[Bug 228768] EARLY_AP_STARTUP causes panic on amd machines
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Oct 30 13:15:21 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228768
--- Comment #3 from Roger Hammerstein <cheeky.m at live.com> ---
(In reply to John Baldwin from comment #2)
With DDB and WITNESS,
MADT: Interrupt override: source 9, irq 9
ioapic0: intpin 9 trigger: level
ioapic3 <Version 1.1> irqs 24-47 on motherboard
ioapic0 <Version 1.1> irqs 0-23 on motherboard
ioapic1 <Version 1.1> irqs 48-54 on motherboard
ioapic2 <Version 1.1> irqs 56-62 on motherboard
lapic: Divisor 2, Frequency 99737090 Hz
cpu0 BSP:
ID: 0x00000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff
lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff
timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400
AMD ext features: 0x00010003
AMD elvt0: 0x00010000
SMP: AP CPU
FtKernel page fault with the following non-sleepable locks held:
exclusive spin mutex clk (clk) r = 0 (0xffffffff81e70d78) locked @
/usr/src/sys/x86/isa/clock.c:209
exclusive spin mutex ap boot (ap boot) r = 0 (0xffffffff81fc4788) locked @
/usr/src/sys/x86/x86/mp_x86.c:1013
stack backtrace:
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0xfffff80080054000
fault code = supervisor read instruction, protection violation
instruction pointer = 0x20:0xfffff80080054000
stack pointer = 0x28:0xfffffe0002a8f8b0
frame pointer = 0x28:0x0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 11 (idle: cpu1)
[ thread pid 11 tid 100004 ]
Stopped at 0xfffff80080054000
db> trace
Tracing pid 11 tid 100004 td 0xfffff80080054580
??() at 0xfffff80080054000
db>
Any other commands to run?
db> show locks
exclusive spin mutex clk (clk) r = 0 (0xffffffff81e70d78) locked @
/usr/src/sys/x86/isa/clock.c:209
exclusive spin mutex ap boot (ap boot) r = 0 (0xffffffff81fc4788) locked @
/usr/src/sys/x86/x86/mp_x86.c:1013
db>
db> show alllocks
Process 0 (kernel) thread 0xffffffff81e8a3e0 (100000)
exclusive sleep mutex Giant (Giant) r = 0 (0xffffffff818020c0) locked @
/usr/src/sys/kern/kern_module.c:116
db>
db> bt
Tracing pid 11 tid 100004 td 0xfffff80080054580
??() at 0xfffff80080054000
db>
db> ps
pid ppid pgrp uid state wmesg wchan cmd
12 0 0 0 WL (threaded) [intr]
100008 I [swi6: task queue]
100009 I [swi6: Giant
taskq]
100011 I [swi5: fast taskq]
11 0 0 0 RL (threaded) [idle]
100003 CanRun [idle: cpu0]
100004 CanRun [idle: cpu1]
100005 CanRun [idle: cpu2]
100006 CanRun [idle: cpu3]
1 0 0 0 ?L [kernel]
10 0 0 0 RL [audit]
0 0 0 0 RLs (threaded) [kernel]
100000 Run CPU 0 [swapper]
100007 RunQ [aiod_kick taskq]
100010 RunQ [thread taskq]
100012 RunQ [config_0]
100013 RunQ [kqueue_ctx taskq]
db>
db> show pcpu
cpuid = 1
dynamic pcpu = 0xfffffe0081100ec0
curthread = 0xfffff80080054580: pid 11 tid 100004 "idle: cpu1"
curpcb = 0
fpcurthread = none
idlethread = 0xfffff80080054580: tid 100004 "idle: cpu1"
curpmap = 0xffffffff81e8aaa8
tssp = 0xffffffff81fb5e88
commontssp = 0xffffffff81fb5e88
rsp0 = 0x0
gs32p = 0xffffffff81fbcac0
ldt = 0xffffffff81fbcb00
tss = 0xffffffff81fbcaf0
curvnet = 0
spin locks held:
exclusive spin mutex clk (clk) r = 0 (0xffffffff81e70d78) locked @
/usr/src/sys/x86/isa/clock.c:209
exclusive spin mutex ap boot (ap boot) r = 0 (0xffffffff81fc4788) locked @
/usr/src/sys/x86/x86/mp_x86.c:1013
db>
db> show reg
cs 0x20
ds 0x28 ll+0x7
es 0x28 ll+0x7
fs 0x28 ll+0x7
gs 0x28 ll+0x7
ss 0x28 ll+0x7
rax 0xfffff80080054580
rcx 0x5a8 ll+0x587
rdx 0xffffffff811b4939 do_execve.fexecv_proc_title+0x98a5
rbx 0
rsp 0xfffffe0002a8f8b0
rbp 0
rsi 0x8
rdi 0xffffffff81d93998 w_mtx
r8 0xffffffff811bd5a6
r9 0x6c ll+0x4b
r10 0xfffff800dfd79600
r11 0
r12 0xffffffff81dd7718
r13 0
r14 0xffffffff8125cb1b
r15 0xfffff800dfd78b80
rip 0xfffff80080054000
rflags 0x10286
0xfffff80080054000
db>
db> alltrace
Tracing command intr pid 12 tid 100008 td 0xfffff80080053580
fork_trampoline() at fork_trampoline
Tracing command intr pid 12 tid 100009 td 0xfffff80080053000
fork_trampoline() at fork_trampoline
Tracing command intr pid 12 tid 100011 td 0xfffff800031f1000
fork_trampoline() at fork_trampoline
Tracing command idle pid 11 tid 100003 td 0xfffff800031df000
fork_trampoline() at fork_trampoline
Tracing command idle pid 11 tid 100004 td 0xfffff80080054580
??() at 18446735279764357120
Tracing command idle pid 11 tid 100005 td 0xfffff80080054000
fork_trampoline() at fork_trampoline
Tracing command idle pid 11 tid 100006 td 0xfffff800031de580
fork_trampoline() at fork_trampoline
Tracing command kernel pid 1 tid 100002 td 0xfffff800031df580
fork_trampoline() at fork_trampoline
Tracing command audit pid 10 tid 100001 td 0xfffff80080055000
fork_trampoline() at fork_trampoline
Tracing command kernel pid 0 tid 100000 td 0xffffffff81e8a3e0 (CPU 0)
??() at 0
KDB: reentering
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+43/frame 0xfffffe0002a8f040
kdb_reenter() at kdb_reenter+47/frame 0xfffffe0002a8f050
trap() at trap+92/frame 0xfffffe0002a8f160
calltrap() at calltrap+8/frame 0xfffffe0002a8f160
--- trap 12, rip = 18446744071578560736, rsp = 18446741874730922544, rbp =
18446741874730922688 ---
db_read_bytes() at db_read_bytes+128/frame 0xfffffe0002a8f2c0
db_get_value() at db_get_value+51/frame 0xfffffe0002a8f300
db_backtrace() at db_backtrace+567/frame 0xfffffe0002a8f390
db_trace_thread() at db_trace_thread+61/frame 0xfffffe0002a8f3b0
_db_stack_trace_all() at _db_stack_trace_all+244/frame 0xfffffe0002a8f450
db_command() at db_command+633/frame 0xfffffe0002a8f520
db_command_loop() at db_command_loop+100/frame 0xfffffe0002a8f530
db_trap() at db_trap+239/frame 0xfffffe0002a8f5c0
kdb_trap() at kdb_trap+451/frame 0xfffffe0002a8f630
trap_fatal() at trap_fatal+689/frame 0xfffffe0002a8f680
trap_pfault() at trap_pfault+98/frame 0xfffffe0002a8f6d0
trap() at trap+670/frame 0xfffffe0002a8f7e0
calltrap() at calltrap+8/frame 0xfffffe0002a8f7e0
--- trap 12, rip = 18446735279764357120, rsp = 18446741874730924208, rbp = 0
---
??() at 18446735279764357120
*** error reading from address 8 ***
KDB: reentering
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+43/frame 0xfffffe0002a8f2b0
kdb_reenter() at kdb_reenter+47/frame 0xfffffe0002a8f2c0
db_get_value() at db_get_value+77/frame 0xfffffe0002a8f300
db_backtrace() at db_backtrace+567/frame 0xfffffe0002a8f390
db_trace_thread() at db_trace_thread+61/frame 0xfffffe0002a8f3b0
_db_stack_trace_all() at _db_stack_trace_all+244/frame 0xfffffe0002a8f450
db_command() at db_command+633/frame 0xfffffe0002a8f520
db_command_loop() at db_command_loop+100/frame 0xfffffe0002a8f530
db_trap() at db_trap+239/frame 0xfffffe0002a8f5c0
kdb_trap() at kdb_trap+451/frame 0xfffffe0002a8f630
trap_fatal() at trap_fatal+689/frame 0xfffffe0002a8f680
trap_pfault() at trap_pfault+98/frame 0xfffffe0002a8f6d0
trap() at trap+670/frame 0xfffffe0002a8f7e0
calltrap() at calltrap+8/frame 0xfffffe0002a8f7e0
--- trap 12, rip = 18446735279764357120, rsp = 18446741874730924208, rbp = 0
---
??() at 18446735279764357120
db>
db> show lapic
lapic ID = 1
version = 1.0
max LVT = 5
SVR = ff (enabled)
TPR = 00
In-service Interrupts:
TMR Interrupts:
IRR Interrupts:
db>
with the cpus 2 and 3 disabled:
----------------------------------------------------
ioapic3 <Version 1.1> irqs 24-47 on motherboard
ioapic0 <Version 1.1> irqs 0-23 on motherboard
ioapic1 <Version 1.1> irqs 48-54 on motherboard
ioapic2 <Version 1.1> irqs 56-62 on motherboard
lapic: Divisor 2, Frequency 99736985 Hz
cpu0 BSP:
ID: 0x00000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff
lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff
timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400
AMD ext features: 0x00010003
AMD elvt0: 0x00010000
SMP: AP CPU #1 Launched!
cpu1 AP:
ID: 0x01000000 VER: 0x80050010 LDR: 0x00000000 DFR: 0xffffffff
lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff
timer: 0x000100ef therm: 0x00010000 err: 0x000000f0 pmc: 0x00010400
AMD ext features: 0x00010003
AMD elvt0: 0x00010000
[hangs here]
----------------------------------
with just DDB and w/o WITNESS:
----------------------------------
defini8254_delay() at) a i8254_delay+0x1e/f_lock_indefinite_check() at
_mtx_lock_indefinite_check+0x21/frame 0xfffffe0
002986680
_mtx_lock_spin_cookie() at0_mtx_lock_spin_cookie+0xd4/frame
0xfffffe00029866f0
at getit() atkg_spin_cookie+0xd4/frame 0xfffffe0000606190
getit() atfgfe0002986710
rami8254_delay() at 0xfffffe00006061b0
/frame 0xfffffe0002986730
at _mi8254_delay+0x1e/frame 0xfffffe00006061d0
at_mtx_lock_indefinite_check() atk_mtx_lock_indefinite_check+0x21/fram
0x_fffffe0002986
740
in_cookie()ck_s_mtx_lock_spin_cookie+0xd4/frame 0xfffffe0000606250
getit() atmgetit+0x91/frame 0xfffffe0000606270
0xfffffe0054_delay() at
i8ge254_delay+0x1e/frame 0xfffffe0000606290
_mtx_lgeock_indefinite_check() at _mtx_lock_indefinite_ch eck+0x21/frame
0xfffffe00006062a0
0xfffffe00029867d0
pin_cookie() i8254_delay+0x1e/frame 0xfffffe00029867f0
at _mtx_lock_spin_cookie+0xd4/frame 0x_mtx_lock_indefinite_check+
21/frgetit() at 0xfffffe0002986800
0xfffffe0000606330
_spi8254_delay() at i8254_delay+0x1e/
atf_mtx_lock_spin_cookie+0xd4/frame 0xfffffde0002986870
eckg() ati_mtx_lock_indefinite_check+0x21/frame
at
geti_mtx_lock_spin_cookie() at _mtx_lock_s
pin_cookie+0xd4/frame i0xfffffe00006063d0
at getit() ateglay+it+0x91/frame 0xfffffe00006063f0
i8254_delay() atfi8254_delay+0x1e/_mtx_lock_indefinite_check() at
0xfffffe0000606410
fra_mme 0xfffffe0002efinite_check() at_mtx_lock_spin_cookie()
atck+0x2_lock_spin_cookie+0xd4/frame 0xfffffe000
2986930
0xfffffe0() at6g420
it+0x91/frame 0xfffffe0002986950
ie() at4_delay() atmie 0xfffffe0000606490
e/fgetit() at 0xfffffe0002986970
0x_mtx_lock_indefinite_checki8254_delay() at i8254_delay+0x1e/frame
0xfffffe00006064d0
_mtx_mtx_lock_indefinite_check+0x21/frame 0xfff at002986980
_in_mdefinite_check+0x21/frame 0xfffffe0000 at
_mtx_lock_spin_cookie+0xd4/frame 0xfffffe000298 at _mtx_l
ock_spin_cookie+0xd4/frame 0xfffffe0000606550
getit(getit+0x91/frame 0xfffffe0002986a10
ati8254_dt+0x91/frame 0xfffffe0000606570
i8254_delai8254_delay+0x1e/frame 0xfffffe0002986a30
a_mitx_lock_indefinite_check() afra_mtx_lock_indefinite_check+0x21/frame
0xfffffe0002986a40
0xfffffe0000606590
spi_n_cookie() ate_mtx_lock_spin_cookie+0xd4/frame 0x
at8_mtx_lock_indefinite_c atame 0xfffffe00006065a0
0xf_mtx_lock_spin_cookie() at _mtx_lock_spin_cookie+0xd4/frame
0xfffffe0000606610
atgietit() atlgay+0x1e/frame 0x
fffi8ffe0002986af0
at _mtx_lock_indefinite_check() atx_ffffe0000606650
defin_mtx_lock_indefinite_check() at 0xfffffe0002986b00
fin_mtx_lock_spin_cookie() atf_mtx_lock_sp0606660
kie_mtx_lock_spin_cookie() at _mtx_lock_spin_cookie+0xd4/frame
0xfffffe00006066d0
0xfffffe0002986b70
getitge() atfgrame 0xfffffe00006066f0
0xfi8254_delay() at
i8254_delay+0x1e/frame 0xfffffe0000606710
at _mtx_lockdelay+0x1e/frame 0xfffffe0002986bb0
at__mtx_lock_indefinite_check+0x21/frame 0xfffffe0000606720
_atx_mtx_lock_indefinite_check+0x21/frame 0xfffffe0002986bc0
a_m_mtx_lock_sn_cookie() atm_mtx_lock_spin_cookie+0xd4/frame 0xffff
getit() at0g000606790
and it eventually reboots itselfs without going to a db> prompt
------------------------------------------------------------
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list