qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] qemu 2008-03-02 snapshot FreeBSD 7.0/amd64 guest regression


From: Juergen Lock
Subject: [Qemu-devel] qemu 2008-03-02 snapshot FreeBSD 7.0/amd64 guest regression (tcg?)
Date: Sun, 2 Mar 2008 21:47:02 +0100
User-agent: Mutt/1.5.16 (2007-06-09)

Hi!

 I've prepared a FreeBSD qemu-devel port update, as already mentioned
on the freebsd-emulation list, and found the FreeBSD 7.0/amd64 isos
now pagefault repeatedly, saying:

panic: page fault
cpuid = 0
kernel trap 12 with interrupts disabled


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x20
fault code              = supervisor read data, page not present
instruction pointer     = 0x8:0xffffffff8046c704
trap number             = 12
frame pointer           = 0x10:0x0
...

0xffffffff8046c704 in the 7.0-RELEASE kernel used on the isos is
in _thread_lock_flags:

(kgdb) disassemble _thread_lock_flags 
Dump of assembler code for function _thread_lock_flags:
0xffffffff8046c6e0 <_thread_lock_flags+0>:      push   %r14
0xffffffff8046c6e2 <_thread_lock_flags+2>:      mov    %rdi,%r14
0xffffffff8046c6e5 <_thread_lock_flags+5>:      push   %r13
0xffffffff8046c6e7 <_thread_lock_flags+7>:      push   %r12
0xffffffff8046c6e9 <_thread_lock_flags+9>:      push   %rbp
0xffffffff8046c6ea <_thread_lock_flags+10>:     push   %rbx
0xffffffff8046c6eb <_thread_lock_flags+11>:     mov    %gs:0x0,%r13
0xffffffff8046c6f4 <_thread_lock_flags+20>:     xor    %r12d,%r12d
0xffffffff8046c6f7 <_thread_lock_flags+23>:     callq  0xffffffff8071df80 
<spinlock_enter>
0xffffffff8046c6fc <_thread_lock_flags+28>:     mov    (%r14),%rbp
0xffffffff8046c6ff <_thread_lock_flags+31>:     mov    $0x4,%eax
0xffffffff8046c704 <_thread_lock_flags+36>:     lock cmpxchg %r13,0x20(%rbp)
0xffffffff8046c70a <_thread_lock_flags+42>:     sete   %al
0xffffffff8046c70d <_thread_lock_flags+45>:     test   %al,%al
0xffffffff8046c70f <_thread_lock_flags+47>:     jne    0xffffffff8046c799 
<_thread_lock_flags+185>
0xffffffff8046c715 <_thread_lock_flags+53>:     mov    0x20(%rbp),%rdx
0xffffffff8046c719 <_thread_lock_flags+57>:     cmp    %r13,%rdx
0xffffffff8046c71c <_thread_lock_flags+60>:     je     0xffffffff8046c7cd 
<_thread_lock_flags+237>
0xffffffff8046c722 <_thread_lock_flags+66>:     callq  0xffffffff8071c4e0 
<spinlock_exit>
---Type <return> to continue, or q <return> to quit---
0xffffffff8046c727 <_thread_lock_flags+71>:     jmp    0xffffffff8046c73c 
<_thread_lock_flags+92>
0xffffffff8046c729 <_thread_lock_flags+73>:     data16
...

 so this looks like either %rbp is indeed zero or that cmpxchg insn isnt
getting correctly translated.  If you want to reproduce just boot the 35 MB
7.0-RELEASE-amd64-bootonly.iso in qemu-system-x86_64 (without kqemu); you
can find mirrors via
        http://mirrorlist.freebsd.org/
(search for isos, amd64 architecture, I used 7.0 as you can see.)

 Oh, if you want to look at the live kernel you can boot the
7.0-RELEASE-amd64-livefs.iso in 0.9.1 with the previously mentioned
patch (see
        http://www.nabble.com/forum/ViewPost.jtp?post=14921171
), select fixit->cdrom in the menu that comes up after choosing
the keyboard layout, and run `kgdb /dist/boot/kernel/kernel /dev/mem'.

 Thanx,
        Juergen




reply via email to

[Prev in Thread] Current Thread [Next in Thread]