x58(%rbp),%r13
>         6d8c:       4c 2b 6d b0             sub    -0x50(%rbp),%r13
>             if (space <= 1) {
>         6d90:       49 83 fd 01             cmp    $0x1,%r13
>         6d94:       77 09                   ja     6d9f
>     <sysctl_devices+0x23f>
>                     sb->s_error = ENOMEM;
>         6d96:       c7 45 a0 0c 00 00 00    movl   $0xc,-0x60(%rbp)
>         6d9d:       eb 68                   jmp    6e07
>     <sysctl_devices+0x2a7>
>         6d9f:       49 01 c4                add    %rax,%r12
>             return (dev->parent);
>         6da2:       48 8b 7b 28             mov    0x28(%rbx),%rdi
>             if (parent == NULL) {
>         6da6:       48 85 ff                test   %rdi,%rdi
>         6da9:       74 4b                   je     6df6
>     <sysctl_devices+0x296>
>             KOBJOPLOOKUP(((kobj_t)_dev)->ops,bus_child_location_str);
>         6dab:       48 8b 07                mov    (%rdi),%rax
>         6dae:       48 c7 c2 00 00 00 00    mov    $0x0,%rdx
>         6db5:       0f b6 0d 00 00 00 00    movzbl 0x0(%rip),%ecx        #
>     6dbc <sysctl_devices+0x25c>
>         6dbc:       4c 8b 04 c8             mov    (%rax,%rcx,8),%r8
>         6dc0:       49 39 10                cmp    %rdx,(%r8)
>         6dc3:       74 22                   je     6de7
>     <sysctl_devices+0x287>
>         6dc5:       48 8d 34 c8             lea    (%rax,%rcx,8),%rsi
>         6dc9:       48 89 7d d0             mov    %rdi,-0x30(%rbp)
>         6dcd:       48 8b b8 00 08 00 00    mov    0x800(%rax),%rdi
>         6dd4:       48 c7 c2 00 00 00 00    mov    $0x0,%rdx
>         6ddb:       e8 00 00 00 00          callq  6de0
>     <sysctl_devices+0x280>
>         6de0:       48 8b 7d d0             mov    -0x30(%rbp),%rdi
>         6de4:       49 89 c0                mov    %rax,%r8
>             rc = ((bus_child_location_str_t *) _m)(_dev, _child, _buf,
>     _buflen);
>         6de7:       48 89 de                mov    %rbx,%rsi
>