From owner-freebsd-current@freebsd.org Tue Sep 22 21:18:25 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 77E653F7784 for ; Tue, 22 Sep 2020 21:18:25 +0000 (UTC) (envelope-from oleg@theweb.org.ua) Received: from sigill.theweb.org.ua (noc.quadranet.com [66.63.164.214]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "sigill.theweb.org.ua", Issuer "sigill.theweb.org.ua" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BwvL76X2Xz4fGR for ; Tue, 22 Sep 2020 21:18:22 +0000 (UTC) (envelope-from oleg@theweb.org.ua) Received: from sigill.theweb.org.ua (localhost [127.0.0.1]) by sigill.theweb.org.ua (8.16.1/8.16.1) with ESMTPS id 08MLIDtI036106 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Wed, 23 Sep 2020 00:18:13 +0300 (EEST) (envelope-from oleg@theweb.org.ua) Received: (from oleg@localhost) by sigill.theweb.org.ua (8.16.1/8.16.1/Submit) id 08MLIDDJ036105 for freebsd-current@freebsd.org; Wed, 23 Sep 2020 00:18:13 +0300 (EEST) (envelope-from oleg@theweb.org.ua) X-Authentication-Warning: sigill.theweb.org.ua: oleg set sender to oleg@theweb.org.ua using -f From: "Oleg V. Nauman" To: freebsd-current@freebsd.org Subject: Re: Fwd: Re: r365488 page faults on AMD Ryzen 9 3950X Date: Wed, 23 Sep 2020 00:18:12 +0300 Message-ID: <3773950.BRNeRiNLvY@sigill.theweb.org.ua> Organization: Private persom In-Reply-To: <6c5cff68-23d5-c093-7404-a3fed341e5bb@gwdg.de> References: <88af31d4-9ed9-172a-d48f-1780f19841e3@twcny.rr.com> <14418f1d-4b3a-7c4d-4cdd-030a00d86383@gwdg.de> <6c5cff68-23d5-c093-7404-a3fed341e5bb@gwdg.de> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Rspamd-Queue-Id: 4BwvL76X2Xz4fGR X-Spamd-Bar: ++++ X-Spamd-Result: default: False [4.99 / 15.00]; HFILTER_HELO_NORES_A_OR_MX(0.30)[sigill.theweb.org.ua]; HAS_XAW(0.00)[]; TO_DN_NONE(0.00)[]; HAS_ORG_HEADER(0.00)[]; HFILTER_HELO_IP_A(1.00)[sigill.theweb.org.ua]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; CTE_CASE(0.50)[]; ASN(0.00)[asn:8100, ipnet:66.63.164.0/23, country:US]; R_DKIM_NA(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[oleg]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.93)[0.934]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.80)[0.798]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[theweb.org.ua]; NEURAL_SPAM_LONG(0.55)[0.554]; R_SPF_NA(0.00)[no SPF record]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2020 21:18:25 -0000 On 2020 M09 22, Tue 19:45:25 EEST Rainer Hurling wrote: > On 22.09.20 07:06, Rainer Hurling wrote: > > Am 22.09.20 um 00:13 schrieb Konstantin Belousov: > >> On Mon, Sep 21, 2020 at 08:57:46PM +0200, Rainer Hurling wrote: > >>> Fatal trap 12: page fault while in kernel mode > >>> cpuid = 31; apic id = 1f > >>> fault virtual address = 0x25407efa > >> > >> This address is very suspicious. > >> > >> I cannot claim it as the fact, but most likely cause for such garbage > >> pointer value is mismatched ABI between kernel and module. In other > >> words, the module was built against headers from different kernel. > > > > Hmm, thanks for the pointer. I will double check this evening and > > reporting back. > > > > Normally, this module should have been built and installed with the > > kernel build. > > As I said, the module was rebuild and reinstalled with the kernel build, > and I double checked, the module was the patched version. > > So the boot messages about the page fault should be created by the > rebuild, patched module. > > >>> fault code = supervisor read data, page not present > >>> instruction pointer = 0x20:0xffffffff80ec0b63 > >>> stack pointer = 0x28:0xffffffff826018b0 > >>> frame pointer = 0x28:0xffffffff82601940 > >>> code segment = base 0x0, limit 0xfffff, type 0x1b > >>> = DPL 0, pres 1, long 1, def32 0, gran 1 > >>> processor eflags = interrupt enabled, resume, IOPL = 0 > >>> current process = 0 (swapper) > >>> trap number = 12 > >>> panic: page fault > >>> cpuid = 31 > >>> time = 1 > >>> KDB: stack backtrace: > >>> db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame > >>> 0xffffffff82601560 > >>> vpanic() at vpanic+0x182/frame 0xffffffff826015b0 > >>> panic() at panic+0x43/frame 0xffffffff82601610 > >>> trap_fatal() at trap_fatal+0x387/frame 0xffffffff82601670 > >>> trap_pfault() at trap_pfault+0x97/frame 0xffffffff826016d0 > >>> trap() at trap+0x2ab/frame 0xffffffff826017e0 > >>> calltrap() at calltrap+0x8/frame 0xffffffff826017e0 > >>> --- trap 0xc, rip = 0xffffffff80ec0b63, rsp = 0xffffffff826018b0, rbp = > >>> 0xffffffff82601940 --- > >>> vm_map_insert() at vm_map_insert+0x2f3/framw 0xffffffff82601940 > >>> vm_map_find() at vm_map_find+0x4a4/frame 0xffffffff82601a00 > >>> rtR0MemObjFreeBSDAllocHelper() at > >>> rtR0MemObjFreeBSDAllocHelper+0x96/frame 0xffffffff82601a70 > >>> rtR0MemObjNativeAllocCont() at rtR0MemObjNativeAllocCont+0x50/frame > >>> 0xffffffff82601ac0 > >>> supdrvGipCreate() at supdrvGipCreate+0x97/frame 0xffffffff82601b60 > >>> supdrvInitDevExt() at supdrvInitDevExt+0x19a/frame 0xffffffff82601bd0 > >>> VBoxDrvFreeBSDModuleEvent() at VBoxDrvFreeBSDModuleEvent+0x46/frame > >>> 0xffffffff82601bf0 > >>> module_register_init() at module_register_init+0xbd/frame > >>> 0xffffffff82601c20 > >>> mi_startup() at mi_startup+0xec/frame 0xffffffff82601c70 > >>> btext() at btext+0x2c > >>> KDB: enter: panic > >>> [ thread pid 0 tid 100000 ] > >>> Stopped at kdb_enter+0x37: movq $0,0x10b5616(%rip) > >>> db> > >>> > >>> > >>> Perhaps this gives some more insight into the problem? I can't assess, > >>> sorry. I am experiencing the same issue with panic caused by 'kldload vboxdrv' Below is the stack strace , with both virtualbox-ose and virtualbox-ose-kmod patched: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x1e419ada fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff80731b0d stack pointer = 0x28:0xfffffe008223b4d0 frame pointer = 0x28:0xfffffe008223b550 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 2194 (kldload) trap number = 12 panic: page fault cpuid = 0 time = 1600808943 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe008223b1b0 vpanic() at vpanic+0x182/frame 0xfffffe008223b200 panic() at panic+0x43/frame 0xfffffe008223b260 trap_fatal() at trap_fatal+0x387/frame 0xfffffe008223b2c0 trap_pfault() at trap_pfault+0x49/frame 0xfffffe008223b2f0 trap() at trap+0x259/frame 0xfffffe008223b400 calltrap() at calltrap+0x8/frame 0xfffffe008223b400 --- trap 0xc, rip = 0xffffffff80731b0d, rsp = 0xfffffe008223b4d0, rbp = 0xfffffe008223b550 --- vm_map_insert() at vm_map_insert+0x24d/frame 0xfffffe008223b550 vm_map_find() at vm_map_find+0x539/frame 0xfffffe008223b630 rtR0MemObjFreeBSDAllocHelper() at rtR0MemObjFreeBSDAllocHelper+0x96/frame 0xfffffe008223b6a0 rtR0MemObjNativeAllocCont() at rtR0MemObjNativeAllocCont+0x50/frame 0xfffffe008223b6f0 supdrvGipCreate() at supdrvGipCreate+0x97/frame 0xfffffe008223b790 supdrvInitDevExt() at supdrvInitDevExt+0x19a/frame 0xfffffe008223b800 VBoxDrvFreeBSDModuleEvent() at VBoxDrvFreeBSDModuleEvent+0x46/frame 0xfffffe008223b820 module_register_init() at module_register_init+0x94/frame 0xfffffe008223b850 linker_load_module() at linker_load_module+0xb78/frame 0xfffffe008223bb60 kern_kldload() at kern_kldload+0xa3/frame 0xfffffe008223bba0 sys_kldload() at sys_kldload+0x5b/frame 0xfffffe008223bbd0 amd64_syscall() at amd64_syscall+0xff/frame 0xfffffe008223bcf0 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe008223bcf0 --- syscall (304, FreeBSD ELF64, sys_kldload), rip = 0x80037a11a, rsp = 0x7fffffffe598, rbp = 0x7fffffffeb10 --- KDB: enter: panic __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu, (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:394 #2 0xffffffff8035104a in db_dump (dummy=, dummy2=, dummy3=, dummy4=) at /usr/src/sys/ddb/db_command.c:575 #3 0xffffffff80350e10 in db_command (last_cmdp=, cmd_table=, dopager=1) at /usr/src/sys/ddb/db_command.c:482 #4 0xffffffff80350b7d in db_command_loop () at /usr/src/sys/ddb/db_command.c:535 #5 0xffffffff80353df6 in db_trap (type=, code=) at /usr/src/sys/ddb/db_main.c:270 #6 0xffffffff805983c3 in kdb_trap (type=3, code=0, tf=) at /usr/src/sys/kern/subr_kdb.c:699 #7 0xffffffff807ac26a in trap (frame=0xfffffe008223b0e0) at /usr/src/sys/amd64/amd64/trap.c:576 #8 #9 kdb_enter (why=0xffffffff80831558 "panic", msg=) at /usr/src/sys/kern/subr_kdb.c:486 #10 0xffffffff80552f0e in vpanic (fmt=, ap=) at /usr/src/sys/kern/kern_shutdown.c:902 #11 0xffffffff80552d63 in panic ( fmt=0xffffffff80a8e688 "\275\317\203\200\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:839 #12 0xffffffff807ac6a7 in trap_fatal (frame=0xfffffe008223b410, eva=507615962) at /usr/src/sys/amd64/amd64/trap.c:915 #13 0xffffffff807ac6f9 in trap_pfault (frame=0xfffffe008223b410, usermode=, signo=, ucode=) at /usr/src/sys/amd64/amd64/trap.c:732 #14 0xffffffff807abdd9 in trap (frame=0xfffffe008223b410) at /usr/src/sys/amd64/amd64/trap.c:398 #15 #16 vm_map_insert (map=, object=, offset=, start=18446741876713496576, end=18446741876713500672, prot=, max=7 '\a', cow=0) at /usr/src/sys/vm/vm_map.c:1660 #17 0xffffffff807341e9 in vm_map_find (map=, object=, offset=0, addr=, length=4096, max_addr=0, find_space=1, prot=3 '\003', max=7 '\a', cow=0) at /usr/src/sys/vm/vm_map.c:2156 #18 0xffffffff811c9326 in rtR0MemObjFreeBSDAllocHelper () from /boot/modules/vboxdrv.ko #19 0xffffffff811c94b0 in rtR0MemObjNativeAllocCont () from /boot/modules/vboxdrv.ko #20 0xffffffff811a6787 in supdrvGipCreate () from /boot/modules/vboxdrv.ko #21 0xffffffff8119f19a in supdrvInitDevExt () from /boot/modules/vboxdrv.ko #22 0xffffffff811aeff6 in VBoxDrvFreeBSDModuleEvent () from /boot/modules/vboxdrv.ko #23 0xffffffff8053a204 in module_register_init (arg=0x0) at /usr/src/sys/kern/kern_module.c:123 #24 0xffffffff8052df88 in linker_file_sysinit (lf=) at /usr/src/sys/kern/kern_linker.c:235 #25 linker_load_file (filename=, result=) at /usr/src/sys/kern/kern_linker.c:460 #26 linker_load_module (kldname=, modname=0xfffff80003525000 "vboxdrv", parent=0x0, verinfo=, lfpp=) at /usr/src/sys/kern/kern_linker.c:2129 #27 0xffffffff8052f5c3 in kern_kldload (td=, file=, fileid=0xfffffe008223bbb4) at /usr/src/sys/kern/kern_linker.c:1089 #28 0xffffffff8052f69b in sys_kldload (td=0xfffffe0081dd5c00, uap=) at /usr/src/sys/kern/kern_linker.c:1115 #29 0xffffffff807ace1f in syscallenter (td=0xfffffe0081dd5c00) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:162 #30 amd64_syscall (td=0xfffffe0081dd5c00, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1156 #31 #32 0x000000080037a11a in ?? () Backtrace stopped: Cannot access memory at address 0x7fffffffe598 (kgdb) Thank you