Re: port-xen/52662: Almost everything crashes on -current kernel

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

The following reply was made to PR port-xen/52662; it has been noted by GNATS.

From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: netbsd-bugs%netbsd.org@localhost
Subject: Re: port-xen/52662: Almost everything crashes on -current kernel
Date: Sat, 28 Oct 2017 19:58:51 +0200

 Here's what I found so far:
 
 makemandb, gzip and gdb all dies at the same point in libpthread:
 Core was generated by `gdb'.
 Program terminated with signal SIGSEGV, Segmentation fault.
 #0  0x0000793be0208fad in ?? () from /usr/lib/libpthread.so.1
 (gdb) x/i 0x0000793be0208fad
 => 0x793be0208fad:      nopl   %cs:0x0(%rax,%rax,1)
 (gdb) info registers
 rax            0x0      0
 rbx            0x793be2907800   133298111150080
 rcx            0x53     83
 rdx            0x793be020ac83   133298070269059
 rsi            0x0      0
 rdi            0x793be096d4e0   133298078012640
 rbp            0x793be0411840   0x793be0411840 <pthread.allqueue>
 rsp            0x7f7fff8c8d58   0x7f7fff8c8d58
 r8             0x101010101010101        72340172838076673
 r9             0x8080808080808080       -9187201950435737472
 r10            0x793be063eb0a   133298074675978
 r11            0x202    514
 r12            0x0      0
 r13            0x0      0
 r14            0x793be020ac83   133298070269059
 r15            0x793be0638820   133298074650656
 rip            0x793be0208fad   0x793be0208fad
 eflags         0x10246  [ PF ZF IF RF ]
 cs             0xe033   57395
 ss             0xe02b   57387
 ds             0x23     35
 es             0x23     35
 fs             0x0      0
 gs             0x0      0
 
 atf-run and atf-report are different:
 Core was generated by `atf-run'.
 Program terminated with signal SIGSEGV, Segmentation fault.
 #0  0x00007f7f92e0a4f0 in _rtld_process_hints () from /usr/libexec/ld.elf_so
 (gdb) x/i 0x00007f7f92e0a4f0
 => 0x7f7f92e0a4f0 <_rtld_process_hints+1717>:   callq  0x7f7f92e07012 <xmalloc>
 (gdb) info registers
 rax            0x1      1
 rbx            0x7a5b14b19240   134531607794240
 rcx            0x4      4
 rdx            0x4e22b364       1310896996
 rsi            0x4e445d30       1313103152
 rdi            0x7a5b14f13160   134531611963744
 rbp            0x4e22b364       0x4e22b364 <tools::system_error::~system_error()>
 rsp            0x7f7fffcfdba8   0x7f7fffcfdba8
 r8             0x7a5b14b2c11c   134531607871772
 r9             0x7a5b14b2c14c   134531607871820
 r10            0x7263742f30486e4e       8242559489040477774
 r11            0xfffffffffffffffc       -4
 r12            0x4e445d30       1313103152
 r13            0x7a5b14b19240   134531607794240
 r14            0x7f7fffcfdc00   140187729386496
 r15            0x7f7fffcfdef0   140187729387248
 rip            0x7f7f92e0a4f0   0x7f7f92e0a4f0 <_rtld_process_hints+1717>
 eflags         0x10202  [ IF RF ]
 cs             0xe033   57395
 ss             0xe02b   57387
 ds             0x23     35
 es             0x92e00023       -1830813661
 fs             0x0      0
 gs             0x0      0
 
 On a working netbsd-8 domU I get:
 cs             0xe033   57395
 ss             0xe02b   57387
 ds             0x3f     63
 es             0xffff003f       -65473
 fs             0x0      0
 gs             0x0      0
 while on bare-metal:
 cs             0x47     71
 ss             0x3f     63
 ds             0x3f     63
 es             0x3f     63
 fs             0x0      0
 gs             0x0      0
 
 So I suspect Xen is remapping GDT enstries, and we can't blindly reset them
 to our defaults.
 
 -- 
 Manuel Bouyer <bouyer%antioche.eu.org@localhost>
      NetBSD: 26 ans d'experience feront toujours la difference
 --