From owner-freebsd-i386@FreeBSD.ORG Wed Dec 8 01:10:31 2004 Return-Path: Delivered-To: freebsd-i386@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8DD2716A55E for ; Wed, 8 Dec 2004 01:10:31 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D59343D5E for ; Wed, 8 Dec 2004 01:10:31 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id iB81AVYb033819 for ; Wed, 8 Dec 2004 01:10:31 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id iB81AVRW033818; Wed, 8 Dec 2004 01:10:31 GMT (envelope-from gnats) Resent-Date: Wed, 8 Dec 2004 01:10:31 GMT Resent-Message-Id: <200412080110.iB81AVRW033818@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-i386@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Jon Kuroda Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF48316A4CE for ; Wed, 8 Dec 2004 01:06:05 +0000 (GMT) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98AE243D45 for ; Wed, 8 Dec 2004 01:06:05 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id iB8165Uc030849 for ; Wed, 8 Dec 2004 01:06:05 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id iB8165GT030848; Wed, 8 Dec 2004 01:06:05 GMT (envelope-from nobody) Message-Id: <200412080106.iB8165GT030848@www.freebsd.org> Date: Wed, 8 Dec 2004 01:06:05 GMT From: Jon Kuroda To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Subject: i386/74829: FreeBSD 5.3-RELEASE hangs during boot/install on Tyan Thunder i7520 (S5360) motherboard X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Dec 2004 01:10:31 -0000 >Number: 74829 >Category: i386 >Synopsis: FreeBSD 5.3-RELEASE hangs during boot/install on Tyan Thunder i7520 (S5360) motherboard >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Dec 08 01:10:30 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Jon Kuroda >Release: FreeBSD 5.3-RELEASE >Organization: UC Berkeley Computer Science Undergraduate Association >Environment: FreeBSD seltzer.CSUA.Berkeley.EDU 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Sat Dec 4 19:09:31 PST 2004 jroot@seltzer.CSUA.Berkeley.EDU:/usr/obj/usr/src/sys/DEBUG i386 Actual problem system is keg.CSUA.Berkeley.EDU, running kernels built on seltzer, a 5.3-RELEASE system. Problem system is a dual Xeon 2.8Ghz system built on a Tyan Thunder i7520 (S5360) motherboard, 2GB RAM (manufactured by Corsair) and an Adaptec 3940UW (ahc, at least we know that works). >Description: FreeBSD 5.3-RELEASE, upon attempts to install on a system built using a Tyan Thunder i7520 (S5360) motherboard from CDROM, hangs when the kernel attempts to probe/attach/initialize atkbd0. FreeBSD 5.2.1-RELEASE does install and run on this same system but lacks support for some of the devices we'd like to use (aside from third party patches/etc that were integrated into 5.3-RELEASE) Kernels built from 5.3-RELEASE source and installed on the target system also hang during probing of atkbd0. We have installed a 5.3-RELEASE kernel with support for ddb and gdb remote debugging and found that the kernel hangs during a memcpy, seen below from a transcript of our gdb session. We don't actually believe that memcpy itself is the problem, but that something earlier in the kernel happens that causes the memcpy to fail. The uname -a output above is from a working 5.3-RELEASE system where we build debugging kernels and run gdb-remote. Since we can't get 5.3-RELEASE to boot, we can't get uname output from our debug target. It looks like by the time we get to atkbd0, something's already amiss and this messes up the movsl at /usr/src/sys/i386/i386/support.s:683 (r. 1.105) We could be wrong though. GDB transcript: --------------- /usr/src/sys/i386/compile/DEBUG 8:44:16pm 22% kgdb -r /dev/cuaa0 /usr/src/sys/i386/compile/DEBUG/kernel.debug [GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"] GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". Ready to go. Enter 'tr' to connect to the remote target with /dev/cuaa0, 'tr /dev/cuaa1' to connect to a different port or 'trf portno' to connect to the remote target with the firewire interface. portno defaults to 5556. Type 'getsyms' after connection to load kld symbols. If you're debugging a local system, you can use 'kldsyms' instead to load the kld symbols. That's a less obnoxious interface. Switching to remote protocol 0xc06b5e59 in breakpoint () at cpufunc.h:57 57 } 0xc06b5e59 in breakpoint () at cpufunc.h:57 (kgdb) getsyms During symbol reading, Incomplete CFI data; unspecified registers at 0xc06b5e57. Id Refs Address Size Name Select the list above with the mouse, paste into the screen and then press ^D. Yes, this is annoying. asf: Command not found. (kgdb) break vm86_bioscall Breakpoint 1 at 0xc08afe00: file vm86bios.s, line 57. (kgdb) c Continuing. [New Thread 0] [Switching to Thread 0] Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ Current language: auto; currently asm (kgdb) c Continuing. .. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ Current language: auto; currently asm (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) c Continuing. Breakpoint 1, vm86_bioscall () at vm86bios.s:57 57 movl vm86pcb,%edx /* scratch data area */ (kgdb) bt #0 vm86_bioscall () at vm86bios.s:57 #1 0xc08c6c35 in vm86_intcall (intnum=0x15, vmf=0xc0c21ab4) at ../../../i386/i386/vm86.c:584 #2 0xc088b6fe in get_typematic (kbd=0xc0a111e0) at ../../../dev/kbd/atkbd.c:1020 #3 0xc088a866 in atkbd_init (unit=0x0, kbdp=0xc0c21bac, arg=0xc0c21b70, flags=0x0) at ../../../dev/kbd/atkbd.c:428 #4 0xc088a1b6 in atkbd_attach_unit (unit=0x0, kbd=0xc0c21bac, ctlr=0x0, irq=0x1, flags=0x0) at ../../../dev/kbd/atkbd.c:102 #5 0xc08cf09d in atkbdattach (dev=0xc3652e80) at ../../../isa/atkbd_isa.c:131 #6 0xc06b18e9 in DEVICE_ATTACH (dev=0xc3652e80) at device_if.h:178 #7 0xc06b1801 in device_attach (dev=0xc3652e80) at ../../../kern/subr_bus.c:2191 #8 0xc06b174f in device_probe_and_attach (dev=0xc3652e80) at ../../../kern/subr_bus.c:2159 #9 0xc06b22bf in bus_generic_attach (dev=0xc362f400) at ../../../kern/subr_bus.c:2639 #10 0xc08cf58d in atkbdc_attach (dev=0xc362f400) at ../../../isa/atkbdc_isa.c:215 #11 0xc06b18e9 in DEVICE_ATTACH (dev=0xc362f400) at device_if.h:178 #12 0xc06b1801 in device_attach (dev=0xc362f400) at ../../../kern/subr_bus.c:2191 #13 0xc06b174f in device_probe_and_attach (dev=0xc362f400) at ../../../kern/subr_bus.c:2159 #14 0xc06b22bf in bus_generic_attach (dev=0xc3547780) at ../../../kern/subr_bus.c:2639 #15 0xc0b4673d in ?? () #16 0xc3547780 in ?? () #17 0x00000004 in ?? () #18 0x00000000 in ?? () #19 0xc3449440 in ?? () #20 0xc0c21cc8 in ?? () #21 0xc0b45100 in ?? () #22 0xc3547780 in ?? () #23 0x00000000 in ?? () #24 0x01011cc0 in ?? () #25 0x00000000 in ?? () #26 0x00000001 in ?? () #27 0x00000000 in ?? () #28 0x00000000 in ?? () #29 0xc3547700 in ?? () #30 0x00c1ec00 in ?? () #31 0xc0c21ce4 in ?? () #32 0xc06b18e9 in DEVICE_ATTACH (dev=0xc3547780) at device_if.h:178 Previous frame inner to this frame (corrupt stack?) ON CONSOLE: pci0: at device 31.3 (no driver attached) acpi_button0: on acpi0 atkbdc0: port 0x64,0x60 irq 1 on acpi0 atkbd0: irq 1 on atkbdc0 atkbd: the current kbd controller command byte 0067 atkbd: keyboard ID 0x41ab (2) kbdc: RESET_KBD return code:00fa kbdc: RESET_KBD status:00aa BACK TO DEBUGGER: (kgdb) s 58 movl 4(%esp),%eax (kgdb) s 59 movl %eax,SCR_ARGFRAME(%edx) /* save argument pointer */ (kgdb) s 60 pushl %ebx (kgdb) s vm86_bioscall () at vm86bios.s:61 61 pushl %ebp (kgdb) s vm86_bioscall () at vm86bios.s:62 62 pushl %esi (kgdb) s vm86_bioscall () at vm86bios.s:63 63 pushl %edi (kgdb) s vm86_bioscall () at vm86bios.s:64 64 pushl %gs (kgdb) s vm86_bioscall () at vm86bios.s:67 67 pushfl (kgdb) s vm86_bioscall () at vm86bios.s:68 68 cli (kgdb) s 69 movl PCPU(CURTHREAD),%ecx (kgdb) s 70 cmpl %ecx,PCPU(FPCURTHREAD) /* do we need to save fp? */ (kgdb) s 71 jne 1f (kgdb) s 82 popfl (kgdb) s vm86_bioscall () at vm86bios.s:85 85 movl SCR_VMFRAME(%edx),%ebx /* target frame location */ (kgdb) s 86 movl %ebx,%edi /* destination */ (kgdb) s 87 movl SCR_ARGFRAME(%edx),%esi /* source (set on entry) */ (kgdb) s 88 movl $VM86_FRAMESIZE/4,%ecx /* sizeof(struct vm86frame)/4 */ (kgdb) s 89 cld (kgdb) s 90 rep (kgdb) s ^[[A 93 movl PCPU(CURPCB),%eax (kgdb) s 94 pushl %eax /* save curpcb */ (kgdb) s vm86_bioscall () at vm86bios.s:95 95 movl %edx,PCPU(CURPCB) /* set curpcb to vm86pcb */ (kgdb) s 97 movl PCPU(TSS_GDT),%ebx /* entry in GDT */ (kgdb) 98 movl 0(%ebx),%eax (kgdb) 99 movl %eax,SCR_TSS0(%edx) /* save first word */ (kgdb) 100 movl 4(%ebx),%eax (kgdb) 101 andl $~0x200, %eax /* flip 386BSY -> 386TSS */ (kgdb) 102 movl %eax,SCR_TSS1(%edx) /* save second word */ (kgdb) 104 movl PCB_EXT(%edx),%edi /* vm86 tssd entry */ (kgdb) 105 movl 0(%edi),%eax (kgdb) 106 movl %eax,0(%ebx) (kgdb) 107 movl 4(%edi),%eax (kgdb) 108 movl %eax,4(%ebx) (kgdb) 109 movl $GPROC0_SEL*8,%esi /* GSEL(entry, SEL_KPL) */ (kgdb) 110 ltr %si (kgdb) 112 movl %cr3,%eax (kgdb) 113 pushl %eax /* save address space */ (kgdb) vm86_bioscall () at vm86bios.s:114 114 movl IdlePTD,%ecx (kgdb) 115 movl %ecx,%ebx (kgdb) 116 addl $KERNBASE,%ebx /* va of Idle PTD */ (kgdb) 117 movl 0(%ebx),%eax (kgdb) 118 pushl %eax /* old ptde != 0 when booting */ (kgdb) vm86_bioscall () at vm86bios.s:119 119 pushl %ebx /* keep for reuse */ (kgdb) vm86_bioscall () at vm86bios.s:121 121 movl %esp,SCR_STACK(%edx) /* save current stack location */ (kgdb) 123 movl SCR_NEWPTD(%edx),%eax /* mapping for vm86 page table */ (kgdb) 124 movl %eax,0(%ebx) /* ... install as PTD entry 0 */ (kgdb) 129 movl %ecx,%cr3 /* new page tables */ (kgdb) 130 movl SCR_VMFRAME(%edx),%esp /* switch to new stack */ (kgdb) vm86_bioscall () at vm86bios.s:132 132 call vm86_prepcall /* finish setup */ (kgdb) vm86_prepcall (vmf= {kernel_fs = 0x0, kernel_es = 0x0, kernel_ds = 0x0, edi = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, esi = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, ebp = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, isp = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, ebx = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, edx = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, ecx = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, eax = {r_ex = 0xc000, r_w = {r_x = 0xc000}, r_b = {r_l = 0x0, r_h = 0xc0}}, vmf_trapno = 0x15, vmf_err = 0x0, eip = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, cs = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, eflags = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, esp = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, ss = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_ h = 0x0}}, es = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, ds = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, fs = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}, gs = {r_ex = 0x0, r_w = {r_x = 0x0}, r_b = {r_l = 0x0, r_h = 0x0}}}) at ../../../i386/i386/vm86.c:532 532 uintptr_t addr[] = { 0xA00, 0x1000 }; /* code, stack */ Current language: auto; currently c (kgdb) 533 u_char intcall[] = { (kgdb) 537 if ((vmf.vmf_trapno & PAGE_MASK) <= 0xff) { (kgdb) 539 intcall[2] = (u_char)(vmf.vmf_trapno & 0xff); (kgdb) 540 memcpy((void *)addr[0], (void *)intcall, sizeof(intcall)); (kgdb) memcpy () at ../../../i386/i386/support.s:674 674 pushl %edi Current language: auto; currently asm (kgdb) 675 pushl %esi (kgdb) 676 movl 12(%esp),%edi (kgdb) 677 movl 16(%esp),%esi (kgdb) 678 movl 20(%esp),%ecx (kgdb) 679 movl %edi,%eax (kgdb) 680 shrl $2,%ecx /* copy by 32-bit words */ (kgdb) 681 cld /* nope, copy forwards */ (kgdb) 682 rep HANG HANG HANG >How-To-Repeat: Try to install 5.3-RELEASE from CDROM or other media onto a system based on a TYAN Thunder i7520 (S5360) motherboard. We do not believe that this is limited to just the one we happened to buy, as we have have already RMA'd this motherboard believing the problem to be due to a HW fault. >Fix: No known fix. We submitted this so that we could get something into the bug tracking system at which to point others who are working on this, and to possibly get some more eyes on this in case someone in the FreeBSD Project might have some ideas as to what is going on. We have the system setup for remote GDB debugging and hope to get the serial port up for a serial console so some others can work on it (or so the rest of us don't have to be in the office all the time to work on it) >Release-Note: >Audit-Trail: >Unformatted: