[Bug 259218] Fatal trap 12: page fault while in kernel mode

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 259218] Fatal trap 12: page fault while in kernel mode"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 20 Oct 2021 00:24:20 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259218

--- Comment #13 from Dennis Clarke <dclarke@blastwave.org> ---

Here is the disassembly :

dclarke@esther:~ $ uname -apKU
FreeBSD esther 14.0-CURRENT FreeBSD 14.0-CURRENT #0 main-n250102-d95c0a12a2d:
Mon Oct 18 05:58:15 GMT 2021    
root@esther:/usr/obj/usr/src/i386.i386/sys/GENERIC  i386 i386 1400038 1400038
dclarke@esther:~ $ 
dclarke@esther:~ $ 
dclarke@esther:~ $ ls -lap /usr/obj/usr/src/i386.i386/sys/GENERIC/kernel.full
-rwxr-xr-x  1 root  wheel  86441196 Oct 18 05:58
/usr/obj/usr/src/i386.i386/sys/GENERIC/kernel.full
dclarke@esther:~ $ 
dclarke@esther:~ $ TERM=dumb gdb -q
/usr/obj/usr/src/i386.i386/sys/GENERIC/kernel.full
Reading symbols from /usr/obj/usr/src/i386.i386/sys/GENERIC/kernel.full...
(gdb) disassemble random_nehemiah_read
Dump of assembler code for function random_nehemiah_read:
   0x014041e0 <+0>:     push   %ebp
   0x014041e1 <+1>:     mov    %esp,%ebp
   0x014041e3 <+3>:     push   %ebx
   0x014041e4 <+4>:     push   %edi
   0x014041e5 <+5>:     push   %esi
   0x014041e6 <+6>:     and    $0xfffffff8,%esp
   0x014041e9 <+9>:     sub    $0x18,%esp
   0x014041ec <+12>:    mov    %fs:0x0,%eax
   0x014041f2 <+18>:    push   $0x0
   0x014041f4 <+20>:    push   0x1e5bb30
   0x014041fa <+26>:    mov    %eax,0xc(%esp)
   0x014041fe <+30>:    push   %eax
   0x014041ff <+31>:    call   0x1416e90 <fpu_kern_enter>
   0x01404204 <+36>:    add    $0xc,%esp
   0x01404207 <+39>:    cmpl   $0x0,0xc(%ebp)
   0x0140420b <+43>:    je     0x1404277 <random_nehemiah_read+151>
   0x0140420d <+45>:    mov    0x8(%ebp),%esi
   0x01404210 <+48>:    mov    0xc(%ebp),%ebx
   0x01404213 <+51>:    jmp    0x1404235 <random_nehemiah_read+85>
   0x01404215 <+53>:    nop
   0x01404216 <+54>:    nop
   0x01404217 <+55>:    nop
   0x01404218 <+56>:    nop
   0x01404219 <+57>:    nop
   0x0140421a <+58>:    nop
   0x0140421b <+59>:    nop
   0x0140421c <+60>:    nop
   0x0140421d <+61>:    nop
   0x0140421e <+62>:    nop
   0x0140421f <+63>:    nop
   0x01404220 <+64>:    push   %edi
   0x01404221 <+65>:    lea    0xc(%esp),%eax
   0x01404225 <+69>:    push   %eax
   0x01404226 <+70>:    push   %esi
   0x01404227 <+71>:    call   0x142caf8 <memcpy>
   0x0140422c <+76>:    add    $0xc,%esp
   0x0140422f <+79>:    add    %edi,%esi
   0x01404231 <+81>:    sub    %edi,%ebx
   0x01404233 <+83>:    je     0x1404277 <random_nehemiah_read+151>
   0x01404235 <+85>:    xor    %edx,%edx
   0x01404237 <+87>:    lea    0x8(%esp),%edi
--Type <RET> for more, q to quit, c to continue without paging--
   0x0140423b <+91>:    mov    $0x0,%edx
   0x01404240 <+96>:    repz xstore-rng 
   0x01404244 <+100>:   and    $0x1f,%eax
   0x01404247 <+103>:   test   %edx,%edx
   0x01404249 <+105>:   mov    $0x0,%ecx
   0x0140424e <+110>:   cmovne %ecx,%eax
   0x01404251 <+113>:   mov    %ebx,%edi
   0x01404253 <+115>:   cmp    %ebx,%eax
   0x01404255 <+117>:   jae    0x1404220 <random_nehemiah_read+64>
   0x01404257 <+119>:   xor    %edx,%edx
   0x01404259 <+121>:   lea    0x8(%esp),%edi
   0x0140425d <+125>:   mov    $0x0,%edx
   0x01404262 <+130>:   repz xstore-rng 
   0x01404266 <+134>:   mov    %eax,%edi
   0x01404268 <+136>:   and    $0x1f,%edi
   0x0140426b <+139>:   test   %edx,%edx
   0x0140426d <+141>:   mov    $0x0,%eax
   0x01404272 <+146>:   cmovne %eax,%edi
   0x01404275 <+149>:   jmp    0x1404220 <random_nehemiah_read+64>
   0x01404277 <+151>:   push   0x1e5bb30
   0x0140427d <+157>:   push   0x8(%esp)
   0x01404281 <+161>:   call   0x1417100 <fpu_kern_leave>
   0x01404286 <+166>:   add    $0x8,%esp
   0x01404289 <+169>:   mov    0xc(%ebp),%eax
   0x0140428c <+172>:   lea    -0xc(%ebp),%esp
   0x0140428f <+175>:   pop    %esi
   0x01404290 <+176>:   pop    %edi
   0x01404291 <+177>:   pop    %ebx
   0x01404292 <+178>:   pop    %ebp
   0x01404293 <+179>:   ret    
End of assembler dump.
(gdb) list *random_nehemiah_read
0x14041e0 is in random_nehemiah_read (/usr/src/sys/dev/random/nehemiah.c:99).
94      }
95
96      /* It is specifically allowed that buf is a multiple of sizeof(long) */
97      static u_int
98      random_nehemiah_read(void *buf, u_int c)
99      {
100             uint8_t *b;
101             size_t count, ret;
102             uint64_t tmp;
103
(gdb) 
104             fpu_kern_enter(curthread, fpu_ctx_save, FPU_KERN_NORMAL);
105             b = buf;
106             for (count = c; count > 0; count -= ret) {
107                     ret = MIN(VIA_RNG_store(&tmp), count);
108                     memcpy(b, &tmp, ret);
109                     b += ret;
110             }
111             fpu_kern_leave(curthread, fpu_ctx_save);
112
113             return (c);
(gdb) 
114     }
115
116     static int
117     nehemiah_modevent(module_t mod, int type, void *unused)
118     {
119             int error = 0;
120
121             switch (type) {
122             case MOD_LOAD:
123                     if (via_feature_rng & VIA_HAS_RNG) {
(gdb) quit
dclarke@esther:~ $

-- 
You are receiving this mail because:
You are the assignee for the bug.