Trying to boot FreeBSD 10.1-RELEASE guest on a Linux KVM host, using libvirt and virt-manager, ends in a kernel panic while attaching keyboard. atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0 atkbd0: <AT Keyboard> irq 1 on atkbdc0 atkbd: the current kbd controller command byte 0061 atkbd: keyboard ID 0x41ab (2) kbdc: RESET_KBD return code:00fa kbdc: RESET_KBD status:00aa kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xfffffe002bf4d000 fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff80e0b591 stack pointer = 0x28:0xffffffff8195b6c0 frame pointer = 0x28:0xffffffff8195b6d0 code segment = base rx0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = resume, IOPL = 0 current process = 0 (swapper) trap number = 12 panic: page fault cpuid = 0 KDB: stack backtrace: #0 0xffffffff80963000 at kdb_backtrace+0x60 #1 0xffffffff80928125 at panic+0x155 #2 0xffffffff80d24f1f at trap_fatal+0x38f #3 0xffffffff80d25238 at trap_pfault+0x308 #4 0xffffffff80d2489a at trap+0x47a #5 0xffffffff80d0a782 at calltrap+0x8 #6 0xffffffff80e0d19b at x86emu_exec_one_byte+0x19eb #7 0xffffffff80e0b748 at x86emu_exec+0x28 #8 0xffffffff80e0ac35 at x86bios_intr+0xc5 #9 0xffffffff80d375f5 at get_typematic+0x55 #10 0xffffffff80d36bad at atkbd_init+0x33d #11 0xffffffff80d365df at atkbd_attach_unit+0x8f #12 0xffffffff80d37e8b at atkbdattach+0x4b #13 0xffffffff80959fc5 at device_attach+0x3a5 #14 0xffffffff8095b0cd at bus_generic_attach+0x2d #15 0xffffffff80d39ffc at atkbdc_isa_attach+0x17c #16 0xffffffff80959fc5 at device_attach+0x3a5 #17 0xffffffff8095b0cd at bus_generic_attach+0x2d Uptime: 1s Automatic reboot in 15 seconds - press a key on the console to abort This issue doesn't happen in FreeBSD 9.3-RELEASE. How-To-Repeat: Try to Install a FreeBSD 10.1-RELEASE guest on a Linux KVM host with virt-manager with default hardware configuration. More information attached:
Created attachment 159578 [details] qemu command line
Created attachment 159579 [details] Entire boot log
Created attachment 159580 [details] libvirt VM configuration
Created attachment 159581 [details] Software versions information
Created attachment 159582 [details] CPU info log
I'm also affected by this bug! I'm running Debian Unstable x86_64, QEMU is version 2.4.0 (Debian 1:2.4+dfsg-4). I can say that the bug was NOT present in QEMU 2.1 (Debian 1:2.1+dfsg-11) with the exactly SAME FreeBSD 10.1 setup (I was testing it in May). Does anyone know about some kind of workaround for this issue?
P.S: I've reproduced that bug simply by downloading FreeBSD 10.1 virtual machine image and trying to start it under qemu-kvm. The same bug does not reproduce with FreeBSD 10.2 though.
Is it still possible to verify if this is still happening on 12 or even 13?
Yes. I’m running Debian 11 and just downloaded the amd64 qcow2 virtual machine image of FreeBSD 13.0 and am getting the same page fault when using the QEMU option -cpu host. My CPU is an AMD Ryzen 9 5950X. Does not work: qemu-system-x86_64 -enable-kvm -cpu host -m 2048 -hda FreeBSD-13.0-RELEASE-amd64.qcow2 Does work: qemu-system-x86_64 -enable-kvm -m 2048 -hda FreeBSD-13.0-RELEASE-amd64.qcow2
Sorry, this seems to be a different page fault that I’m getting: Starting syslogd. Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xfffffe00515890c0 fault code = supervisor write data, page not present instruction pointer = 0x20:0xffffffff81086d0d stack pointer = 0x28:0xfffffe0051587850 frame pointer = 0x28:0xfffffe0051587850 code segment = base rx0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 634 (syslogd) trap number = 12 panic: page fault cpuid = 0 time = 1627505689 KDB: stack backtrace: #0 0xffffffff80c57345 at kdb_backtrace+0x65 #1 0xffffffff80c09d21 at vpanic+0x181 #2 0xffffffff80c09b93 at panic+0x43 #3 0xffffffff8108b187 at trap_fatal+0x387 #4 0xffffffff8108b1df at trap_pfault+0x4f #5 0xffffffff8108a83d at trap+0x27d #6 0xffffffff810617a8 at calltrap+0x8 #7 0xffffffff81064e71 at fpugetregs+0x171 #8 0xffffffff810686ec at sendsig+0x16c #9 0xffffffff80c0f527 at postsig+0x1a7 #10 0xffffffff80c6dfa7 at ast+0x307 #11 0xffffffff810641b9 at doreti_ast+0x1f
Keyword: crash – in lieu of summary line prefix: [panic] * bulk change for the keyword * summary lines may be edited manually (not in bulk). Keyword descriptions and search interface: <https://bugs.freebsd.org/bugzilla/describekeywords.cgi>