From nobody@FreeBSD.org  Sat Nov 28 18:28:25 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9FE1F1065711
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Nov 2009 18:28:25 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 8E4FB8FC1E
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Nov 2009 18:28:25 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id nASISOmZ065651
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Nov 2009 18:28:24 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id nASISO5K065650;
	Sat, 28 Nov 2009 18:28:24 GMT
	(envelope-from nobody)
Message-Id: <200911281828.nASISO5K065650@www.freebsd.org>
Date: Sat, 28 Nov 2009 18:28:24 GMT
From: Tarick <tungan@ukr.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Kernel panic (fatal trap 12: page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         140979
>Category:       kern
>Synopsis:       [acpi] [panic] Kernel panic (fatal trap 12: page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    avg
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Nov 28 18:30:01 UTC 2009
>Closed-Date:    Tue Apr 27 20:07:43 UTC 2010
>Last-Modified:  Tue Apr 27 20:07:43 UTC 2010
>Originator:     Tarick
>Release:        8.0
>Organization:
home
>Environment:
FreeBSD home 8.0-STABLE FreeBSD 8.0-STABLE #3: Fri Nov 27 11:00:19 EET 2009     root@home:/usr/obj/usr/src/sys/KLH  amd64
Also, using 8.0-RELEASE-amd64-livefs.iso produces the same panic.
>Description:
Booting 8.0-stable and from the 8.0 livefs CD produces kernel panic with trace:
___________________________________________________________________
--skipped--
acpi_lid0: <Control Method Lid Switch> on acpi0
acpi_acad0: <AC Adapter> on acpi0

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault viftual address = 0x40
fault code            = supervisor read data, page not present
instruction pointer   = 0x20:0xffffffff001ccfa0
stack pointer         = 0x20:0xffffffff00c6f070
frame pointer         = 0x20:0xffffffff00c6f0a0
code segment          = base 0x0, limit 0xffffff, type 0x1b
                      = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags      = interrupt enabled, resume, IOPL=0
current process       = 0 (swapper)
trap number           = 12
panic:  page fault
cpuid = 0
Uptime: 1s
Automatic reboot <skipped>
______________________________________________________________________

The system is Dell Inspiron 1501, latest BIOS 2.6.3. FreeBSD was upgraded from working previously 7.2 with ACPI.

Disabling ACPI during the boot helps, and later I was able to isolate the problem to "ec" sub-device (debug.acpi.disabled="ec")
>How-To-Repeat:
Boot with FreeBSD 8.0 CD with ACPI enabled on Dell Inspiron 1501. Don't have another one to verify though.
>Fix:
Put into /boot/loader.conf:
debug.acpi.disabled="ec"

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-acpi 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat Nov 28 20:21:14 UTC 2009 
Responsible-Changed-Why:  
looks like this is ACPI-related. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=140979 

From: Andriy Gapon <avg@icyb.net.ua>
To: bug-followup@FreeBSD.org, tungan@ukr.net
Cc:  
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Mon, 30 Nov 2009 15:57:23 +0200

 Could you please reproduce this with debug enabled?
 E.g.:
 http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html
 
 Without a backtrace it's hard to see where the problem is.
 
 -- 
 Andriy Gapon

From: "Grv" <tungan@ukr.net>
To: Andriy Gapon <avg@icyb.net.ua>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
  fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Mon, 30 Nov 2009 21:45:55 +0200

 This is a multi-part message in MIME format.
 
 --_----------=_12596103552180413
 MIME-Version: 1.0
 Content-Disposition: inline
 Content-Transfer-Encoding: 8bit
 Content-Type: text/plain; charset="windows-1251"
 
 Unfortunately I can't save core dump despite configured debugging  
 settings, system just doesn't see it in swap, probably because the crash  
 occurs before swap is configured.  
 What other options do I have?  
   
 --- Original Message ---  
 From: Andriy Gapon <avg@icyb.net.ua>  
 To: bug-followup@FreeBSD.org, tungan@ukr.net  
 Date: 30 november, 15:57:23  
 Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device  
   
   Could you please reproduce this with debug enabled?  
 E.g.:  
 http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html  
   
 Without a backtrace it's hard to see where the problem is.  
   
 --  
 Andriy Gapon  
   
 
 --_----------=_12596103552180413
 Content-Disposition: inline
 Content-Transfer-Encoding: 8bit
 Content-Type: text/html; charset="windows-1251"
 
 <html>
 <body>
 <div style='font: 12pt sans-serif;'>
   
     
   
   Unfortunately I can't save core dump despite configured debugging
   <br />settings, system just doesn't see it in swap, probably because the crash
   <br />occurs before swap is configured.
   <br />What other options do I have?
   <br />
   <br />--- Original Message ---
   <br />From: Andriy Gapon &lt;avg@icyb.net.ua&gt;
   <br />To: bug-followup@FreeBSD.org, tungan@ukr.net
   <br />Date: 30 november, 15:57:23
   <br />Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
   <br />
   <br />
   <blockquote class="ukr_editor_quotation" style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;">Could you please reproduce this with debug enabled?
   <br />E.g.:
   <br />http://www.freebsd.org/doc/en/books/developers-handbook/kerneldebug.html
   <br />
   <br />Without a backtrace it's hard to see where the problem is.
   <br />
   <br />--
   <br />Andriy Gapon
   <br />
   <br /></blockquote>
 
 
 </div></body>
 </html>
 --_----------=_12596103552180413--
 

From: Andriy Gapon <avg@icyb.net.ua>
To: Tarick <tungan@ukr.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Tue, 01 Dec 2009 15:48:38 +0200

 on 30/11/2009 21:38 Tarick said the following:
 > Unfortunately I can't save core dump despite configured debugging
 > settings, system just doesn't see it in swap, probably because the crash
 > occurs before swap is configured.
 > What other options do I have?
 
 Could you please boot with ec disabled (via the hint) and do the following?
 
 In shell:
 $ kgdb /boot/kernel/kernel /dev/mem
 In kgdb:
 (kgdb) info line *0xffffffff001ccfa0
 
 And send back the output of the last command.
 Thanks.
 
 -- 
 Andriy Gapon

From: Tarick <tungan@ukr.net>
To: Andriy Gapon <avg@icyb.net.ua>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
Date: Tue, 01 Dec 2009 21:39:09 +0200

 Sure, as I understand this means booting with debug.acpi.disabled="ec"
 line in /boot/loader.conf. I use this setting constantly right now.
 But I recompiled kernel recently, and the instruction pointer address
 changed to 0xffffffff801bfe20. Here is result with this address, I hope
 this will help:
 _______________________________________________________________
 ~# kgdb /boot/kernel/kernel /dev/mem
 GNU gdb 6.1.1 [FreeBSD]
 Copyright 2004 Free Software Foundation, Inc.
 GDB is free software, covered by the GNU General Public License, and you
 are
 welcome to change it and/or distribute copies of it under certain
 conditions.
 Type "show copying" to see the conditions.
 There is absolutely no warranty for GDB.  Type "show warranty" for
 details.
 This GDB was configured as "amd64-marcel-freebsd"...
 Reading symbols from /boot/kernel/sem.ko...Reading symbols
 from /boot/kernel/sem.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/sem.ko
 Reading symbols from /usr/local/lib/oss/modules/osscore.ko...done.
 Loaded symbols for /usr/local/lib/oss/modules/osscore.ko
 Reading symbols from /usr/local/lib/oss/modules/oss_hdaudio.ko...done.
 Loaded symbols for /usr/local/lib/oss/modules/oss_hdaudio.ko
 Reading symbols from /usr/local/modules/rtc.ko...done.
 Loaded symbols for /usr/local/modules/rtc.ko
 Reading symbols from /boot/kernel/ng_pppoe.ko...Reading symbols
 from /boot/kernel/ng_pppoe.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/ng_pppoe.ko
 #0  sched_switch (td=0xffffffff80962140, newtd=Variable "newtd" is not
 available.
 ) at /usr/src/sys/kern/sched_ule.c:1864
 1864			cpuid = PCPU_GET(cpuid);
 
 (kgdb) info line *0xffffffff801bfe20
 Line 538 of "/usr/src/sys/contrib/dev/acpica/executer/exmutex.c"
    starts at address 0xffffffff801bfe20 <AcpiExReleaseMutex+544> and
 ends at 0xffffffff801bfe25 <AcpiExReleaseMutex+549>.
 (kgdb) 
 __________________________________________________________
 
 -----Original Message-----
 From: Andriy Gapon <avg@icyb.net.ua>
 To: Tarick <tungan@ukr.net>
 Cc: bug-followup@FreeBSD.org
 Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12:
 page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
 Date: Tue, 01 Dec 2009 15:48:38 +0200
 
 on 30/11/2009 21:38 Tarick said the following:
 > Unfortunately I can't save core dump despite configured debugging
 > settings, system just doesn't see it in swap, probably because the crash
 > occurs before swap is configured.
 > What other options do I have?
 
 Could you please boot with ec disabled (via the hint) and do the following?
 
 In shell:
 $ kgdb /boot/kernel/kernel /dev/mem
 In kgdb:
 (kgdb) info line *0xffffffff001ccfa0
 
 And send back the output of the last command.
 Thanks.
 
 
 

From: Andriy Gapon <avg@icyb.net.ua>
To: Tarick <tungan@ukr.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Wed, 02 Dec 2009 08:39:02 +0200

 on 01/12/2009 21:39 Tarick said the following:
 > Sure, as I understand this means booting with debug.acpi.disabled="ec"
 > line in /boot/loader.conf. I use this setting constantly right now.
 > But I recompiled kernel recently, and the instruction pointer address
 > changed to 0xffffffff801bfe20. Here is result with this address, I hope
 > this will help:
 [snip]
 > (kgdb) info line *0xffffffff801bfe20
 > Line 538 of "/usr/src/sys/contrib/dev/acpica/executer/exmutex.c"
 >    starts at address 0xffffffff801bfe20 <AcpiExReleaseMutex+544> and
 > ends at 0xffffffff801bfe25 <AcpiExReleaseMutex+549>.
 
 So this points us to AcpiExReleaseMutex.
 One possible control flow chain is AcpiExReleaseMutex <- AcpiReleaseGlobalLock
 <- EcUnlock.  But it's still not clear what could be wrong.
 
 Would it be possible to recompile your kernel with the following options,
 reproduce the panic and report full panic message?
 
 makeoptions	DEBUG="-O -g"
 options 	DDB
 options 	DDB_NUMSYM
 options 	KDB
 options 	KDB_TRACE
 
 This should enable printing of stack trace on panic.
 Thanks!
 
 -- 
 Andriy Gapon

From: Tarick <tungan@ukr.net>
To: Andriy Gapon <avg@icyb.net.ua>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
Date: Wed, 02 Dec 2009 19:57:53 +0200

 Done, common panic message, but last line:
 
 [thread pid 0 tid 100000 ]
 Stopped at 0xffffffff801c95a8 = AcpiExReleaseMutex+0x218: movzbi 0x40(%
 rax), %r14d
 db>
 
 If more data are needed from debugger, please tell me so, but I may end
 up sending you movies or jpg.
 
 -----Original Message-----
 From: Andriy Gapon <avg@icyb.net.ua>
 To: Tarick <tungan@ukr.net>
 Cc: bug-followup@FreeBSD.org
 Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12:
 page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
 Date: Wed, 02 Dec 2009 08:39:02 +0200
 <cut>
 So this points us to AcpiExReleaseMutex.
 One possible control flow chain is AcpiExReleaseMutex <- AcpiReleaseGlobalLock
 <- EcUnlock.  But it's still not clear what could be wrong.
 
 Would it be possible to recompile your kernel with the following options,
 reproduce the panic and report full panic message?
 
 makeoptions	DEBUG="-O -g"
 options 	DDB
 options 	DDB_NUMSYM
 options 	KDB
 options 	KDB_TRACE
 
 This should enable printing of stack trace on panic.
 Thanks!
 
 

From: Andriy Gapon <avg@icyb.net.ua>
To: Tarick <tungan@ukr.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Wed, 02 Dec 2009 20:07:17 +0200

 on 02/12/2009 19:57 Tarick said the following:
 > Done, common panic message, but last line:
 > 
 > [thread pid 0 tid 100000 ]
 > Stopped at 0xffffffff801c95a8 = AcpiExReleaseMutex+0x218: movzbi 0x40(%
 > rax), %r14d
 > db>
 > 
 > If more data are needed from debugger, please tell me so, but I may end
 > up sending you movies or jpg.
 
 Let's start with 'bt' command.
 
 -- 
 Andriy Gapon
Responsible-Changed-From-To: freebsd-acpi->avg 
Responsible-Changed-By: avg 
Responsible-Changed-When: Tue Feb 2 11:55:57 UTC 2010 
Responsible-Changed-Why:  
I will take this as I've been working on thise issue. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=140979 
State-Changed-From-To: open->analyzed 
State-Changed-By: avg 
State-Changed-When: Tue Feb 2 13:47:15 UTC 2010 
State-Changed-Why:  
Root cause of this issue has been determined by upstream vendor, 
ACPICA, and a fix for it should be included in the next 
release. 
We will get it after importing the next vendor release. 
Many thanks to originator for providing debugging and testing. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=140979 
State-Changed-From-To: analyzed->patched  
State-Changed-By: brucec 
State-Changed-When: Mon Mar 8 19:41:16 UTC 2010 
State-Changed-Why:  
The 201002 9-CURRENT livecd still had the problem, but it has been fixed in the 
20100308 snapshot from http://pub.allbsd.org/FreeBSD-snapshots/ which contains 
ACPICA 20100304. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=140979 

From: Andriy Gapon <avg@freebsd.org>
To: bug-followup@freebsd.org, tungan@ukr.net
Cc:  
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Tue, 27 Apr 2010 12:50:26 +0300

 ACPICA 20100331 has been merged to stable/8.
 Will the original submitter be able to test if the issue is fixed now, please?
 Thanks!
 -- 
 Andriy Gapon

From: Tarick <tungan@ukr.net>
To: Andriy Gapon <avg@freebsd.org>
Cc: bug-followup@freebsd.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
Date: Tue, 27 Apr 2010 22:10:18 +0300

 Updated kernel to the latest stable and booted just fine.
 
 -----Original Message-----
 From: Andriy Gapon <avg@freebsd.org>
 To: bug-followup@freebsd.org, tungan@ukr.net
 Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12:
 page fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec"
 sub-device
 Date: Tue, 27 Apr 2010 12:50:26 +0300
 
 ACPICA 20100331 has been merged to stable/8.
 Will the original submitter be able to test if the issue is fixed now, please?
 Thanks!
 
 

From: Andriy Gapon <avg@freebsd.org>
To: Tarick <tungan@ukr.net>
Cc: bug-followup@freebsd.org
Subject: Re: kern/140979: [acpi] [panic] Kernel panic (fatal trap 12: page
 fault when in kernel mode) on FreeBSD 8.0 with ACPI because of "ec" sub-device
Date: Tue, 27 Apr 2010 22:38:20 +0300

 on 27/04/2010 22:10 Tarick said the following:
 > Updated kernel to the latest stable and booted just fine.
 
 Thank you!
 
 -- 
 Andriy Gapon
State-Changed-From-To: patched->closed 
State-Changed-By: avg 
State-Changed-When: Tue Apr 27 20:06:20 UTC 2010 
State-Changed-Why:  
ACPICA version with fix has been MFCed to stable/8 now. 
ACPI in stable/7 is 'frozen'. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=140979 
>Unformatted:
