NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/54220: cpuctl identify segfault on AMD Phenom(tm) II X6 1100T Processor
The following reply was made to PR bin/54220; it has been noted by GNATS.
From: Masanobu SAITOH <msaitoh%execsw.org@localhost>
To: gnats-bugs%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Cc: msaitoh%execsw.org@localhost
Subject: Re: bin/54220: cpuctl identify segfault on AMD Phenom(tm) II X6 1100T
Processor
Date: Mon, 20 May 2019 15:18:39 +0900
On 2019/05/20 5:50, tobiasu%tmux.org@localhost wrote:
>> Number: 54220
>> Category: bin
>> Synopsis: cpuctl identify segfault on AMD Phenom(tm) II X6 1100T Processor
>> Confidential: no
>> Severity: serious
>> Priority: medium
>> Responsible: bin-bug-people
>> State: open
>> Class: sw-bug
>> Submitter-Id: net
>> Arrival-Date: Sun May 19 20:50:00 +0000 2019
>> Originator: Tobias Ulmer
>> Release: NetBSD 8.99.40
>> Organization:
>> Environment:
> NetBSD phenom.tmux.org 8.99.40 NetBSD 8.99.40 (GENERIC) #0: Wed May 15 04:39:52 UTC 2019 mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>> Description:
> root@phenom:cpuctl$ obj/cpuctl identify 0
> cpu0: highest basic info 00000006
> cpu0: highest extended info 8000001b
> cpu0: "AMD Phenom(tm) II X6 1100T Processor"
> cpu0: AMD Family 10h (686-class), 3498.22 MHz
> cpu0: family 0x10 model 0xa stepping 0 (id 0x100fa0)
> cpu0: features 0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE>
> cpu0: features 0x178bfbff<MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
> cpu0: features1 0x802009<SSE3,MONITOR,CX16,POPCNT>
> cpu0: features2 0xefd3fbff<SYSCALL/SYSRET,NOX,MMXX,MMX,FXSR,FFXSR,P1GB,RDTSCP>
> cpu0: features2 0xefd3fbff<LONG,3DNOW2,3DNOW>
> cpu0: features3 0x37ff<LAHF,CMPLEGACY,SVM,EAPIC,ALTMOVCR0,LZCNT,SSE4A>
> cpu0: features3 0x37ff<MISALIGNSSE,3DNOWPREFETCH,OSVW,IBS,SKINIT,WDT>
> cpu0: I-cache 64KB 64B/line 2-way, D-cache 64KB 64B/line 2-way
> cpu0: L2 cache 512KB 64B/line 16-way
> cpu0: L3 cache 6MB 64B/line 48-way
> cpu0: ITLB 32 4KB entries fully associative, 16 2MB entries fully associative
> cpu0: DTLB 48 4KB entries fully associative, 48 2MB entries fully associative
> cpu0: L2 ITLB 512 4KB entries 4-way
> cpu0: L2 DTLB 512 4KB entries 4-way, 128 2MB entries 2-way
> cpu0: L1 1GB page DTLB 48 1GB entries fully associative
> cpu0: L2 1GB page DTLB 16 1GB entries 8-way
> cpu0: Initial APIC ID 0
> Memory fault (core dumped)
> root@phenom:cpuctl$ gdb ./obj/cpuctl ./cpuctl.core
> GNU gdb (GDB) 8.0.1
> Copyright (C) 2017 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64--netbsd".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>.
> Find the GDB manual and other documentation resources online at:
> <http://www.gnu.org/software/gdb/documentation/>.
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from ./obj/cpuctl...done.
> [New process 1]
> Core was generated by `cpuctl'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 0x0000000114606d3b in rdmsr ()
> (gdb) disassemble
> Dump of assembler code for function rdmsr:
> 0x0000000114606d30 <+0>: mov %rdi,%rcx
> 0x0000000114606d33 <+3>: xor %rax,%rax
> 0x0000000114606d36 <+6>: mov $0x9c5a203a,%edi
> => 0x0000000114606d3b <+11>: rdmsr
> 0x0000000114606d3d <+13>: shl $0x20,%rdx
> 0x0000000114606d41 <+17>: or %rdx,%rax
> 0x0000000114606d44 <+20>: retq
> End of assembler dump.
> (gdb) bt
> #0 0x0000000114606d3b in rdmsr ()
> #1 0x00000001146068a6 in identifycpu_cpuids_amd (ci=0x7f7fff6075a0) at /usr/src/usr.sbin/cpuctl/arch/i386.c:1963
> #2 identifycpu_cpuids (ci=0x7f7fff6075a0) at /usr/src/usr.sbin/cpuctl/arch/i386.c:2011
> #3 identifycpu (fd=3, cpuname=0x7f7fff607860 "cpu0") at /usr/src/usr.sbin/cpuctl/arch/i386.c:2247
> #4 0x0000000114603286 in cpu_identify (argv=0x7f7fff607928) at /usr/src/usr.sbin/cpuctl/cpuctl.c:288
> #5 0x0000000114606df4 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/usr.sbin/cpuctl/cpuctl.c:117
> (gdb) info registers
> rax 0x0 0
> rbx 0x7f7fff607860 140187722086496
> rcx 0xc001001f 3221291039
> rdx 0x178bfbff 395049983
> rsi 0x7f7fff6074a0 140187722085536
> rdi 0x9c5a203a 2623152186
> rbp 0x7f7fff607860 0x7f7fff607860
> rsp 0x7f7fff607438 0x7f7fff607438
> r8 0x0 0
> r9 0x1 1
> r10 0x0 0
> r11 0x206 518
> r12 0x4 4
> r13 0x0 0
> r14 0x3 3
> r15 0x10 16
> rip 0x114606d3b 0x114606d3b <rdmsr+11>
> eflags 0x10246 [ PF ZF IF RF ]
> cs 0x47 71
> ss 0x3f 63
> ds 0x23 35
> es 0x23 35
> fs 0x0 0
> gs 0x0 0
> (gdb)
>
>
> Note that rdmsr() is only called for family 0x10 and older:
> http://anonhg.netbsd.org/src/file/tip/usr.sbin/cpuctl/arch/i386.c#l1962
>
> AMD documentation is pretty clear this is a ring 0 instruction only,
> but maybe some registers are ok on some models? It fails on this CPU anyway.
>> How-To-Repeat:
>
>> Fix:
Add X86_RDMSR into x86/x86/sys_machdep.c::sys_sysarch(), use rdmsr_safe(9)
and add x86_rdmsr(or other name) into lib{i386,x86_64} if it's acceptable?
--
-----------------------------------------------
SAITOH Masanobu (msaitoh%execsw.org@localhost
msaitoh%netbsd.org@localhost)
Home |
Main Index |
Thread Index |
Old Index