Subject: port-i386/36206: Segmentation faults with SMP on i386 multiprocessor kernel
To: None <port-i386-maintainer@netbsd.org, gnats-admin@netbsd.org,>
From: None <shannonr@NetBSD.org>
List: netbsd-bugs
Date: 04/24/2007 16:15:00
>Number: 36206
>Category: port-i386
>Synopsis: Apparently random segmentation faults occur frequently with SMP kernel on dual Intel Core 2 system.
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: port-i386-maintainer
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Apr 24 16:15:00 +0000 2007
>Originator: John R. Shannon
>Release: NetBSD 4.99.18 (also occurs with 4.0 BETA)
>Organization:
johnrshannon.com
>Environment:
System: NetBSD michael.internal.johnrshannon.com 4.99.18 NetBSD 4.99.18 (KERNEL.MICHAEL) #3: Tue Apr 24 08:20:29 MDT 2007 build@michael.internal.johnrshannon.com:/usr/obj/import/CURRENT/src/sys/arch/i386/compile/KERNEL.MICHAEL i386
dual Intel Core 2 (Merom)
dmesg output appended to PR
Architecture: i386
Machine: i386
>Description:
Segmentation faults, in different processes, occur every minute or so.
The same kernel, without options MULTIPROCESSOR, works fine. Also, a
64-bit kernel does not display this behavior.
The core dumps don't reveal anything meaningful (to me):
michael# gdb -c /mount_mfs.core
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsdelf".
Core was generated by `mount_mfs'.
Program terminated with signal 11, Segmentation fault.
#0 0xbbbb1379 in ?? ()
(gdb) info stack
#0 0xbbbb1379 in ?? ()
(gdb) info registers
eax 0x200 512
ecx 0x80 128
edx 0x0 0
ebx 0x0 0
esp 0xbfbfd328 0xbfbfd328
ebp 0xbfbfd358 0xbfbfd358
esi 0xbbae7000 -1146195968
edi 0x8007fdff -2146959873
eip 0xbbbb1379 0xbbbb1379
eflags 0x10202 [ IF RF ]
cs 0x17 23
ss 0x1f 31
ds 0x1f 31
es 0x1f 31
fs 0x1f 31
gs 0x1f 31
(gdb) info mem
There are no memory regions defined.
$ gdb -c sh.core
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386--netbsdelf".
Core was generated by `sh'.
Program terminated with signal 11, Segmentation fault.
#0 0x0805bd9f in ?? ()
(gdb) info stack
#0 0x0805bd9f in ?? ()
(gdb) info registers
eax 0xffffffff -1
ecx 0x804c174 134529396
edx 0xffffffff -1
ebx 0xffffffff -1
esp 0xbfbfda8c 0xbfbfda8c
ebp 0xffffffff 0xffffffff
esi 0xffffffff -1
edi 0x0 0
eip 0x805bd9f 0x805bd9f
eflags 0x10282 [ SF IF RF ]
cs 0x1b 27
ss 0x1f 31
ds 0x1f 31
es 0x1f 31
fs 0x1f 31
gs 0x1f 31
(gdb) info mem
There are no memory regions defined.
>How-To-Repeat:
Should be repeatable on simular hardware
>Fix:
unknown
> Recent dmesg:
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007
The NetBSD Foundation, Inc. All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
NetBSD 4.99.17 (KERNEL.MICHAEL) #1: Wed Apr 18 07:53:11 MDT 2007
root@michael.internal.johnrshannon.com:/usr/obj/import/CURRENT/src/sys/arch/i386/compile/KERNEL.MICHAEL
total memory = 3070 MB
avail memory = 3009 MB
sysctl_createv: sysctl_create(machine) returned 17
timecounter: Timecounters tick every 10.000 msec
timecounter: Timecounter "i8254" frequency 1193182 Hz quality 100
BIOS32 rev. 0 found at 0xfd500
mainbus0 (root)
cpu0 at mainbus0 apid 0: (boot processor)
cpu0: Intel Core 2 (Merom) (686-class), 3000.26 MHz, id 0x6f6
cpu0: features bfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR>
cpu0: features bfebfbff<PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX>
cpu0: features bfebfbff<FXSR,SSE,SSE2,SS,HTT,TM,SBF>
cpu0: features2 4e3bd<SSE3,MONITOR,DS-CPL,VMX,EST,TM2,xTPR>
cpu0: "Intel(R) Xeon(R) CPU 5160 @ 3.00GHz"
cpu0: I-cache 32 KB 64B/line 8-way, D-cache 32 KB 64B/line 8-way
cpu0: L2 cache 4 MB 64B/line 16-way
cpu0: using thermal monitor 1
cpu0: Enhanced SpeedStep disabled by BIOS
cpu0: calibrating local timer
cpu0: apic clock running at 333 MHz
cpu0: 64 page colors
cpu1 at mainbus0 apid 6: (application processor)
cpu1: Intel Core 2 (Merom) (686-class), 3000.11 MHz, id 0x6f6
cpu1: features bfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR>
cpu1: features bfebfbff<PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX>
cpu1: features bfebfbff<FXSR,SSE,SSE2,SS,HTT,TM,SBF>
cpu1: features2 4e3bd<SSE3,MONITOR,DS-CPL,VMX,EST,TM2,xTPR>
cpu1: "Intel(R) Xeon(R) CPU 5160 @ 3.00GHz"
cpu1: I-cache 32 KB 64B/line 8-way, D-cache 32 KB 64B/line 8-way
cpu1: L2 cache 4 MB 64B/line 16-way
cpu1: using thermal monitor 1
cpu1: Enhanced SpeedStep disabled by BIOS
cpu2 at mainbus0 apid 1: (application processor)
cpu2: Intel Core 2 (Merom) (686-class), 3000.11 MHz, id 0x6f6
cpu2: features bfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR>
cpu2: features bfebfbff<PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX>
cpu2: features bfebfbff<FXSR,SSE,SSE2,SS,HTT,TM,SBF>
cpu2: features2 4e3bd<SSE3,MONITOR,DS-CPL,VMX,EST,TM2,xTPR>
cpu2: "Intel(R) Xeon(R) CPU 5160 @ 3.00GHz"
cpu2: I-cache 32 KB 64B/line 8-way, D-cache 32 KB 64B/line 8-way
cpu2: L2 cache 4 MB 64B/line 16-way
cpu2: using thermal monitor 1
cpu2: Enhanced SpeedStep disabled by BIOS
cpu3 at mainbus0 apid 7: (application processor)
cpu3: Intel Core 2 (Merom) (686-class), 3000.11 MHz, id 0x6f6
cpu3: features bfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR>
cpu3: features bfebfbff<PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX>
cpu3: features bfebfbff<FXSR,SSE,SSE2,SS,HTT,TM,SBF>
cpu3: features2 4e3bd<SSE3,MONITOR,DS-CPL,VMX,EST,TM2,xTPR>
cpu3: "Intel(R) Xeon(R) CPU 5160 @ 3.00GHz"
cpu3: I-cache 32 KB 64B/line 8-way, D-cache 32 KB 64B/line 8-way
cpu3: L2 cache 4 MB 64B/line 16-way
cpu3: using thermal monitor 1
cpu3: Enhanced SpeedStep disabled by BIOS
ioapic0 at mainbus0 apid 2
ioapic0: pa 0xfec00000, version 20, 24 pins
ioapic1 at mainbus0 apid 3
ioapic1: pa 0xfec81000, version 20, 24 pins
acpi0 at mainbus0: Advanced Configuration and Power Interface
acpi0: using Intel ACPI CA subsystem version 20060217
acpi0: X/RSDT: OemId <PTLTD , RSDT ,06040000>, AslId < LTP,00000000>
acpi0: SCI interrupting at int 9
acpi0: fixed-feature power button present
timecounter: Timecounter "ACPI-Fast" frequency 3579545 Hz quality 1000
ACPI-Fast 24-bit timer
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
ACPI Object Type 'Processor' (0x0c) at acpi0 not configured
PNP0A03 [PCI/PCI-X Host Bridge] at acpi0 not configured
PNP0C02 [Plug and Play motherboard register resources] at acpi0 not configured
PNP0200 [AT DMA Controller] at acpi0 not configured
npx0 at acpi0 (PNP0C04)
npx0: io 0xf0-0xfe irq 13
npx0: reported by CPUID; using exception 16
PNP0000 [AT Interrupt Controller] at acpi0 not configured
PNP0B00 [AT Real-Time Clock] at acpi0 not configured
pcppi0 at acpi0 (PNP0800)
pcppi0: io 0x61
midi0 at pcppi0: PC speaker (CPU-intensive output)
sysbeep0 at pcppi0
attimer0 at acpi0 (PNP0100): AT Timer
attimer0: io 0x40-0x43,0x50-0x53 irq 0
PNP0C0F [PCI interrupt link device] at acpi0 not configured
PNP0C0F [PCI interrupt link device] at acpi0 not configured
PNP0C0F [PCI interrupt link device] at acpi0 not configured
PNP0C0F [PCI interrupt link device] at acpi0 not configured
INT0800 [Intel FWH Random Number Generator] at acpi0 not configured
PNP0A05 [Generic Container Device] at acpi0 not configured
pckbc0 at acpi0 (PNP0303): kbd port
pckbc0: io 0x60,0x64 irq 1
pckbc1 at acpi0 (PNP0F13): aux port
pckbc1: irq 12
com0 at acpi0 (PNP0501-1)
com0: io 0x3f8-0x3ff irq 4
com0: ns16550a, working fifo
com1 at acpi0 (PNP0501-2)
com1: io 0x2f8-0x2ff irq 3
com1: ns16550a, working fifo
PNP0700 [PC standard floppy disk controller] at acpi0 not configured
lpt0 at acpi0 (PNP0401-2)
lpt0: io 0x378-0x37f,0x778-0x77f irq 7 drq 3
acpibut0 at acpi0 (PNP0C0C): ACPI Power Button
pcppi0: attached to attimer0
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pci0 at mainbus0 bus 0: configuration mode 1
pci0: i/o space, memory space enabled, rd/line, rd/mult, wr/inv ok
pchb0 at pci0 dev 0 function 0
pchb0: Intel 5000X Memory Controller Hub (rev. 0x31)
ppb0 at pci0 dev 2 function 0: Intel product 0x25e2 (rev. 0x31)
pci1 at ppb0 bus 1
pci1: i/o space, memory space enabled, rd/line, wr/inv ok
ppb1 at pci0 dev 3 function 0: Intel product 0x25e3 (rev. 0x31)
pci2 at ppb1 bus 2
pci2: i/o space, memory space enabled, rd/line, wr/inv ok
ppb2 at pci2 dev 0 function 0: Intel 63xxESB PCI Express Upstream Port (rev. 0x01)
pci3 at ppb2 bus 3
pci3: i/o space, memory space enabled, rd/line, wr/inv ok
ppb3 at pci3 dev 0 function 0: Intel 63xxESB PCI Express Downstream Port #1 (rev. 0x01)
pci4 at ppb3 bus 4
pci4: i/o space, memory space enabled, rd/line, wr/inv ok
ppb4 at pci4 dev 0 function 0: Intel product 0x032c (rev. 0x09)
pci5 at ppb4 bus 5
pci5: i/o space, memory space enabled, rd/line, wr/inv ok
ppb5 at pci3 dev 2 function 0: Intel 63xxESB PCI Express Downstream Port #3 (rev. 0x01)
pci6 at ppb5 bus 6
pci6: i/o space, memory space enabled, rd/line, wr/inv ok
wm0 at pci6 dev 0 function 0: i80003 dual 1000baseT Ethernet, rev. 1
wm0: interrupting at ioapic0 pin 18 (irq 11)
wm0: PCI-Express bus
wm0: 65536 word (16 address bits) SPI EEPROM
wm0: Ethernet address 00:30:48:79:b4:a8
ikphy0 at wm0 phy 1: i82563 10/100/1000 media interface, rev. 2
ikphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
wm1 at pci6 dev 0 function 1: i80003 dual 1000baseT Ethernet, rev. 1
wm1: interrupting at ioapic0 pin 19 (irq 10)
wm1: PCI-Express bus
wm1: 65536 word (16 address bits) SPI EEPROM
wm1: Ethernet address 00:30:48:79:b4:a9
ikphy1 at wm1 phy 1: i82563 10/100/1000 media interface, rev. 2
ikphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
ppb6 at pci2 dev 0 function 3: Intel 63xxESB PCI Express to PCI-X Bridge (rev. 0x01)
pci7 at ppb6 bus 7
pci7: i/o space, memory space enabled, rd/line, wr/inv ok
ahd0 at pci7 dev 2 function 0
ahd0: interrupting at ioapic1 pin 6 (irq 11)
ahd0: aic7902: Ultra320 Wide Channel A, SCSI Id=7, PCI-X 67-100 MHz, 512 SCBs
scsibus0 at ahd0: 16 targets, 8 luns per target
ahd1 at pci7 dev 2 function 1
ahd1: interrupting at ioapic1 pin 7 (irq 10)
ahd1: aic7902: Ultra320 Wide Channel B, SCSI Id=7, PCI-X 67-100 MHz, 512 SCBs
scsibus1 at ahd1: 16 targets, 8 luns per target
ppb7 at pci0 dev 4 function 0: Intel product 0x25fa (rev. 0x31)
pci8 at ppb7 bus 8
pci8: i/o space, memory space enabled, rd/line, wr/inv ok
vga0 at pci8 dev 0 function 0: NVIDIA product 0x029d (rev. 0xa1)
vga0: WARNING: ignoring 64-bit BAR @ 0x14
vga0: WARNING: ignoring 64-bit BAR @ 0x1c
wsdisplay0 at vga0 kbdmux 1: console (80x25, vt100 emulation), using wskbd0
wsmux1: connecting to wsdisplay0
direct rendering for vga0 unsupported
Intel product 0x1a38 (miscellaneous system, revision 0x31) at pci0 dev 8 function 0 not configured
pchb1 at pci0 dev 16 function 0
pchb1: Intel product 0x25f0 (rev. 0x31)
pchb2 at pci0 dev 16 function 1
pchb2: Intel product 0x25f0 (rev. 0x31)
pchb3 at pci0 dev 16 function 2
pchb3: Intel product 0x25f0 (rev. 0x31)
pchb4 at pci0 dev 17 function 0
pchb4: Intel product 0x25f1 (rev. 0x31)
pchb5 at pci0 dev 19 function 0
pchb5: Intel product 0x25f3 (rev. 0x31)
pchb6 at pci0 dev 21 function 0
pchb6: Intel product 0x25f5 (rev. 0x31)
pchb7 at pci0 dev 22 function 0
pchb7: Intel product 0x25f6 (rev. 0x31)
uhci0 at pci0 dev 29 function 0: Intel 63xxESB USB UHCI Controller (rev. 0x09)
uhci0: interrupting at ioapic0 pin 17 (irq 5)
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1: Intel 63xxESB USB UHCI Controller (rev. 0x09)
uhci1: interrupting at ioapic0 pin 19 (irq 10)
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2: Intel 63xxESB USB UHCI Controller (rev. 0x09)
uhci2: interrupting at ioapic0 pin 18 (irq 11)
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3: Intel 63xxESB USB UHCI Controller (rev. 0x09)
uhci3: interrupting at ioapic0 pin 16 (irq 9)
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7: Intel 63xxESB USB EHCI Controller (rev. 0x09)
ehci0: interrupting at ioapic0 pin 17 (irq 5)
ehci0: BIOS has given up ownership
ehci0: EHCI version 1.0
ehci0: companion controllers, 2 ports each: uhci0 uhci1 uhci2 uhci3
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb8 at pci0 dev 30 function 0: Intel 82801BA Hub-PCI Bridge (rev. 0xd9)
pci9 at ppb8 bus 9
pci9: i/o space, memory space enabled
Intel product 0x2698 (audio multimedia, revision 0x09) at pci0 dev 30 function 2 not configured
pcib0 at pci0 dev 31 function 0
pcib0: Intel 63xxESB LPC Interface Bridge (rev. 0x09)
piixide0 at pci0 dev 31 function 1
piixide0: Intel 631xESB/632xESB IDE Controller (rev. 0x09)
piixide0: bus-master DMA support present
piixide0: primary channel configured to compatibility mode
piixide0: primary channel interrupting at ioapic0 pin 14 (irq 14)
atabus0 at piixide0 channel 0
piixide0: secondary channel configured to compatibility mode
piixide0: secondary channel ignored (disabled)
Intel 63xxESB SMBus Controller (SMBus serial bus, revision 0x09) at pci0 dev 31 function 3 not configured
isa0 at pcib0
isapnp0 at isa0 port 0x279: ISA Plug 'n Play device support
fdc0 at isa0 port 0x3f0-0x3f7 irq 6 drq 2
isapnp0: no ISA Plug 'n Play devices found
timecounter: Timecounter "clockinterrupt" frequency 100 Hz quality 0
fd0 at fdc0 drive 0: 1.44MB, 80 cyl, 2 head, 18 sec
Kernelized RAIDframe activated
IPsec: Initialized Security Association Processing.
scsibus0: waiting 2 seconds for devices to settle...
scsibus1: waiting 2 seconds for devices to settle...
atapibus0 at atabus0: 2 targets
cd0 at atapibus0 drive 1: <SONY CD-RW/DVD-ROM CRX850E, , 5YK3> cdrom removable
cd0: 32-bit data port
cd0: drive supports PIO mode 4, DMA mode 2, Ultra-DMA mode 2 (Ultra/33)
cd0(piixide0:0:1): using PIO mode 4, DMA mode 2 (using DMA)
sd0 at scsibus0 target 0 lun 0: <SEAGATE, ST373455LC, 0001> disk fixed
sd0: 70007 MB, 74340 cyl, 2 head, 964 sec, 512 bytes/sect x 143374744 sectors
sd0: sync (6.25ns offset 63), 16-bit (320.000MB/s) transfers, tagged queueing
sd1 at scsibus0 target 1 lun 0: <SEAGATE, ST373455LC, 0001> disk fixed
sd1: 70007 MB, 74340 cyl, 2 head, 964 sec, 512 bytes/sect x 143374744 sectors
sd1: sync (6.25ns offset 63), 16-bit (320.000MB/s) transfers, tagged queueing
sd2 at scsibus0 target 3 lun 0: <SEAGATE, ST373455LC, 0003> disk fixed
sd2: 70007 MB, 74340 cyl, 2 head, 964 sec, 512 bytes/sect x 143374744 sectors
sd2: sync (6.25ns offset 63), 16-bit (320.000MB/s) transfers, tagged queueing
ses0 at scsibus0 target 6 lun 0: <SUPER, GEM318, 0> processor fixed
ses0: SAF-TE Compliant Device
ses0: async, 8-bit transfers
ses1 at scsibus1 target 6 lun 0: <SUPER, GEM318, 0> processor fixed
ses1: SAF-TE Compliant Device
ses1: async, 8-bit transfers
boot device: sd2
root on sd2a dumps on sd2b
root file system type: ffs
wsdisplay0: screen 1 added (80x25, vt100 emulation)
wsdisplay0: screen 2 added (80x25, vt100 emulation)
wsdisplay0: screen 3 added (80x25, vt100 emulation)
wsdisplay0: screen 4 added (80x25, vt100 emulation)